Pc bloqué

Bonjour,
En mode sans échec malware et avira bloqués.
Dr web bloque.
Avira rescue cd effectué mais je ne parviens pas à copier le rapport.
Salutations

Effectivement cela fonctionne.rappoert RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Administrateur at 2009-07-09 22:40:07
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 137 GB (59%) free of 232 GB
Total RAM: 1022 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:40:45, on 9/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\USBStorage\USBDetector.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Belgacom\bin\sprtsvc.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\RSIT.exe
C:\Program Files\trend micro\HP_Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yoower.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Service Scheduler2 Acronis] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - S-1-5-18 Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Default user')
O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Assistant de traduction IdiomaX.lnk = C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe

je n''ai pas formaté

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.30 (Activated)
Firewall : Outpost Firewall Pro 6.5.5 (Activated)
C:\ (Local Disk) - NTFS - Total:226 Go (Free:133 Go)
D:\ (Local Disk) - NTFS - Total:232 Go (Free:17 Go)
E:\ (Local Disk) - FAT32 - Total:6 Go (Free:0 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( jeu. 09/07/2009|23:14 )

-----------\\ SUPPRESSION

Supprime! - [Service] ASKUpgrade
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\PopSwatter
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_Astroburn.xml
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\DAEMON Tools Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(HP_Administrateur) - {4BBDD651-70CF-4821-84F8-2B918CF89CA3} => febe

(HP_Administrateur.BOON) - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} => flashgot
(HP_Administrateur.BOON) - {53c4d698-0a74-873e-7946-7d19bb035667} => boox
(HP_Administrateur.BOON) - {5546F97E-11A5-46b0-9082-32AD74AAA920} => informenter
(HP_Administrateur.BOON) - {cb84136f-9c44-433a-9048-c5cd9df1dc16} => bdtoolbar
(HP_Administrateur.BOON) - {D419DABB-C0EA-4168-BFD7-637C7BF90D0A} => password

(HP_Administrateur.HENRI) - {4BBDD651-70CF-4821-84F8-2B918CF89CA3} => febe
(HP_Administrateur.HENRI) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
(HP_Administrateur.HENRI) - {4BBDD651-70CF-4821-84F8-2B918CF89CA3} => febe


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.yoower.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://ie.redirect.hp.com/..."
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"
"Search Bar"="http://ie.redirect.hp.com/..."


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - jeu. 09/07/2009|23:20 - Option : [2]

-----------\\ Fin du rapport a 23:20:37,40

Bonjour,
Parfait : problèmes résolus.
Encore mille fois bien merci.
très sincères salutations.
Resbel

bonjour,
J'ai refait superantispyware qui n'a rien trouvé.
Bitdefender stoppé après 467254 fichiers,pointeur de souris zigzazuant dans tous les sens et ensuite écran bleu avec avertissement kernel_inkpage_error.
CHKDSK/F/E = nombreux clusters endommagé et donc remplacés?
Finalement ne faut il pas remplacer le disque dur et si oui quel type?
Salutations

Scans imposibles.
écran bleu avec à nouveau Kernel_inpage_error etc.
salutations

Bonsoir,
je vais faire memtest.
Erreur system 6/6/2009 20.20
catégorie 102
événement 1003
utillisateur N/A
orddinateur HENRI

Memtest : Pass complete no errors
Je ne lance jamais de jeux ou logiciels d'animation.
Salutations

bonjour,
premier message :
les fichiers nécessaires au fonctionnement de W doivent être copiés dans le dossier DLL cahe.Veuillez insérer votre CDdu service pack 3 pour Win.Le CD que vous avez n'est pas le bon.Effectivement je n'ai que le CD Win XP pro (pack1)en tout légalité d'un premier ordinateur remplacé par celui ci avec Win XP media center d'origine (sans disquette).
deuxième message :
les fichiers nécessaires au fonctionnement de W ont été remplacés par des fichiers d'une version non reconnu.Pour maintenir la stabilité du système W doit restaurer la version originale de ces fichiers.Insérez votre disquette WXP pro CD2.que je n'ai pas.....et pour caue ci-dessus.
P.S.impossibles d'enlever ( ctrl + del) le message de protection des fichiers qui me dit constamment de recommencer( Insérez votre disquette WXP pro CD2).

Salutations,

Ne puis je pas installer comme nouvelle version Win à savoir WXPpro dont j'ai le CD ?Et perds t on les données?
J'ai fait restore Z qui me dit que les fichiers ont été restaurés?????
Salutations,

Et si je tape F10=system recovery ou au démarrage récupération ?Vais je retrouver WXPmedia center?ou comment?
Merci de toutes ces informations et salutations

bonjour,
J'ai donc fait F10=system recovery.
Tout n'a pas été effacé mais l'ordi fonctionne plus vite.
Avec Malware l'écran devient noire et le PC redémarre normalement.
Ci-joint le rapport d'avira qui s'est arrété après 27 minutes :
Avira AntiVir Personal
Report file date: mercredi 10 juin 2009 18:21

Scanning for 1462412 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : HENRI

Version information:
BUILD.DAT : 9.0.0.403 17961 Bytes 3/06/2009 17:05:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 10/06/2009 16:11:40
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26
ANTIVIR2.VDF : 7.1.4.38 2692096 Bytes 29/05/2009 16:11:39
ANTIVIR3.VDF : 7.1.4.82 321024 Bytes 10/06/2009 16:11:39
Engineversion : 8.2.0.183
AEVDF.DLL : 8.1.1.1 106868 Bytes 10/06/2009 16:11:39
AESCRIPT.DLL : 8.1.2.0 389497 Bytes 10/06/2009 16:11:39
AESCN.DLL : 8.1.2.3 127347 Bytes 10/06/2009 16:11:39
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41
AEPACK.DLL : 8.1.3.18 401783 Bytes 10/06/2009 16:11:39
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:56
AEHEUR.DLL : 8.1.0.129 1761655 Bytes 10/06/2009 16:11:39
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:56
AEGEN.DLL : 8.1.1.45 348532 Bytes 10/06/2009 16:11:39
AEEMU.DLL : 8.1.0.9 393588 Bytes 9/10/2008 13:32:40
AECORE.DLL : 8.1.6.12 180599 Bytes 10/06/2009 16:11:39
AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 5/12/2008 09:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 10/06/2009 16:11:39
RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/04/2009 09:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, M:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: mercredi 10 juin 2009 18:21

Starting search for hidden objects.
'156505' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'softinfo.exe' - '1' Module(s) have been scanned
Scan process 'fdm.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'SNDSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'TrasWord.exe' - '1' Module(s) have been scanned
Scan process 'robotaskbaricon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'ccApp.exe' - '1' Module(s) have been scanned
Scan process 'DMAScheduler.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'ELService.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'navapsvc.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ccProxy.exe' - '1' Module(s) have been scanned
Scan process 'ccEvtMgr.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'ccSetMgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
51 processes with 51 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
Master boot sector HD5
[INFO] No virus was found!
Master boot sector HD6
[INFO] No virus was found!
Master boot sector HD7
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'M:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '71' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\HP_Administrateur\Bureau\SmitfraudFix.exe.XXX
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program

Beginning disinfection:
C:\Documents and Settings\HP_Administrateur\Bureau\SmitfraudFix.exe.XXX
[NOTE] The file was moved to '4a98e467.qua'!


End of the scan: mercredi 10 juin 2009 18:48
Used time: 27:35 Minute(s)

The scan has been canceled!

4625 Scanned directories
257594 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
257590 Files not concerned
4600 Archives were scanned
2 Warnings
3 Notes
156505 Objects were scanned with rootkit scan
0 Hidden objects were found
EN QUARANTAINE :
contains recognition patterns of the SPR/tools.Hardoff source C/doc....Smitfraudfix.exe
contains recognition patterns of the SPR/PSW.netpass source c/program files /IE...iepv.exe.....
contains recognition patterns of the SPR/tools.Hardoff source /doc.. restart

Salutations

Bonjour,
l'ordi fonctionne apparemment mieux mais toujours impossible de scanner avec avira ou malware.Après un certain temps freezing.Que faire?formater,nouveau disquz,quid?????
Salutations

Bonjour,
l'écran a changé
Ci dessous le rapport combofix :
ComboFix 09-06-12.02 - HP_Administrateur 13/06/2009 8:35.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.32.1036.18.1022.531 [GMT 2:00]
Lancé depuis: c:\documents and settings\HP_Administrateur.HENRI\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Outpost Firewall Pro *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-13 au 2009-06-13 ))))))))))))))))))))))))))))))))))))
.

2009-06-13 05:55 . 2006-05-16 06:25 77824 ----a-r- c:\windows\system32\hpzids01.dll
2009-06-13 05:55 . 2006-06-03 19:29 48128 ----a-w- c:\windows\system32\hpz3l4pi.dll
2009-06-13 05:14 . 2009-06-13 05:46 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Image Zone Express
2009-06-13 04:58 . 2009-06-13 04:58 -------- d-s---w- c:\documents and settings\HP_Administrateur.HENRI\UserData
2009-06-11 18:17 . 2008-07-16 14:05 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-06-11 18:17 . 2009-06-11 18:17 2517528 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\INF_allOS_9.0.0.1011_PV.exe
2009-06-11 18:16 . 2003-04-03 16:57 5183 ----a-w- c:\windows\system32\drivers\usbu2a.sys
2009-06-11 18:14 . 2009-06-11 18:14 -------- d-----w- c:\windows\system32\LogFiles
2009-06-11 17:58 . 2009-06-11 17:58 -------- d-----w- c:\documents and settings\HP_ADM~1~HEN\LOCALS~1
2009-06-11 17:58 . 2009-06-11 17:58 -------- d-----w- c:\documents and settings\HP_ADM~1~HEN
2009-06-11 17:54 . 2009-06-11 17:58 29966043 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\WDM_R225.exe
2009-06-11 17:54 . 2008-09-01 08:18 1564544 ----a-w- c:\windows\system32\drivers\VMHybr64.sys
2009-06-11 17:54 . 2008-09-01 08:05 1060224 ----a-w- c:\windows\system32\drivers\VMHybrid.sys
2009-06-11 16:39 . 2009-06-11 18:25 24469075 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\lanintel_pronwo10gbewxpvst32.exe
2009-06-11 16:38 . 2009-06-11 18:14 -------- d-----w- c:\program files\ATI
2009-06-11 16:17 . 2009-06-11 16:17 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\PC_Drivers_Headquarters
2009-06-11 15:53 . 2009-06-11 15:53 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\Identities
2009-06-11 15:53 . 2009-06-11 15:53 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Windows Desktop Search
2009-06-11 15:53 . 2009-06-11 15:53 -------- d-----w- c:\windows\system32\fr-FR
2009-06-11 15:53 . 2009-06-11 15:53 -------- d-----w- c:\windows\system32\GroupPolicy
2009-06-11 15:17 . 2009-02-25 13:15 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-06-11 14:39 . 2009-06-09 12:18 575488 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Mozilla\Firefox\Profiles\dgqc0dnt.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2009-06-11 14:24 . 2009-06-11 14:31 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\RegTool
2009-06-11 12:30 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-11 12:29 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-11 12:23 . 2009-06-11 12:23 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\AutoBackup
2009-06-11 12:22 . 2009-06-13 05:32 1753616 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Thunderbird\Profiles\svwpsky0.default\Mail\Local Folders\Inbox.sbd\TELECHARGER.COM
2009-06-11 12:22 . 2009-04-30 21:08 575488 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Mozilla\Profiles\dgqc0dnt.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2009-06-11 12:22 . 2008-12-03 23:25 120832 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Mozilla\Profiles\dgqc0dnt.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll
2009-06-11 12:22 . 2009-06-11 12:22 -------- d-----w- C:\Wallpaper
2009-06-11 11:34 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\drivers\bthport.sys
2009-06-11 11:34 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\dllcache\bthport.sys
2009-06-11 11:33 . 2009-02-09 11:50 2017792 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-06-11 11:33 . 2009-02-09 11:50 2059776 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-06-11 11:33 . 2009-02-09 11:50 2182528 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-06-11 11:33 . 2009-02-09 11:50 2138112 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-06-11 11:29 . 2008-10-24 11:10 453632 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2009-06-10 22:27 . 2009-06-10 22:27 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\HPQ
2009-06-10 22:23 . 2009-06-10 22:23 -------- d-----w- c:\program files\7-Zip
2009-06-10 22:21 . 2009-06-10 22:29 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\uTorrent
2009-06-10 22:21 . 2009-06-10 22:21 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Logitech
2009-06-10 22:20 . 2008-12-18 22:43 10384 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2009-06-10 22:19 . 2008-11-07 14:37 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2009-06-10 22:19 . 2008-11-07 14:38 84496 ----a-w- c:\windows\system32\KemXML.dll
2009-06-10 22:19 . 2008-11-07 14:38 117264 ----a-w- c:\windows\system32\KemWnd.dll
2009-06-10 22:19 . 2008-11-07 14:38 145936 ----a-w- c:\windows\system32\KemUtil.dll
2009-06-10 22:19 . 2008-11-07 14:38 170512 ----a-w- c:\windows\system32\kemutb.dll
2009-06-10 22:04 . 2009-06-10 22:04 -------- d-----w- c:\documents and settings\LocalService\Bureau
2009-06-10 22:04 . 2009-06-10 22:04 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\SupportSoft
2009-06-10 22:02 . 2008-12-24 15:24 703904 ----a-w- c:\windows\system32\drivers\SandBox.sys
2009-06-10 22:02 . 2008-12-17 09:07 257176 ----a-w- c:\windows\system32\drivers\afwcore.sys
2009-06-10 22:02 . 2008-06-20 07:45 30864 ----a-w- c:\windows\system32\drivers\afw.sys
2009-06-10 22:01 . 2009-06-11 11:28 -------- d-----w- c:\windows\system32\Filt
2009-06-10 22:00 . 2009-06-10 22:02 -------- d-----w- C:\Belgacom.msi.2.1
2009-06-10 21:57 . 2004-06-14 12:56 427864 ----a-w- c:\windows\system32\XceedZip.dll
2009-06-10 21:53 . 2009-06-10 21:53 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Apple Computer
2009-06-10 21:53 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-06-10 21:53 . 2008-04-17 11:12 15464 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-10 21:52 . 2009-06-10 21:52 -------- d-----w- c:\program files\iPod
2009-06-10 21:52 . 2009-06-10 21:53 -------- d-----w- c:\program files\iTunes
2009-06-10 21:51 . 2009-06-10 21:51 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\Apple
2009-06-10 21:51 . 2009-06-10 21:53 -------- dc----w- c:\windows\system32\DRVSTORE
2009-06-10 21:50 . 2009-06-10 21:53 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\Apple Computer
2009-06-10 16:19 . 2009-06-13 06:42 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Free Download Manager
2009-06-10 16:07 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-10 16:07 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-10 16:07 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-06-10 16:07 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-06-10 16:06 . 2009-06-10 16:06 -------- d-----w- c:\program files\Avira
2009-06-10 15:45 . 2009-06-12 21:37 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\Adobe
2009-06-10 15:39 . 2009-06-13 06:31 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Software Informer
2009-06-10 14:45 . 2008-12-03 23:25 120832 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Mozilla\Firefox\Profiles\dgqc0dnt.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll
2009-06-10 06:36 . 2009-06-10 06:37 -------- d-----w- C:\I386
2009-06-10 06:23 . 2009-06-13 05:55 -------- d-sh--r- c:\windows\system32\dllcache
2009-06-10 06:23 . 2009-06-10 06:36 -------- d-----r- c:\windows\system32\config\systemprofile\Menu Démarrer
2009-06-09 22:02 . 2009-06-11 16:17 31176 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-09 22:02 . 2009-06-09 22:07 146 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\fusioncache.dat
2009-06-09 21:58 . 2009-06-01 08:58 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Malwarebytes
2009-06-09 21:56 . 2009-06-01 04:47 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2009-06-09 21:49 . 2004-08-03 22:54 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-06-09 21:49 . 2001-08-23 15:04 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-06-09 21:49 . 2001-08-23 15:04 12288 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2009-06-09 21:49 . 2004-08-03 22:45 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-06-09 21:49 . 2004-08-03 22:45 14848 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-06-09 21:49 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-06-09 21:48 . 2004-08-03 21:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-06-09 21:48 . 2004-08-03 21:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-06-09 20:58 . 2009-06-12 21:55 -------- d-----w- C:\Downloads
2009-06-09 15:57 . 2009-06-09 15:57 -------- d-----w- c:\program files\MozBackup
2009-06-09 14:29 . 2009-06-09 14:29 -------- d-----w- c:\program files\2BrightSparks
2009-06-07 13:43 . 2009-06-07 13:43 -------- d-----w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\PCHealth
2009-06-07 07:37 . 2009-06-07 07:42 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-07 07:34 . 2008-12-03 23:25 120832 ----a-w- c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\dgqc0dnt.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll
2009-06-06 15:24 . 2009-06-06 15:26 152576 ----a-w- c:\documents and settings\HP_Administrateur\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-04 15:24 . 2009-06-04 15:43 -------- d-----w- c:\program files\SpeedFan
2009-06-02 20:23 . 2009-06-07 07:34 -------- d-----w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\LastPass
2009-06-02 20:23 . 2009-04-30 21:08 575488 ----a-w- c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\dgqc0dnt.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2009-06-02 18:24 . 2009-06-02 18:24 -------- d-----w- c:\documents and settings\All Users\Application Data\HanDBase4
2009-06-02 12:16 . 2009-06-02 12:16 -------- d-----w- C:\rsit
2009-06-01 15:04 . 2009-06-01 15:09 -------- d-----w- C:\Avira rescue system update
2009-06-01 08:58 . 2009-06-01 08:58 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-06-01 07:07 . 2009-06-01 07:07 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Malwarebytes
2009-06-01 07:07 . 2009-06-11 12:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-01 07:07 . 2009-06-01 07:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-01 04:47 . 2009-06-01 04:47 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
2009-05-30 17:05 . 2009-05-30 17:05 -------- d-----w- c:\program files\xp-AntiSpy
2009-05-30 08:59 . 2009-04-13 20:10 264704 ------w- c:\documents and settings\HP_Administrateur\Application Data\OfficeUpdate12\oudetect.dll
2009-05-30 08:58 . 2009-05-30 09:23 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\OfficeUpdate12
2009-05-28 15:44 . 2009-06-11 18:06 41116951 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\setpoint310.exe
2009-05-28 15:10 . 2009-06-11 18:28 906365 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\chpwim2210wxp.exe
2009-05-27 18:36 . 2009-06-11 16:43 -------- d-----w- C:\Medion
2009-05-27 18:35 . 2009-05-27 18:42 905433 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\chpwim2140_2170wxp.exe
2009-05-26 17:34 . 2009-05-26 17:34 -------- d-----w- c:\program files\Unibrain
2009-05-26 17:33 . 2009-05-26 17:33 -------- d-----w- c:\program files\Intel Desktop Board
2009-05-26 17:32 . 2009-06-11 18:21 7357546 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\1394B_XP2K_32_4.0.1.EXE
2009-05-26 17:29 . 2009-05-26 17:36 -------- d-----w- C:\HP LJ P4010 Series Printer
2009-05-26 17:24 . 2009-06-11 18:16 -------- d-----w- C:\USBStorage
2009-05-26 17:18 . 2009-05-26 17:22 29950768 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\WDM_R223.exe
2009-05-25 14:48 . 2009-05-25 14:48 -------- d-----w- C:\IntelPRO
2009-05-25 14:20 . 2009-05-25 14:41 24866536 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\VideoNet_2008_12.exe
2009-05-25 14:03 . 2009-05-28 15:37 15117544 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\HP_LJ_P4010_PCL6_32Bit.exe
2009-05-25 14:03 . 2009-06-11 16:24 15003136 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\HP_LJ_P4010_PCL6_64Bit.exe
2009-05-25 14:03 . 2009-06-11 18:16 918745 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\DX-ECDRW100_Drivers.exe
2009-05-25 14:03 . 2009-06-11 17:53 3347908 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\VMHybrid_1.3.7.8.exe
2009-05-25 13:44 . 2009-05-25 13:44 -------- d-----w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\PC_Drivers_Headquarters

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-13 06:19 . 2009-02-15 22:29 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-13 05:31 . 2009-02-15 21:43 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-06-13 05:16 . 2006-09-15 20:05 -------- d-----w- c:\program files\Hewlett-Packard
2009-06-12 22:05 . 2008-11-07 17:10 -------- d-----w- c:\program files\Windows Desktop Search
2009-06-12 21:40 . 2009-04-18 11:16 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-06-11 20:08 . 2005-10-10 11:39 73570 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-11 20:08 . 2005-10-10 11:39 469400 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-11 15:27 . 2006-09-15 20:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-06-11 15:27 . 2006-09-15 20:23 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-06-10 22:20 . 2009-06-10 22:20 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-06-10 22:20 . 2009-06-10 22:20 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-06-10 22:20 . 2009-06-10 22:20 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-06-10 21:59 . 2007-12-26 13:41 -------- d-----w- c:\program files\Free Download Manager
2009-06-10 21:56 . 2006-09-15 19:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-10 21:52 . 2008-12-25 14:10 -------- d-----w- c:\program files\Bonjour
2009-06-10 21:49 . 2009-06-10 21:49 -------- d-----w- c:\program files\ING
2009-06-10 16:19 . 2009-03-12 09:19 -------- d-----w- c:\program files\Software Informer
2009-06-10 16:07 . 2009-01-08 16:07 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-06-10 16:07 . 2009-01-08 16:07 -------- d-----w- c:\program files\NOS
2009-06-09 22:08 . 2009-06-09 22:08 2004 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_RJ038AA-B14 m7660.be_YC_0Pavi_QCZH641_E64FRemMPA3_48_IBasswood_SASUSTek Computer INC._V1.05_B3.17_T070821_WXP2_L40C_M1023_J250_7Intel_8Core2 6300_91.87_#071226_N168C001B_Z_G10027140.MRK
2009-06-09 13:31 . 2009-05-13 14:46 1577734 ----a-w- c:\documents and settings\HP_Administrateur\Application Data\Thunderbird\Profiles\svwpsky0.default\Mail\Local Folders\Inbox.sbd\TELECHARGER.COM
2009-06-06 19:48 . 2008-03-09 15:57 -------- d-----w- c:\program files\TubeMaster
2009-06-06 15:35 . 2009-05-11 06:27 68752 ----a-w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-01 23:21 . 2008-11-08 12:13 -------- d-----w- c:\program files\netpass
2009-06-01 08:58 . 2009-06-09 22:01 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Malwarebytes
2009-05-30 09:31 . 2008-11-07 19:12 -------- d-----w- c:\program files\MSECache
2009-05-25 14:34 . 2009-05-11 06:26 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\ATI
2009-05-24 22:24 . 2008-05-26 20:18 350208 ------w- c:\windows\system32\mssph.dll
2009-05-17 13:55 . 2008-05-17 05:52 -------- d-----w- c:\documents and settings\All Users\Application Data\SymplisIT
2009-05-17 12:08 . 2009-03-26 12:09 137153 ----a-w- c:\windows\HPHins12.dat
2009-05-14 21:12 . 2008-11-07 17:11 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Windows Desktop Search
2009-05-14 10:34 . 2009-05-14 10:34 6144 ----a-w- c:\windows\~DF7724.tmp
2009-05-12 15:23 . 2009-05-12 15:23 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Avira
2009-05-12 13:12 . 2006-09-15 19:31 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-05-11 22:52 . 2008-03-20 09:39 -------- d-----w- c:\program files\CCleaner
2009-05-11 22:38 . 2009-05-11 22:38 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\iolo
2009-05-11 22:02 . 2008-07-24 20:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-05-11 21:31 . 2009-03-14 15:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Atheros
2009-05-11 21:31 . 2009-05-11 21:31 -------- d-----w- c:\program files\Atheros
2009-05-11 06:38 . 2009-05-11 06:38 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\ErrorFix
2009-05-11 05:31 . 2009-03-12 09:19 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Free Download Manager
2009-05-11 05:30 . 2009-03-12 09:23 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Software Informer
2009-05-09 21:40 . 2009-05-09 21:40 68176 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-09 14:35 . 2008-03-25 15:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-05-09 12:42 . 2009-02-15 16:45 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\HP
2009-05-09 12:17 . 2009-05-09 12:17 -------- d-----w- c:\program files\OO Software
2009-05-09 11:46 . 2008-11-07 18:11 -------- d-----w- c:\program files\DEFRAG
2009-05-09 09:15 . 2009-05-08 13:55 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\iolo
2009-05-09 08:22 . 2009-04-18 09:02 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\uTorrent
2009-05-09 07:28 . 2009-05-09 07:27 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\DeepBurner
2009-05-09 07:27 . 2009-05-09 07:27 -------- d-----w- c:\program files\Astonsoft
2009-05-08 15:21 . 2009-05-08 15:21 518 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Application Data\iolo\Registry\Last\restore.bat
2009-05-08 14:08 . 2009-05-08 14:08 1744 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Application Data\iolo\restore.bat
2009-05-08 13:59 . 2009-05-08 13:55 -------- d-----w- c:\documents and settings\All Users\Application Data\iolo
2009-05-08 13:59 . 2009-05-08 13:59 -------- d-----w- c:\documents and settings\LocalService\Application Data\iolo
2009-05-08 13:59 . 2009-05-08 13:59 -------- d-----w- c:\program files\iolo
2009-05-08 13:48 . 2008-11-07 18:10 -------- d-----w- c:\program files\doc
2009-05-07 15:43 . 2004-08-10 11:00 347136 ----a-w- c:\windows\system32\localspl.dll
2009-05-04 15:51 . 2009-05-04 15:51 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Canneverbe_Limited
2009-05-03 12:35 . 2009-05-03 12:35 10134 ----a-r- c:\documents and settings\HP_Administrateur.BOON\Application Data\Microsoft\Installer\{3101CB58-3482-4D21-AF1A-7057FC935355}\ARPPRODUCTICON.exe
2009-05-03 10:11 . 2008-03-07 14:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-03 07:00 . 2009-05-01 14:04 -------- d-----w- c:\program files\JkDefrag
2009-05-01 15:30 . 2009-05-01 15:30 167376 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Mozilla\Firefox\Profiles\u440w8cy.default\FlashGot.exe
2009-05-01 13:54 . 2009-05-01 13:54 -------- d-----w- c:\program files\KeePass Password Safe
2009-04-29 17:31 . 2009-04-29 16:16 -------- d-----w- c:\program files\Unlocker
2009-04-29 16:16 . 2009-04-29 16:16 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Desktopicon
2009-04-29 06:36 . 2009-04-29 06:36 -------- d-----w- c:\program files\Smart Projects
2009-04-29 04:31 . 2004-08-10 11:00 672256 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:31 . 2004-08-10 11:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-04-28 19:42 . 2009-03-13 16:31 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\DAEMON Tools Pro
2009-04-26 16:02 . 2009-02-15 21:37 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Apple Computer
2009-04-26 12:15 . 2009-04-26 09:27 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\UseNeXT
2009-04-26 09:27 . 2009-04-26 09:27 -------- d-----w- c:\program files\UseNeXT
2009-04-26 08:37 . 2009-04-26 07:50 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-04-26 07:52 . 2009-03-13 16:24 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\DAEMON Tools Lite
2009-04-19 20:09 . 2004-08-10 11:00 1846784 ----a-w- c:\windows\system32\win32k.sys
2009-04-19 13:12 . 2009-04-18 10:20 -------- d-----w- c:\program files\PFConfig
2009-04-18 11:21 . 2009-04-18 11:16 -------- d-----w- c:\program files\PC Tools Firewall Plus
2009-04-18 11:19 . 2009-04-18 11:19 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\PCToolsFirewallPlus
2009-04-18 10:44 . 2008-08-16 08:13 -------- d-----w- c:\program files\Bit Che
2009-04-18 10:44 . 2009-04-18 10:44 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Convivea
2009-04-18 10:04 . 2008-08-03 07:53 -------- d-----w- c:\program files\uTorrent
2009-04-18 08:57 . 2009-04-18 08:57 13824 ----a-w- c:\windows\~DF71AC.tmp
2009-04-17 17:57 . 2009-04-12 10:16 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\DiskAid
2009-04-16 15:23 . 2008-04-02 18:29 540672 ----a-w- c:\windows\RtlExUpd.dll
2009-04-15 15:17 . 2004-08-10 11:00 584192 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-14 16:08 . 2009-04-14 16:08 -------- d-----w- c:\program files\Deliverypress
2009-04-13 20:10 . 2009-04-13 20:10 524288 ----a-w- c:\windows\opuc.dll
2009-04-12 09:18 . 2009-04-12 09:18 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-10 16:40 . 2009-04-18 10:44 118784 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Convivea\Bit_Che\scripts\x.exe
2009-03-30 14:31 . 2009-02-15 10:29 68176 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-27 12:54 . 2009-03-27 12:54 152576 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2008-02-21 18:30 . 2008-02-21 18:30 6152242 ----a-w- c:\program files\iDjinni.exe
2007-03-02 01:03 . 2007-12-26 18:31 22 --sha-w- c:\windows\SMINST\HPCD.SYS
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"Software Informer"="c:\program files\Software Informer\softinfo.exe" [2009-06-01 1851461]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2009-06-10 160592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"DMAScheduler"="c:\program files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 90112]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2008-12-25 1227080]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall Pro\feedback.exe" [2008-12-25 432968]
"Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]
"USBDetector"="c:\usbstorage\USBDetector.exe" [2003-04-01 53248]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-07-21 16261632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-12-18 76304]

c:\documents and settings\HP_Administrateur.BOON\Menu D‚marrer\Programmes\D‚marrage\
Download Manager.lnk - c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Installer\{7220A111-A842-44A8-B3F1-525BF2C52118}\_96096054A1736693F3BBA4.exe [2009-1-3 259591]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Assistant de traduction IdiomaX.lnk - c:\program files\IdiomaX\Translation Assistant 4.0\TrasWord.exe [2007-1-18 410160]
Google Updater.lnk - c:\program files\Google\Google Updater\GoogleUpdater.exe [2008-3-25 161776]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-11 809488]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-02-18 22:30 72208 ----a-w- c:\program files\Fichiers communs\logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Free Download Manager\\fdmwi.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [11/06/2009 0:02 703904]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [10/02/2009 15:53 1267016]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10/06/2009 18:07 108289]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [11/06/2009 0:20 10384]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [27/07/2005 17:25 14080]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [27/07/2005 17:25 36352]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [15/09/2006 21:53 2829696]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [11/06/2009 0:02 30864]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [11/06/2009 0:02 257176]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [27/07/2005 17:25 77056]
S2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 12:18 202016]
S3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [11/06/2009 0:02 34080]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [11/06/2009 14:30 40160]
S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [15/09/2006 21:52 468768]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.skynet.be/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_BE&c=64&bd=PAVILION&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_BE&c=64&bd=PAVILION&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_BE&c=64&bd=PAVILION&pf=desktop
IE: &Traduire à partir de l'anglais - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Barre RoboForm - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Enregistrer le formulaire - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Identités - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
IE: Pages liées - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Pages similaires - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Personnaliser le menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Recherche &Google - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Remplir le formulaire - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Version de la page actuelle disponible dans le cache Google - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: {{45DB34C3-955C-11D3-ABEF-444553540000} - c:\program files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-13 08:43
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1356)
c:\windows\system32\Ati2evxx.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(416)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\fr-fr\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\fr-fr\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\msi.dll
.
Heure de fin: 2009-06-13 8:45
ComboFix-quarantined-files.txt 2009-06-13 06:45

Avant-CF: 142.611.169.280 octets libres
Après-CF: 142.598.541.312 octets libres

349 --- E O F --- 2009-06-12 22:05
Salutations

bonjour,
scan avira stop après 5 minutes et disparition.
ci joint rapport malware :

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2261
Windows 5.1.2600 Service Pack 2

13/06/2009 20:02:29
mbam-log-2009-06-13 (20-02-19).txt

Type de recherche: Examen rapide
Eléments examinés: 106822
Temps écoulé: 5 minute(s), 58 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 127

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\RegTool (Rogue.RegTool) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\Drivers\Aud32 (Adware.BHO) -> No action taken.
c:\documents and settings\HP_Administrateur.HENRI\Application Data\RegTool (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Logs (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\QuarantineW (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210 (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results (Rogue.RegTool) -> No action taken.
c:\documents and settings\HP_Administrateur\Application Data\ErrorFix (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Logs (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\QuarantineW (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410 (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results (Rogue.ErrorFix) -> No action taken.

Fichier(s) infecté(s):
c:\downloads\setup.exe (Rogue.Installer) -> No action taken.
c:\documents and settings\administrateur\Bureau\setup.exe (Rogue.Installer) -> No action taken.
c:\documents and settings\default user\Bureau\setup.exe (Rogue.Installer) -> No action taken.
c:\WINDOWS\Drivers\Aud32\gan.exe (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\Aud32\gside2.exe (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\Aud32\iemsgmgr_2.dll (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\Aud32\iephasst_2.dll (Adware.BHO) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\spy_ignore.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Logs\2009-06-11 16-24-220.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Logs\2009-06-11 17-05-120.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\filelist.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-0.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-1.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-10.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-11.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-12.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-13.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-14.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-15.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-16.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-17.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-18.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-19.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-2.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-20.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-21.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-22.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-23.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-24.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-25.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-26.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-27.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-28.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-29.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-3.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-30.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-31.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-32.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-33.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-34.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-35.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-36.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-37.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-38.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-39.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-4.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-40.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-41.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-42.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-43.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-44.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-45.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-46.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-47.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-48.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-49.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-5.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-50.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-51.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-52.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-53.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-54.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-55.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-56.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-57.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-6.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-7.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-8.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-9.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Evidence.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Junk.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Registry.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Update.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Logs\2009-05-11 08-38-170.log (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Logs\2009-05-11 13-46-200.log (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\filelist.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-0.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-1.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-10.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-11.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-12.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-13.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-14.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-15.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-16.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-17.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-18.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-19.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-2.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-20.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-21.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-22.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-23.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-24.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-25.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-26.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-27.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-28.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-29.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-3.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-30.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-31.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-32.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-33.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-34.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-35.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-36.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-37.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-38.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-39.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-4.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-40.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-41.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-42.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-43.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-5.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-6.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-7.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-8.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-9.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Evidence.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Junk.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Registry.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Update.db (Rogue.ErrorFix) -> No action taken.
C:\WINDOWS\Drivers\pub.dll (Adware.BHO) -> No action taken.
C:\WINDOWS\Drivers\readme.html (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\PhishAgnt.dll (Adware.Deewoo) -> No action taken.

Bonjour,
superantispyware bloque
Kaspersy online bloque et pointeur de souris devient fou
bitdefender bloque et pointeur fou.Avira,kaspersky et bitdefender bloque toujours au même endroit = C:\documents and settings\HP adm........ccsetup.exe ????
salutations

Bonjour,
Superantispyware a mis en quarantaine et éliminé une soixantaine de fichiers.
Bitdefender a scanné 1130937 fichiers ( disques C;D;E) et trouvé 34 fichiers infectés puis s'est bloqué avec écran bleu et avertissement de danger.Idem avec avira.
Salutations

Avira =scan complet cijoint.
crystal disk info = 38 prudence disque C - cijoint.
AVIRA
Avira AntiVir Personal
Report file date: samedi 20 juin 2009 23:00

Scanning for 1478190 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : HENRI

Version information:
BUILD.DAT : 9.0.0.403 17961 Bytes 3/06/2009 17:05:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 10/06/2009 16:11:40
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26
ANTIVIR2.VDF : 7.1.4.87 2982912 Bytes 12/06/2009 17:02:21
ANTIVIR3.VDF : 7.1.4.117 212480 Bytes 19/06/2009 06:38:27
Engineversion : 8.2.0.193
AEVDF.DLL : 8.1.1.1 106868 Bytes 10/06/2009 16:11:39
AESCRIPT.DLL : 8.1.2.9 409978 Bytes 17/06/2009 18:22:32
AESCN.DLL : 8.1.2.3 127347 Bytes 10/06/2009 16:11:39
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41
AEPACK.DLL : 8.1.3.18 401783 Bytes 10/06/2009 16:11:39
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 17/06/2009 18:22:28
AEHEUR.DLL : 8.1.0.133 1798520 Bytes 17/06/2009 18:22:26
AEHELP.DLL : 8.1.3.6 205174 Bytes 11/06/2009 16:08:40
AEGEN.DLL : 8.1.1.46 348533 Bytes 20/06/2009 06:38:29
AEEMU.DLL : 8.1.0.9 393588 Bytes 9/10/2008 13:32:40
AECORE.DLL : 8.1.6.12 180599 Bytes 10/06/2009 16:11:39
AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 5/12/2008 09:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 10/06/2009 16:11:39
RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/04/2009 09:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: samedi 20 juin 2009 23:00

Starting search for hidden objects.
'184200' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'searchfilterhost.exe' - '1' Module(s) have been scanned
Scan process 'searchprotocolhost.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'seccenter.exe' - '1' Module(s) have been scanned
Scan process 'ELService.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'sprtsvc.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'TrasWord.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'robotaskbaricon.exe' - '1' Module(s) have been scanned
Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
Scan process 'fdm.exe' - '1' Module(s) have been scanned
Scan process 'softinfo.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'bdagent.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'HpqSRmon.exe' - '1' Module(s) have been scanned
Scan process 'op_mon.exe' - '0' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'acs.exe' - '0' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'USBDetector.exe' - '1' Module(s) have been scanned
Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'DMAScheduler.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'livesrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
Master boot sector HD5
[INFO] No virus was found!
Master boot sector HD6
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '77' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\HP_Administrateur\Mes documents\Downloads\OLDOWNLOAD\Software\iepv_setup.exe.XXX

[0] Archive type: ZIP SFX (self extracting)
--> iepv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.NetPass.ET program
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.Messen.BG program
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.zip
[0] Archive type: ZIP
--> mspass.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.Messen.BG program
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.PassView.B program
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.zip
[0] Archive type: ZIP
--> pspv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.PassView.B program
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\hp\bin\KillIt.exe
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
C:\hp\bin\KillIt.exe.XXX
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
C:\Program Files\Free Download Manager\SmitfraudFix\Reboot.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
C:\Program Files\Free Download Manager\SmitfraudFix\restart.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP10\A0005123.exe
[0] Archive type: CAB SFX (self extracting)
--> \Source\ACE\1028.mst
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP17\A0007735.EXE
[0] Archive type: CAB SFX (self extracting)
--> \ubCore32_080405.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017516.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017517.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017518.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017519.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017520.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017521.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017523.dll
[DETECTION] Is the TR/Killav.28714 Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP28\A0027750.exe
[DETECTION] Contains recognition pattern of the APPL/KillApplicat.A application
Begin scan in 'D:\' <HP_USER>
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Desktop\SmitfraudFix.exe.XXX
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
D:\documents\VIDEOS\Setup.zip.XXX
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Contains recognition pattern of the DR/Hupigon.frdu dropper
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034235.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034238.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034239.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
Begin scan in 'E:\' <HP_RECOVERY>

Beginning disinfection:
C:\Documents and Settings\HP_Administrateur\Mes documents\Downloads\OLDOWNLOAD\Software\iepv_setup.exe.XXX
[NOTE] The file was moved to '4aad7ce2.qua'!
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[NOTE] The file was moved to '4aa57ced.qua'!
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[NOTE] The file was moved to '4a807cc3.qua'!
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[NOTE] The file was moved to '49da14c4.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.Messen.BG program
[NOTE] The file was moved to '4aad7cf1.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.zip
[NOTE] The file was moved to '4b0beae2.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.PassView.B program
[NOTE] The file was moved to '4b09fa72.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.zip
[NOTE] The file was moved to '4aad7cf2.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[NOTE] The file was moved to '4aa57cef.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[NOTE] The file was moved to '4a807cc7.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[NOTE] The file was moved to '4a807cc8.qua'!
C:\hp\bin\KillIt.exe
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
[NOTE] The file was moved to '4aa97cec.qua'!
C:\hp\bin\KillIt.exe.XXX
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
[NOTE] The file was moved to '49f6dd45.qua'!
C:\Program Files\Free Download Manager\SmitfraudFix\Reboot.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
[NOTE] The file was moved to '4a9f7ce8.qua'!
C:\Program Files\Free Download Manager\SmitfraudFix\restart.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '4ab07ce8.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017516.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4a6d7cb4.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017517.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4a6d7cb5.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017518.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '490e91de.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017519.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4bf2232e.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017520.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4931fc86.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017521.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '490ca98e.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017523.dll
[DETECTION] Is the TR/Killav.28714 Trojan
[NOTE] The file was moved to '4a6d7cb6.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP28\A0027750.exe
[DETECTION] Contains recognition pattern of the APPL/KillApplicat.A application
[NOTE] The file was moved to '490a7877.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Desktop\SmitfraudFix.exe.XXX
[NOTE] The file was moved to '4aa67cf3.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[NOTE] The file was moved to '4aa57cf6.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[NOTE] The file was moved to '4a807ccc.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[NOTE] The file was moved to '49ee30b5.qua'!
D:\documents\VIDEOS\Setup.zip.XXX
[NOTE] The file was moved to '4ab17ceb.qua'!
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034235.exe
[NOTE] The file was moved to '4a6d7cb7.qua'!
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034238.exe
[NOTE] The file was moved to '49064998.qua'!
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034239.exe
[NOTE] The file was moved to '49057030.qua'!


End of the scan: dimanche 21 juin 2009 02:19
Used time: 3:18:21 Hour(s)

The scan has been done completely.

41643 Scanned directories
1847938 Files were scanned
44 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
31 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
1847892 Files not concerned
62327 Archives were scanned
6 Warnings
33 Notes
184200 Objects were scanned with rootkit scan
0 Hidden objects were found

crystal disk info =
----------------------------------------------------------------------------
CrystalDiskInfo 2.7.4 (C) 2008-2009 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Media Center 2005 SP2 [5.1 Build 2600] (x86)
Date : 2009/06/21 10:01:16

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8R/ICH9R/ICH10R/DO SATA RAID Controller [SCSI]
- ST3250824AS
- ST3250824AS
- HL-DT-ST DVDRRW GSA-H30L
- TSSTcorp DVD-ROM TS-H353A

-- Disk List ---------------------------------------------------------------
(1) ST3250824AS : 250.0 GB [0-0-0, pd1]
(2) ST3250824AS : 250.0 GB [1-0-1, pd1]

----------------------------------------------------------------------------
(1) ST3250824AS
----------------------------------------------------------------------------
Model : ST3250824AS
Firmware : 3.AHH
Serial Number : 9ND027KS
Total Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
NV Cache Size : ----
Number of Sectors : 488397168
Rotation Rate : Inconnu
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 12166 heures
Power On Count : 1492 x
Temparature : 39 C (102 F)
Health Status : Prudence
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values Attribute Name
01 115 _99 __6 0000057ECBFA Taux Erreur en Lecture
03 _99 _98 __0 000000000000 Temps moyen mise en rotation
04 _98 _98 _20 00000000080D Décompte des cycles de mise en rotation
05 100 100 _36 000000000001 Nombre de secteurs réalloués
07 _72 _60 _30 000F0FF3CC50 Taux d'erreurs d'accès des têtes
09 _87 _87 __0 000000002F86 Heures de Fonctionnement
0A 100 100 _97 000000000000 Nombre d'essais de relancement de la rotation
0C _99 _99 _20 0000000005D4 Nombre total de cycles marche/arrêt du disque dur
BB __1 __1 __0 0000000000F5 Inconnu
BD 100 100 __0 000000000000 Inconnu
BE _61 _42 _45 000227140027 Température de l'air sur les disques Western Digital
C2 _39 _58 __0 000F00000027 Température
C3 _56 _46 __0 000000BD4762 Temps entre les erreurs corrigées par code correcteur(codage basée sur la redondance)
C5 _71 _70 __0 000000000261 Nombre de secteurs "instables"
C6 _71 _70 __0 000000000261 Nombre total d'erreurs incorrigibles d'un secteur
C7 200 200 __0 000000000011 Nombre d'erreurs dans le transfert de données via le câble d'interface
C8 100 253 __0 000000000000 Nombre total d'erreurs à l'écriture d'un secteur
CA _91 244 __0 000000000009 Erreur de marquage des données d'adresses

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 5A 0C FF 3F 37 C8 10 00 00 00 00 00 3F 00 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 4E 39 30 44 37 32 53 4B 00 00 00 40 04 00 2E 33
030: 48 41 20 48 20 20 54 53 32 33 30 35 32 38 41 34
040: 20 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 10 80
060: 00 00 00 2F 00 40 00 02 00 02 07 00 FF 3F 10 00
070: 3F 00 10 FC FB 00 10 01 FF FF FF 0F 00 00 07 00
080: 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 1F 00 06 05 00 00 48 00 40 00
0A0: FE 00 00 00 69 30 01 7C 23 40 69 30 01 3C 23 40
0B0: 3F 20 00 00 00 00 FE FE FE FF 00 00 00 D0 00 00
0C0: 00 00 00 00 00 00 00 00 70 59 1C 1D 00 00 00 00
0D0: 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 70 59 1C 1D 70 59 1C 1D 20 20 02 00 B6 0A
110: 02 00 8A 00 7B 3C 04 03 00 00 C6 07 00 01 00 08
120: 0F 10 00 12 02 00 80 00 00 00 00 00 A0 00 02 02
130: 00 00 04 04 00 00 00 00 00 00 00 00 00 10 0B 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5 B3

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 0F 00 73 63 FA CB 7E 05 00 00 00 03 02 00
010: 63 62 00 00 00 00 00 00 00 04 33 00 62 62 0D 08
020: 00 00 00 00 00 05 33 00 64 64 01 00 00 00 00 00
030: 00 07 0F 00 48 3C 50 CC F3 0F 0F 00 00 09 32 00
040: 57 57 86 2F 00 00 00 00 00 0A 13 00 64 64 00 00
050: 00 00 00 00 00 0C 33 00 63 63 D4 05 00 00 00 00
060: 00 BB 32 00 01 01 F5 00 00 00 00 00 00 BD 3A 00
070: 64 64 00 00 00 00 00 00 00 BE 22 00 3D 2A 27 00
080: 14 27 02 00 00 C2 22 00 27 3A 27 00 00 00 0F 00
090: 00 C3 1A 00 38 2E 62 47 BD 00 00 00 00 C5 12 00
0A0: 47 46 61 02 00 00 00 00 00 C6 10 00 47 46 61 02
0B0: 00 00 00 00 00 C7 3E 00 C8 C8 11 00 00 00 00 00
0C0: 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32 00
0D0: 5B F4 09 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 82 79 B1 01 00 5B 03
170: 00 01 2F 02 64 03 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 07 02 02 02 00 02 00 02 02 00 00
190: 00 00 00 01 00 00 01 B1 6A 46 1B 2F 00 00 00 01
1A0: 00 26 FB B8 F2 51 01 00 00 61 02 00 00 00 00 01
1B0: 00 00 00 B1 6A 46 1B 00 00 00 00 00 00 00 00 02
1C0: 00 01 00 00 00 11 00 00 00 E3 02 38 BA 01 00 00
1D0: 00 0B 8B 45 00 00 00 00 00 75 2F 00 00 00 00 C2
1E0: B3 01 00 01 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5F 00

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00 00
010: 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00 00
020: 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00 00
030: 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00 00
040: 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00 00
050: 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00 00
060: 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00 00
070: 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00 00
080: 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00 00
090: 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00 00
0A0: 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00 00
0B0: 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00 00
0C0: 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26 00

----------------------------------------------------------------------------
(2) ST3250824AS
----------------------------------------------------------------------------
Model : ST3250824AS
Firmware : 3.AHH
Serial Number : 4ND4ZKTT
Total Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
NV Cache Size : ----
Number of Sectors : 488397168
Rotation Rate : Inconnu
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 12203 heures
Power On Count : 1492 x
Temparature : 37 C (98 F)
Health Status : Correct
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values Attribute Name
01 114 _95 __6 000003A1AB9D Taux Erreur en Lecture
03 _98 _98 __0 000000000000 Temps moyen mise en rotation
04 _99 _99 _20 000000000728 Décompte des cycles de mise en rotation
05 100 100 _36 000000000000 Nombre de secteurs réalloués
07 _87 _60 _30 000023A00A26 Taux d'erreurs d'accès des têtes
09 _87 _87 __0 000000002FAB Heures de Fonctionnement
0A 100 100 _97 000000000000 Nombre d'essais de relancement de la rotation
0C _99 _99 _20 0000000005D4 Nombre total de cycles marche/arrêt du disque dur
BB 100 100 __0 000000000000 Inconnu
BD 100 100 __0 000000000000 Inconnu
BE _63 _49 _45 000025140025 Température de l'air sur les disques Western Digital
C2 _37 _51 __0 000E00000025 Température
C3 _81 _49 __0 0000085284FE Temps entre les erreurs corrigées par code correcteur(codage basée sur la redondance)
C5 100 100 __0 000000000000 Nombre de secteurs "instables"
C6 100 100 __0 000000000000 Nombre total d'erreurs incorrigibles d'un secteur
C7 200 200 __0 000000000000 Nombre d'erreurs dans le transfert de données via le câble d'interface
C8 100 253 __0 000000000000 Nombre total d'erreurs à l'écriture d'un secteur
CA 100 253 __0 000000000000 Erreur de marquage des données d'adresses

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 5A 0C FF 3F 37 C8 10 00 00 00 00 00 3F 00 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 4E 34 34 44 4B 5A 54 54 00 00 00 40 04 00 2E 33
030: 48 41 20 48 20 20 54 53 32 33 30 35 32 38 41 34
040: 20 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 10 80
060: 00 00 00 2F 00 40 00 02 00 02 07 00 FF 3F 10 00
070: 3F 00 10 FC FB 00 10 01 FF FF FF 0F 00 00 07 00
080: 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 1F 00 06 05 00 00 48 00 40 00
0A0: FE 00 00 00 69 30 01 7C 23 40 69 30 01 3C 23 40
0B0: 3F 20 00 00 00 00 FE FE FE FF 00 00 00 D0 00 00
0C0: 00 00 00 00 00 00 00 00 70 59 1C 1D 00 00 00 00
0D0: 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 70 59 1C 1D 70 59 1C 1D 20 20 02 00 B6 0A
110: 02 00 8A 00 7B 3C 04 03 00 00 C6 07 00 01 00 08
120: 0F 10 00 12 02 00 80 00 00 00 00 00 A0 00 02 02
130: 00 00 04 04 00 00 00 00 00 00 00 00 00 10 0B 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5 6E

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 0F 00 72 5F 9D AB A1 03 00 00 00 03 02 00
010: 62 62 00 00 00 00 00 00 00 04 33 00 63 63 28 07
020: 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00 00
030: 00 07 0F 00 57 3C 26 0A A0 23 00 00 00 09 32 00
040: 57 57 AB 2F 00 00 00 00 00 0A 13 00 64 64 00 00
050: 00 00 00 00 00 0C 33 00 63 63 D4 05 00 00 00 00
060: 00 BB 32 00 64 64 00 00 00 00 00 00 00 BD 3A 00
070: 64 64 00 00 00 00 00 00 00 BE 22 00 3F 31 25 00
080: 14 25 00 00 00 C2 22 00 25 33 25 00 00 00 0E 00
090: 00 C3 1A 00 51 31 FE 84 52 08 00 00 00 C5 12 00
0A0: 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00 00
0B0: 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00
0C0: 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32 00
0D0: 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 82 00 B1 01 00 5B 03
170: 00 01 00 02 64 03 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 02 02 02 02 03 02 02 02 02 00 00
190: 00 00 00 01 00 00 01 F8 D8 83 13 00 00 00 00 01
1A0: 00 08 60 08 F9 52 01 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 F8 D8 83 13 00 00 00 00 00 00 00 00 02
1C0: 00 01 00 00 00 00 00 00 00 85 71 63 21 00 00 00
1D0: 00 B6 88 00 00 00 00 00 00 AA 2F 00 00 00 00 74
1E0: 10 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B 00

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00 00
010: 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00 00
020: 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00 00
030: 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00 00
040: 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00 00
050: 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00 00
060: 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00 00
070: 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00 00
080: 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00 00
090: 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00 00
0A0: 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00 00
0B0: 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00 00
0C0: 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26 00

windows ne peut formater le DD C.Or je n'ai pas les disquettes car HP media center intégré.
faut il aussi ,si possible, formater le DD E: qui contient recovery ?
Je pense de plus en plus acheter un boitier(storm de cool master ) pour tout réinstaller avec un nouveau DD de 500 GO.Salutations