Supprimer KeyLogger

Voici le rapport :

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Acer Tour deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll unregistered successfully.
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw+0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw+0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw-0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw00\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw00s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw-0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw10\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw10s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw20\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw20s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw30\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw30s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw40\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw40s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw50\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw50s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw60\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw60s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw70\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw70s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw80\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw80s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw90\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bw90s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwa0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwa0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwb0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwb0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwc0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwc0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwd0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwd0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwe0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwe0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwf0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwf0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll unregistered successfully.
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwfile-8876480\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwg0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwg0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwh0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwh0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwi0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwi0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwj0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwj0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwk0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwk0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwl0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwl0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwm0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwm0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwn0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwn0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwo0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwo0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwp0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwp0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwq0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwq0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwr0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwr0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bws0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bws0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwt0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwt0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwu0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwu0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwv0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwv0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bww0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bww0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwx0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwx0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwy0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwy0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwz0\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwz0s\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll not found.
ADS C:\ProgramData\TEMP:3E2028C8 deleted successfully.
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\"DisableMonitoring"|0 /E : value set successfully!
========== FILES ==========
File\Folder C:\Users\Diamanka\Desktop\List_Killem.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Diamanka
->Temp folder emptied: 25017505 bytes
->Temporary Internet Files folder emptied: 112243859 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 108140830 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
Windows Temp folder emptied: 9741 bytes
RecycleBin emptied: 33824804 bytes

Total Files Cleaned = 266,30 mb


OTL by OldTimer - Version 3.0.10.7 log created on 08192009_150502

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...






Et voila le résultat de Virul Total :

Fichier 63BBAE79AB.sys reçu le 2009.08.19 11:33:43 (UTC)Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.19 -
AhnLab-V3 5.0.0.2 2009.08.19 -
AntiVir 7.9.1.3 2009.08.19 -
Antiy-AVL 2.0.3.7 2009.08.18 -
Authentium 5.1.2.4 2009.08.18 -
Avast 4.8.1335.0 2009.08.18 -
AVG 8.5.0.406 2009.08.19 -
BitDefender 7.2 2009.08.19 -
CAT-QuickHeal 10.00 2009.08.19 -
ClamAV 0.94.1 2009.08.19 -
Comodo 2021 2009.08.19 -
DrWeb 5.0.0.12182 2009.08.19 -
eSafe 7.0.17.0 2009.08.18 -
eTrust-Vet 31.6.6687 2009.08.19 -
F-Prot 4.4.4.56 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.19 -
Fortinet 3.120.0.0 2009.08.19 -
GData 19 2009.08.19 -
Ikarus T3.1.1.68.0 2009.08.19 -
Jiangmin 11.0.800 2009.08.19 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 7.0.0.125 2009.08.19 -
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 -
McAfee-GW-Edition 6.8.5 2009.08.19 -
Microsoft 1.4903 2009.08.19 -
NOD32 4347 2009.08.19 -
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.19 -
Panda 10.0.0.14 2009.08.18 -
PCTools 4.4.2.0 2009.08.18 -
Prevx 3.0 2009.08.19 -
Rising 21.43.23.00 2009.08.19 -
Sophos 4.44.0 2009.08.19 -
Sunbelt 3.2.1858.2 2009.08.19 -
Symantec 1.4.4.12 2009.08.19 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.19 -
VBA32 3.12.10.9 2009.08.19 -
ViRobot 2009.8.19.1891 2009.08.19 -
VirusBuster 4.6.5.0 2009.08.18 -

Information additionnelle
File size: 88 bytes
MD5   : 9673b912713a5d1f09d7fed564512bae
SHA1  : 5a97509346f419c96e6ef347668ede0237d30aa4
SHA256: 87fde6dca64ebf7a8e009eee56646f808090342414de7bcb5d6adfd725cfe30f
ssdeep: 3:hl/hdYf8MRnn:9dKn
PEiD  : -
RDS   : NSRL Reference Data Set<BR>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.19 -
AhnLab-V3 5.0.0.2 2009.08.19 -
AntiVir 7.9.1.3 2009.08.19 -
Antiy-AVL 2.0.3.7 2009.08.18 -
Authentium 5.1.2.4 2009.08.18 -
Avast 4.8.1335.0 2009.08.18 -
AVG 8.5.0.406 2009.08.19 -
BitDefender 7.2 2009.08.19 -
CAT-QuickHeal 10.00 2009.08.19 -
ClamAV 0.94.1 2009.08.19 -
Comodo 2021 2009.08.19 -
DrWeb 5.0.0.12182 2009.08.19 -
eSafe 7.0.17.0 2009.08.18 -
eTrust-Vet 31.6.6687 2009.08.19 -
F-Prot 4.4.4.56 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.19 -
Fortinet 3.120.0.0 2009.08.19 -
GData 19 2009.08.19 -
Ikarus T3.1.1.68.0 2009.08.19 -
Jiangmin 11.0.800 2009.08.19 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 7.0.0.125 2009.08.19 -
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 -
McAfee-GW-Edition 6.8.5 2009.08.19 -
Microsoft 1.4903 2009.08.19 -
NOD32 4347 2009.08.19 -
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.19 -
Panda 10.0.0.14 2009.08.18 -
PCTools 4.4.2.0 2009.08.18 -
Prevx 3.0 2009.08.19 -
Rising 21.43.23.00 2009.08.19 -
Sophos 4.44.0 2009.08.19 -
Sunbelt 3.2.1858.2 2009.08.19 -
Symantec 1.4.4.12 2009.08.19 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.19 -
VBA32 3.12.10.9 2009.08.19 -
ViRobot 2009.8.19.1891 2009.08.19 -
VirusBuster 4.6.5.0 2009.08.18 -

Information additionnelle
File size: 88 bytes
MD5   : 9673b912713a5d1f09d7fed564512bae
SHA1  : 5a97509346f419c96e6ef347668ede0237d30aa4
SHA256: 87fde6dca64ebf7a8e009eee56646f808090342414de7bcb5d6adfd725cfe30f
ssdeep: 3:hl/hdYf8MRnn:9dKn
PEiD  : -
RDS   : NSRL Reference Data Set<BR>-

Alors ? C'est du chinois pour moi !!

refais le post de suppression en mode sans echec sans prise en charge reseau stp

Comment aller en Mode sans échec :

▶ Redémarres ton ordi
▶ Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
▶ Tu verras un écran avec options de démarrage apparaître
▶ Choisis la première option : Sans Échec, et valide avec "Entrée"
▶ Choisis ton compte habituel, et non Administrateur (si besoin ... )

Ok merci. Je suis au boulot, je m'occupe de cela des que je rentre, merci !

Bonjour,

C'est bon, j'ai fait ce que vous m'avez demandé. J'ai refait les étapes de la suppression.


Kill'em by g3n-h@ckm@n 1.0.2.6

updated on 20.08.2009 ::::: 00.30


Microsoft Windows [version 6.0.6001]


20/08/2009 14:01:42,87

Fichiers analysés :
=================


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"


¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :

Quarantaine :

qmgr0.dat.Kill'em
qmgr1.dat.Kill'em

¤¤¤¤¤¤¤¤¤¤ Verification :

bien refais OTL stp

Je narrive pas a te mettre le resultats

Ils me disent que j'ai deja posté ce message..... Comprend rien

par le biais de :

http://cjoint.com/

Merci

http://cjoint.com/?iuuimmR8KV

http://cjoint.com/?iuuiPFBQFX

▶ Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
* - Coche Afficher les fichiers et dossiers cachés
* - Décoche Masquer les extensions des fichiers dont le type est connu
* - Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)

▶ clique sur Appliquer, puis OK.

N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

* Clique sur Parcourir en haut, choisis Poste de travail et cherche ces fichiers :

C:\Windows\System32\Jvpr03.0cx
C:\Windows\Pref34.D1l
C:\Windows\Setup1.exe
C:\Windows\ST6UNST.EXE

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.

Note : Pour analyser un autre fichier, clique en bas sur Autre fichier.

Fichier Jvpr03.0cx reçu le 2009.08.20 18:32:24 (UTC)Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.20 -
AhnLab-V3 5.0.0.2 2009.08.20 -
AntiVir 7.9.1.3 2009.08.20 -
Antiy-AVL 2.0.3.7 2009.08.20 -
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.20 -
AVG 8.5.0.406 2009.08.20 -
BitDefender 7.2 2009.08.20 -
CAT-QuickHeal 10.00 2009.08.20 -
ClamAV 0.94.1 2009.08.20 -
Comodo 2037 2009.08.20 -
DrWeb 5.0.0.12182 2009.08.20 -
eSafe 7.0.17.0 2009.08.20 -
eTrust-Vet 31.6.6691 2009.08.20 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.20 -
Fortinet 3.120.0.0 2009.08.20 -
GData 19 2009.08.20 -
Ikarus T3.1.1.68.0 2009.08.20 -
Jiangmin 11.0.800 2009.08.20 -
K7AntiVirus 7.10.823 2009.08.20 -
Kaspersky 7.0.0.125 2009.08.20 -
McAfee 5715 2009.08.20 -
McAfee+Artemis 5715 2009.08.20 -
McAfee-GW-Edition 6.8.5 2009.08.20 -
Microsoft 1.4903 2009.08.20 -
NOD32 4353 2009.08.20 -
Norman 6.01.09 2009.08.20 -
nProtect 2009.1.8.0 2009.08.20 -
Panda 10.0.0.14 2009.08.20 -
PCTools 4.4.2.0 2009.08.20 -
Prevx 3.0 2009.08.20 -
Rising 21.43.34.00 2009.08.20 -
Sophos 4.44.0 2009.08.20 -
Sunbelt 3.2.1858.2 2009.08.20 -
Symantec 1.4.4.12 2009.08.20 -
TheHacker 6.3.4.3.384 2009.08.20 -
TrendMicro 8.950.0.1094 2009.08.20 -
VBA32 3.12.10.9 2009.08.20 -
ViRobot 2009.8.20.1893 2009.08.20 -
VirusBuster 4.6.5.0 2009.08.19 -

Information additionnelle
File size: 60 bytes
MD5...: 85358f4074972f8490ea8088fba1fbaa
SHA1..: 5a7388a0b5b053087a1f5887a9ba2ea3feae9759
SHA256: 714a6ef6fdf548cd6346df58ee7a901926fea3dea1e06fc82fbc6d90bd86b15a
ssdeep: 3:UNNFOhvSS8k/AHGGbnn:UvA5SS5omGbnn<BR>
PEiD..: -
TrID..: File type identification<BR>Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.20 -
AhnLab-V3 5.0.0.2 2009.08.20 -
AntiVir 7.9.1.3 2009.08.20 -
Antiy-AVL 2.0.3.7 2009.08.20 -
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.20 -
AVG 8.5.0.406 2009.08.20 -
BitDefender 7.2 2009.08.20 -
CAT-QuickHeal 10.00 2009.08.20 -
ClamAV 0.94.1 2009.08.20 -
Comodo 2037 2009.08.20 -
DrWeb 5.0.0.12182 2009.08.20 -
eSafe 7.0.17.0 2009.08.20 -
eTrust-Vet 31.6.6691 2009.08.20 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.20 -
Fortinet 3.120.0.0 2009.08.20 -
GData 19 2009.08.20 -
Ikarus T3.1.1.68.0 2009.08.20 -
Jiangmin 11.0.800 2009.08.20 -
K7AntiVirus 7.10.823 2009.08.20 -
Kaspersky 7.0.0.125 2009.08.20 -
McAfee 5715 2009.08.20 -
McAfee+Artemis 5715 2009.08.20 -
McAfee-GW-Edition 6.8.5 2009.08.20 -
Microsoft 1.4903 2009.08.20 -
NOD32 4353 2009.08.20 -
Norman 6.01.09 2009.08.20 -
nProtect 2009.1.8.0 2009.08.20 -
Panda 10.0.0.14 2009.08.20 -
PCTools 4.4.2.0 2009.08.20 -
Prevx 3.0 2009.08.20 -
Rising 21.43.34.00 2009.08.20 -
Sophos 4.44.0 2009.08.20 -
Sunbelt 3.2.1858.2 2009.08.20 -
Symantec 1.4.4.12 2009.08.20 -
TheHacker 6.3.4.3.384 2009.08.20 -
TrendMicro 8.950.0.1094 2009.08.20 -
VBA32 3.12.10.9 2009.08.20 -
ViRobot 2009.8.20.1893 2009.08.20 -
VirusBuster 4.6.5.0 2009.08.19 -

Information additionnelle
File size: 60 bytes
MD5...: 85358f4074972f8490ea8088fba1fbaa
SHA1..: 5a7388a0b5b053087a1f5887a9ba2ea3feae9759
SHA256: 714a6ef6fdf548cd6346df58ee7a901926fea3dea1e06fc82fbc6d90bd86b15a
ssdeep: 3:UNNFOhvSS8k/AHGGbnn:UvA5SS5omGbnn<BR>
PEiD..: -
TrID..: File type identification<BR>Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-

ok pour celui-là

Fichier ST6UNST.EXE reçu le 2009.08.20 18:42:35 (UTC)Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.20 -
AhnLab-V3 5.0.0.2 2009.08.20 -
AntiVir 7.9.1.3 2009.08.20 -
Antiy-AVL 2.0.3.7 2009.08.20 -
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.20 -
AVG 8.5.0.406 2009.08.20 -
BitDefender 7.2 2009.08.20 -
CAT-QuickHeal 10.00 2009.08.20 -
ClamAV 0.94.1 2009.08.20 -
Comodo 2037 2009.08.20 -
DrWeb 5.0.0.12182 2009.08.20 -
eTrust-Vet 31.6.6691 2009.08.20 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.20 -
Fortinet 3.120.0.0 2009.08.20 -
GData 19 2009.08.20 -
Ikarus T3.1.1.68.0 2009.08.20 -
Jiangmin 11.0.800 2009.08.20 -
K7AntiVirus 7.10.823 2009.08.20 -
Kaspersky 7.0.0.125 2009.08.20 -
McAfee 5715 2009.08.20 -
McAfee+Artemis 5715 2009.08.20 -
McAfee-GW-Edition 6.8.5 2009.08.20 -
Microsoft 1.4903 2009.08.20 -
NOD32 4353 2009.08.20 -
Norman 6.01.09 2009.08.20 -
nProtect 2009.1.8.0 2009.08.20 -
Panda 10.0.0.14 2009.08.20 -
PCTools 4.4.2.0 2009.08.20 -
Prevx 3.0 2009.08.20 -
Rising 21.43.34.00 2009.08.20 -
Sophos 4.44.0 2009.08.20 -
Sunbelt 3.2.1858.2 2009.08.20 -
Symantec 1.4.4.12 2009.08.20 -
TheHacker 6.3.4.3.384 2009.08.20 -
TrendMicro 8.950.0.1094 2009.08.20 -
VBA32 3.12.10.9 2009.08.20 -
ViRobot 2009.8.20.1893 2009.08.20 -
VirusBuster 4.6.5.0 2009.08.19 -

Information additionnelle
File size: 73216 bytes
MD5...: 996f83e516552ca3b51445bb994a6d38
SHA1..: 56fc6ba49195dedf735e6ce1b03ab36d72334f66
SHA256: 7e60c894a8cead6880fd3ed040504d02304a0b961304e40741340e31f5fa973d
ssdeep: 1536:hKTg6tZkYVxqdE5NLt3mZCSRCxDka6tg7N4G:IsixsE5b3mZCwC1AtgZ4G<BR>
PEiD..: InstallShield 2000
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (75.0%)<BR>Win32 Executable Generic (16.9%)<BR>Generic Win/DOS Executable (3.9%)<BR>DOS Executable Generic (3.9%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x80c0<BR>timedatestamp.....: 0x35895e6d (Thu Jun 18 18:37:33 1998)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0xa9f5 0xaa00 6.38 be72f98a15ebe8bc983139a077df8032<BR>.rdata 0xc000 0x1a52 0x1c00 5.15 c86d8eb1bd161433edaebb9900da49ad<BR>.data 0xe000 0x4678 0x2e00 1.72 be105b956c09e423dbd672cd44ddc0ba<BR>.rsrc 0x13000 0x24e0 0x2600 3.54 362a8a318293fe1f63a341f5db7fe423<BR><BR>( 7 imports ) <BR>> KERNEL32.dll: CreateFileA, ReadFile, LocalFree, SetFilePointer, LocalAlloc, GlobalDeleteAtom, Sleep, GlobalAddAtomA, GlobalFree, GlobalAlloc, IsDBCSLeadByte, GlobalLock, GlobalFindAtomA, CompareStringA, WideCharToMultiByte, WriteFile, CloseHandle, GetWindowsDirectoryA, OpenProcess, GetVersion, FreeLibrary, RemoveDirectoryA, GetLastError, DeleteFileA, FindFirstFileA, FindClose, lstrlenA, lstrcpyA, lstrcatA, lstrcmpA, lstrcpynA, MultiByteToWideChar, CreateProcessA, WaitForSingleObject, SetErrorMode, GetCurrentDirectoryA, OutputDebugStringA, LoadLibraryA, GetProcAddress, GetFileAttributesA, GlobalUnlock, VirtualAlloc, IsBadWritePtr, IsBadReadPtr, SetUnhandledExceptionFilter, VirtualFree, HeapCreate, HeapDestroy, GetFileType, GetStdHandle, SetHandleCount, GetEnvironmentStringsW, GetEnvironmentStrings, IsBadCodePtr, FreeEnvironmentStringsW, FreeEnvironmentStringsA, lstrcmpiA, GetModuleFileNameA, UnhandledExceptionFilter, GetOEMCP, GetACP, GetCPInfo, HeapAlloc, HeapFree, GetCommandLineA, GetStartupInfoA, GetModuleHandleA, GetCurrentProcess, TerminateProcess, ExitProcess, SetCurrentDirectoryA, SetEnvironmentVariableA, RtlUnwind, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW<BR>> USER32.dll: PackDDElParam, SendMessageA, DispatchMessageA, DefWindowProcA, CharNextA, DestroyWindow, UnregisterClassA, CreateWindowExA, RegisterClassA, wsprintfA, UnpackDDElParam, LoadStringA, LoadIconA, LoadCursorA, MessageBoxA, wvsprintfA, TranslateMessage, GetMessageA, SetCursor, ShowCursor, SetDlgItemTextA, SetWindowLongA, EndDialog, GetDlgItem, SetFocus, DialogBoxParamA, UpdateWindow, SetWindowTextA, InvalidateRect, CharUpperA, CharPrevA, BeginPaint, GetClientRect, DrawTextA, SetRect, EndPaint, PostQuitMessage, GetSystemMenu, EnableMenuItem, CreateDialogParamA, GetWindowRect, GetSystemMetrics, SetWindowPos, ShowWindow, PostMessageA, PeekMessageA, FillRect, SetClassLongA<BR>> GDI32.dll: CreateSolidBrush, SetROP2, Rectangle, SelectObject, SetTextColor, SetBkMode, GetStockObject, GetTextMetricsA, ExtTextOutA, CreateFontIndirectA, DeleteObject<BR>> ADVAPI32.dll: RegOpenKeyA, RegEnumValueA, RegEnumKeyA, RegDeleteKeyA, RegCloseKey, RegDeleteValueA, RegQueryValueExA, RegSetValueExA, RegCreateKeyA<BR>> SHELL32.dll: SHGetMalloc, SHGetSpecialFolderLocation, SHGetPathFromIDListA<BR>> ole32.dll: OleInitialize, OleUninitialize<BR>> OLEAUT32.dll: -<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR><BR>( Ziff-Davis Publishing Company L.P. )<BR><BR>> 3 Volume Software Library I: ST6UNST.EXE<BR><BR>( PC Utilities )<BR><BR>> PC Utilities - 510 utilities: ST6UNST.EXE<BR><BR>( Autodesk )<BR><BR>> Autodesk Map: ST6UNST.EXE<BR><BR>( Whirlwind Software )<BR><BR>> Hackers Encyclopedia 2002: ST6UNST.EXE<BR><BR>( Paraben Corporation )<BR><BR>> ftp madness: ST6UNST.EXE<BR>> Paraben Corporation Bits and Info: ST6UNST.EXE<BR><BR>( Unknown )<BR><BR>> Miscellaneous Software: ST6UNST.EXE<BR>> StegoArchive CD: ST6UNST.EXE<BR><BR>( TradeTouch.com inc. )<BR><BR>> Hard drive Tools 2003: ST6UNST.EXE,St6unst.exe<BR>> Network Toolbox 2003: ST6UNST.EXE<BR>> PC Hardware Tools 2003: ST6UNST.EXE<BR>> PC Diagnostics & Repair Tools 2003: ST6UNST.EXE<BR>> Car Hacker and Care Tools 2003: ST6UNST.EXE<BR>> Windows XP/NT Tools for Administrators: ST6UNST.EXE<BR>> WinCE Tools 2003: st6unst.exe<BR>> Game Crackers and Tools Pro: ST6UNST.EXE<BR>> Digital Camera Photography: ST6UNST.EXE<BR>> Mobile Phone Tools 2003: ST6UNST.EXE<BR><BR>( Cosmi Corporation )<BR><BR>> 225 Winning Educational Programs: ST6UNST.EXE<BR>> 300 Arcade Games: ST6UNST.EXE<BR>> 1,000 Solitare Games: ST6UNST.EXE<BR><BR>( Dark Bay Ltd. )<BR><BR>> Hackers Handbook: ST6UNST.EXE<BR><BR>( ZG Financial Corp )<BR><BR>> Hard Drives & Subsystems: ST6UNST.EXE<BR><BR>( RonsWare )<BR><BR>> Ulitimate Golf Scorecard: ST6UNST.EXE<BR><BR>( Wingear )<BR><BR>> PCHardDriveUtilities: ST6UNST.EXE<BR>> MP3 Studio Deluxe: ST6UNST.EXE<BR>> Internet Utilities: ST6UNST.EXE<BR><BR>( Next Step Publishing )<BR><BR>> Network Tools: ST6UNST.EXE<BR>> Desktop Security: ST6UNST.EXE<BR>> System Tools: ST6UNST.EXE<BR>> System Tools 2003: ST6UNST.EXE<BR><BR>( Core Publishing Inc. )<BR><BR>> Master Hacker Internet Terrorism: ST6UNST.EXE<BR><BR>( Mortgage Marketing Inc. )<BR><BR>> Mortgage Master: ST6UNST.EXE<BR><BR>( Sierra Inc. )<BR><BR>> NasCar Racing: ST6UNST.EXE<BR><BR>( Vlad Pambucol )<BR><BR>> Drive log: ST6UNST.EXE<BR><BR>( Barnes & Noble )<BR><BR>> Free Unlimited Internet Service Barnes & Nobles: ST6UNST.EXE<BR><BR>( Microsoft )<BR><BR>> Disc 2435.4: ST6UNST.EXE<BR>> Applications, Developer Tools: ST6UNST.EXE<BR>> Windows DNA XML Resource Kit: ST6UNST.EXE<BR>> MSDN Development Platform Disc 1: ST6UNST.EXE<BR>> Platforms, SDK/DDK: ST6UNST.EXE<BR>> Mobile Information Server Developer Edition: ST6UNST.EXE<BR>> MSDN Development Platform Disc 2: ST6UNST.EXE<BR>> MSDN BizTalk Server 2004 beta, BizTalk server 2002 dev. ed., MS content mgmt server, eMbedded visual C++ 4.0 with SP2, Exchange server 2000, SMS 2003: ST6UNST.EXE<BR>> MSDN Disc MSDN Index Oct 2000 IE Versions Platform SDK July 2000 Edition: ST6UNST.EXE<BR>> MSDN Disc 2427.2: ST6UNST.EXE<BR>> Developer Tools, Servers: ST6UNST.EXE<BR>> MSDN MS .NET framework 1.1 SDK, App. Center 2000 dev. ed., Commerce server 2002 dev. ed., Data Analyzer 3.5, Host Integration server 2000: ST6UNST.EXE<BR>> Exchange Server 2000: ST6UNST.EXE<BR>> SDK/DDK, Servers - Special Release: ST6UNST.EXE<BR>> Servers: ST6UNST.EXE<BR>> Platforms, SDK/DDK, Developer Tools: ST6UNST.EXE<BR>> Windows Server Resource Kit: ST6UNST.EXE<BR>> MSDN Disc 0003: ST6UNST.EXE<BR>> Windows 2000 Server Resource Kit: ST6UNST.EXE<BR>> .NET Framework SDK: ST6UNST.EXE<BR>> Windows DNA XML Resource Kit: ST6UNST.EXE<BR>> Applications, Developer Tools, Servers: ST6UNST.EXE<BR>> MSDN Disc 1016.1: ST6UNST.EXE<BR>> Microsoft Visual Basic 6.0 Learning Edition: ST6UNST.EXE<BR>> MSDN Development Platform Disc12: ST6UNST.EXE<BR>> MSDN Disc 2432.9: ST6UNST.EXE<BR>> BackOffice Server - Developers edition: ST6UNST.EXE<BR>> Exchange 2000 Enterprise Server: ST6UNST.EXE<BR>> Windows DDks: ST6UNST.EXE<BR>> MSDN Disc 2427.1: ST6UNST.EXE<BR>> Platforms, Servers, Applications: ST6UNST.EXE<BR>> MSDN Disc 2432.2: ST6UNST.EXE<BR>> Exchange 2000 Conference Server: ST6UNST.EXE<BR>> MSDN Development Platform Disc 19: ST6UNST.EXE<BR>> MSDN Disc 0727.1: ST6UNST.EXE<BR>> Microsoft Security Resource Kit: ST6UNST.EXE<BR>> MSDN Disc 0727.3: ST6UNST.EXE<BR>> MSDN Disc 0727.2: ST6UNST.EXE<BR>> MSDN Disc 2435.5: ST6UNST.EXE<BR>> Commerce Server Resource Kit: ST6UNST.EXE<BR>> MSDN Disc 2435.2: ST6UNST.EXE<BR>> MSDN Disc 2435.1: ST6UNST.EXE<BR>> MSDN Disc 0727.4: ST6UNST.EXE<BR>> Windows 2000 Server Administrators Companion: ST6UNST.EXE<BR>> MSDN Disc 2432.4: ST6UNST.EXE<BR>> MSDN Disc 0727.5: ST6UNST.EXE<BR>> MSDN Disc 2435: ST6UNST.EXE<BR>> Tahoe Server: st6unst.exe<BR>> SDKs and Tools: ST6UNST.EXE<BR>> Visual Studio Enterprise Edition: ST6UNST.EXE<BR>> Visual Basic 6.0 Prof. Edition Upgrade: St6unst.exe<BR>> Visual Basic Professional Edition: St6unst.exe<BR>> MSDN Disc 2432: ST6UNST.EXE<BR>> MSDN Disc 2085: ST6UNST.EXE<BR>> MSDN Disc 2432.7: ST6UNST.EXE<BR>> MSDN Disc 2432.12: ST6UNST.EXE<BR>> MSDN Disc 2432.10: ST6UNST.EXE<BR>> MSDN Development Platform Disc1: ST6UNST.EXE<BR>> MSDN Disc 2427.3: ST6UNST.EXE<BR>> MSDN Disc 0727: ST6UNST.EXE<BR>> MSDN Disk 2436.22: ST6UNST.EXE<BR>> MSDN Disc 2435.3: ST6UNST.EXE<BR>> BackOffice Server: ST6UNST.EXE<BR>> MSDN Disc 0527.1: ST6UNST.EXE<BR>> MSDN Disc 0526: ST6UNST.EXE<BR>> Building Interactive Entertainment and E-Commerce Content: ST6UNST.EXE<BR>> MSDN Disc 0527.2: ST6UNST.EXE<BR>> MSDN Disc 3235: ST6UNST.EXE<BR>> MSDN Disc0003: ST6UNST.EXE<BR>> MSDN Disc 2436.20: ST6UNST.EXE<BR>> MSDN MS Commerce Server 2002 Developer ed., Exchange Server 2003 Enterprise ed., Exchange Server 2003 Standard ed., Host Integration server 2000, SQL: ST6UNST.EXE<BR>> Visual Basic: St6unst.exe<BR>> MSDN Disc 2432.11: ST6UNST.EXE<BR>> MSDN Development Platform Disc1: ST6UNST.EXE<BR>> MSDN Development Platform Disc2: ST6UNST.EXE<BR>> MSDN Disc 2436.22: ST6UNST.EXE<BR><BR>( Silver Star Publishing )<BR><BR>> Guide to Hacking Software Security 2002: ST6UNST.EXE<BR><BR>( Bytesize CD-ROM Inc. )<BR><BR>> PC Maintenance: ST6UNST.EXE<BR>> CD Recorder: ST6UNST.EXE<BR><BR>
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=996f83e516552ca3b51445bb994a6d38' target='_blank'>http://www.threatexpert.com/report.aspx?md5=996f83e516552ca3b51445bb994a6d38</a>

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.20 -
AhnLab-V3 5.0.0.2 2009.08.20 -
AntiVir 7.9.1.3 2009.08.20 -
Antiy-AVL 2.0.3.7 2009.08.20 -
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.20 -
AVG 8.5.0.406 2009.08.20 -
BitDefender 7.2 2009.08.20 -
CAT-QuickHeal 10.00 2009.08.20 -
ClamAV 0.94.1 2009.08.20 -
Comodo 2037 2009.08.20 -
DrWeb 5.0.0.12182 2009.08.20 -
eTrust-Vet 31.6.6691 2009.08.20 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.20 -
Fortinet 3.120.0.0 2009.08.20 -
GData 19 2009.08.20 -
Ikarus T3.1.1.68.0 2009.08.20 -
Jiangmin 11.0.800 2009.08.20 -
K7AntiVirus 7.10.823 2009.08.20 -
Kaspersky 7.0.0.125 2009.08.20 -
McAfee 5715 2009.08.20 -
McAfee+Artemis 5715 2009.08.20 -
McAfee-GW-Edition 6.8.5 2009.08.20 -
Microsoft 1.4903 2009.08.20 -
NOD32 4353 2009.08.20 -
Norman 6.01.09 2009.08.20 -
nProtect 2009.1.8.0 2009.08.20 -
Panda 10.0.0.14 2009.08.20 -
PCTools 4.4.2.0 2009.08.20 -
Prevx 3.0 2009.08.20 -
Rising 21.43.34.00 2009.08.20 -
Sophos 4.44.0 2009.08.20 -
Sunbelt 3.2.1858.2 2009.08.20 -
Symantec 1.4.4.12 2009.08.20 -
TheHacker 6.3.4.3.384 2009.08.20 -
TrendMicro 8.950.0.1094 2009.08.20 -
VBA32 3.12.10.9 2009.08.20 -
ViRobot 2009.8.20.1893 2009.08.20 -
VirusBuster 4.6.5.0 2009.08.19 -

Information additionnelle
File size: 73216 bytes
MD5...: 996f83e516552ca3b51445bb994a6d38
SHA1..: 56fc6ba49195dedf735e6ce1b03ab36d72334f66
SHA256: 7e60c894a8cead6880fd3ed040504d02304a0b961304e40741340e31f5fa973d
ssdeep: 1536:hKTg6tZkYVxqdE5NLt3mZCSRCxDka6tg7N4G:IsixsE5b3mZCwC1AtgZ4G<BR>
PEiD..: InstallShield 2000
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (75.0%)<BR>Win32 Executable Generic (16.9%)<BR>Generic Win/DOS Executable (3.9%)<BR>DOS Executable Generic (3.9%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x80c0<BR>timedatestamp.....: 0x35895e6d (Thu Jun 18 18:37:33 1998)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0xa9f5 0xaa00 6.38 be72f98a15ebe8bc983139a077df8032<BR>.rdata 0xc000 0x1a52 0x1c00 5.15 c86d8eb1bd161433edaebb9900da49ad<BR>.data 0xe000 0x4678 0x2e00 1.72 be105b956c09e423dbd672cd44ddc0ba<BR>.rsrc 0x13000 0x24e0 0x2600 3.54 362a8a318293fe1f63a341f5db7fe423<BR><BR>( 7 imports ) <BR>> KERNEL32.dll: CreateFileA, ReadFile, LocalFree, SetFilePointer, LocalAlloc, GlobalDeleteAtom, Sleep, GlobalAddAtomA, GlobalFree, GlobalAlloc, IsDBCSLeadByte, GlobalLock, GlobalFindAtomA, CompareStringA, WideCharToMultiByte, WriteFile, CloseHandle, GetWindowsDirectoryA, OpenProcess, GetVersion, FreeLibrary, RemoveDirectoryA, GetLastError, DeleteFileA, FindFirstFileA, FindClose, lstrlenA, lstrcpyA, lstrcatA, lstrcmpA, lstrcpynA, MultiByteToWideChar, CreateProcessA, WaitForSingleObject, SetErrorMode, GetCurrentDirectoryA, OutputDebugStringA, LoadLibraryA, GetProcAddress, GetFileAttributesA, GlobalUnlock, VirtualAlloc, IsBadWritePtr, IsBadReadPtr, SetUnhandledExceptionFilter, VirtualFree, HeapCreate, HeapDestroy, GetFileType, GetStdHandle, SetHandleCount, GetEnvironmentStringsW, GetEnvironmentStrings, IsBadCodePtr, FreeEnvironmentStringsW, FreeEnvironmentStringsA, lstrcmpiA, GetModuleFileNameA, UnhandledExceptionFilter, GetOEMCP, GetACP, GetCPInfo, HeapAlloc, HeapFree, GetCommandLineA, GetStartupInfoA, GetModuleHandleA, GetCurrentProcess, TerminateProcess, ExitProcess, SetCurrentDirectoryA, SetEnvironmentVariableA, RtlUnwind, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW<BR>> USER32.dll: PackDDElParam, SendMessageA, DispatchMessageA, DefWindowProcA, CharNextA, DestroyWindow, UnregisterClassA, CreateWindowExA, RegisterClassA, wsprintfA, UnpackDDElParam, LoadStringA, LoadIconA, LoadCursorA, MessageBoxA, wvsprintfA, TranslateMessage, GetMessageA, SetCursor, ShowCursor, SetDlgItemTextA, SetWindowLongA, EndDialog, GetDlgItem, SetFocus, DialogBoxParamA, UpdateWindow, SetWindowTextA, InvalidateRect, CharUpperA, CharPrevA, BeginPaint, GetClientRect, DrawTextA, SetRect, EndPaint, PostQuitMessage, GetSystemMenu, EnableMenuItem, CreateDialogParamA, GetWindowRect, GetSystemMetrics, SetWindowPos, ShowWindow, PostMessageA, PeekMessageA, FillRect, SetClassLongA<BR>> GDI32.dll: CreateSolidBrush, SetROP2, Rectangle, SelectObject, SetTextColor, SetBkMode, GetStockObject, GetTextMetricsA, ExtTextOutA, CreateFontIndirectA, DeleteObject<BR>> ADVAPI32.dll: RegOpenKeyA, RegEnumValueA, RegEnumKeyA, RegDeleteKeyA, RegCloseKey, RegDeleteValueA, RegQueryValueExA, RegSetValueExA, RegCreateKeyA<BR>> SHELL32.dll: SHGetMalloc, SHGetSpecialFolderLocation, SHGetPathFromIDListA<BR>> ole32.dll: OleInitialize, OleUninitialize<BR>> OLEAUT32.dll: -<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR><BR>( Ziff-Davis Publishing Company L.P. )<BR><BR>> 3 Volume Software Library I: ST6UNST.EXE<BR><BR>( PC Utilities )<BR><BR>> PC Utilities - 510 utilities: ST6UNST.EXE<BR><BR>( Autodesk )<BR><BR>> Autodesk Map: ST6UNST.EXE<BR><BR>( Whirlwind Software )<BR><BR>> Hackers Encyclopedia 2002: ST6UNST.EXE<BR><BR>( Paraben Corporation )<BR><BR>> ftp madness: ST6UNST.EXE<BR>> Paraben Corporation Bits and Info: ST6UNST.EXE<BR><BR>( Unknown )<BR><BR>> Miscellaneous Software: ST6UNST.EXE<BR>> StegoArchive CD: ST6UNST.EXE<BR><BR>( TradeTouch.com inc. )<BR><BR>> Hard drive Tools 2003: ST6UNST.EXE,St6unst.exe<BR>> Network Toolbox 2003: ST6UNST.EXE<BR>> PC Hardware Tools 2003: ST6UNST.EXE<BR>> PC Diagnostics & Repair Tools 2003: ST6UNST.EXE<BR>> Car Hacker and Care Tools 2003: ST6UNST.EXE<BR>> Windows XP/NT Tools for Administrators: ST6UNST.EXE<BR>> WinCE Tools 2003: st6unst.exe<BR>> Game Crackers and Tools Pro: ST6UNST.EXE<BR>> Digital Camera Photography: ST6UNST.EXE<BR>> Mobile Phone Tools 2003: ST6UNST.EXE<BR><BR>( Cosmi Corporation )<BR><BR>> 225 Winning Educational Programs: ST6UNST.EXE<BR>> 300 Arcade Games: ST6UNST.EXE<BR>> 1,000 Solitare Games: ST6UNST.EXE<BR><BR>( Dark Bay Ltd. )<BR><BR>> Hackers Handbook: ST6UNST.EXE<BR><BR>( ZG Financial Corp )<BR><BR>> Hard Drives & Subsystems: ST6UNST.EXE<BR><BR>( RonsWare )<BR><BR>> Ulitimate Golf Scorecard: ST6UNST.EXE<BR><BR>( Wingear )<BR><BR>> PCHardDriveUtilities: ST6UNST.EXE<BR>> MP3 Studio Deluxe: ST6UNST.EXE<BR>> Internet Utilities: ST6UNST.EXE<BR><BR>( Next Step Publishing )<BR><BR>> Network Tools: ST6UNST.EXE<BR>> Desktop Security: ST6UNST.EXE<BR>> System Tools: ST6UNST.EXE<BR>> System Tools 2003: ST6UNST.EXE<BR><BR>( Core Publishing Inc. )<BR><BR>> Master Hacker Internet Terrorism: ST6UNST.EXE<BR><BR>( Mortgage Marketing Inc. )<BR><BR>> Mortgage Master: ST6UNST.EXE<BR><BR>( Sierra Inc. )<BR><BR>> NasCar Racing: ST6UNST.EXE<BR><BR>( Vlad Pambucol )<BR><BR>> Drive log: ST6UNST.EXE<BR><BR>( Barnes & Noble )<BR><BR>> Free Unlimited Internet Service Barnes & Nobles: ST6UNST.EXE<BR><BR>( Microsoft )<BR><BR>> Disc 2435.4: ST6UNST.EXE<BR>> Applications, Developer Tools: ST6UNST.EXE<BR>> Windows DNA XML Resource Kit: ST6UNST.EXE<BR>> MSDN Development Platform Disc 1: ST6UNST.EXE<BR>> Platforms, SDK/DDK: ST6UNST.EXE<BR>> Mobile Information Server Developer Edition: ST6UNST.EXE<BR>> MSDN Development Platform Disc 2: ST6UNST.EXE<BR>> MSDN BizTalk Server 2004 beta, BizTalk server 2002 dev. ed., MS content mgmt server, eMbedded visual C++ 4.0 with SP2, Exchange server 2000, SMS 2003: ST6UNST.EXE<BR>> MSDN Disc MSDN Index Oct 2000 IE Versions Platform SDK July 2000 Edition: ST6UNST.EXE<BR>> MSDN Disc 2427.2: ST6UNST.EXE<BR>> Developer Tools, Servers: ST6UNST.EXE<BR>> MSDN MS .NET framework 1.1 SDK, App. Center 2000 dev. ed., Commerce server 2002 dev. ed., Data Analyzer 3.5, Host Integration server 2000: ST6UNST.EXE<BR>> Exchange Server 2000: ST6UNST.EXE<BR>> SDK/DDK, Servers - Special Release: ST6UNST.EXE<BR>> Servers: ST6UNST.EXE<BR>> Platforms, SDK/DDK, Developer Tools: ST6UNST.EXE<BR>> Windows Server Resource Kit: ST6UNST.EXE<BR>> MSDN Disc 0003: ST6UNST.EXE<BR>> Windows 2000 Server Resource Kit: ST6UNST.EXE<BR>> .NET Framework SDK: ST6UNST.EXE<BR>> Windows DNA XML Resource Kit: ST6UNST.EXE<BR>> Applications, Developer Tools, Servers: ST6UNST.EXE<BR>> MSDN Disc 1016.1: ST6UNST.EXE<BR>> Microsoft Visual Basic 6.0 Learning Edition: ST6UNST.EXE<BR>> MSDN Development Platform Disc12: ST6UNST.EXE<BR>> MSDN Disc 2432.9: ST6UNST.EXE<BR>> BackOffice Server - Developers edition: ST6UNST.EXE<BR>> Exchange 2000 Enterprise Server: ST6UNST.EXE<BR>> Windows DDks: ST6UNST.EXE<BR>> MSDN Disc 2427.1: ST6UNST.EXE<BR>> Platforms, Servers, Applications: ST6UNST.EXE<BR>> MSDN Disc 2432.2: ST6UNST.EXE<BR>> Exchange 2000 Conference Server: ST6UNST.EXE<BR>> MSDN Development Platform Disc 19: ST6UNST.EXE<BR>> MSDN Disc 0727.1: ST6UNST.EXE<BR>> Microsoft Security Resource Kit: ST6UNST.EXE<BR>> MSDN Disc 0727.3: ST6UNST.EXE<BR>> MSDN Disc 0727.2: ST6UNST.EXE<BR>> MSDN Disc 2435.5: ST6UNST.EXE<BR>> Commerce Server Resource Kit: ST6UNST.EXE<BR>> MSDN Disc 2435.2: ST6UNST.EXE<BR>> MSDN Disc 2435.1: ST6UNST.EXE<BR>> MSDN Disc 0727.4: ST6UNST.EXE<BR>> Windows 2000 Server Administrators Companion: ST6UNST.EXE<BR>> MSDN Disc 2432.4: ST6UNST.EXE<BR>> MSDN Disc 0727.5: ST6UNST.EXE<BR>> MSDN Disc 2435: ST6UNST.EXE<BR>> Tahoe Server: st6unst.exe<BR>> SDKs and Tools: ST6UNST.EXE<BR>> Visual Studio Enterprise Edition: ST6UNST.EXE<BR>> Visual Basic 6.0 Prof. Edition Upgrade: St6unst.exe<BR>> Visual Basic Professional Edition: St6unst.exe<BR>> MSDN Disc 2432: ST6UNST.EXE<BR>> MSDN Disc 2085: ST6UNST.EXE<BR>> MSDN Disc 2432.7: ST6UNST.EXE<BR>> MSDN Disc 2432.12: ST6UNST.EXE<BR>> MSDN Disc 2432.10: ST6UNST.EXE<BR>> MSDN Development Platform Disc1: ST6UNST.EXE<BR>> MSDN Disc 2427.3: ST6UNST.EXE<BR>> MSDN Disc 0727: ST6UNST.EXE<BR>> MSDN Disk 2436.22: ST6UNST.EXE<BR>> MSDN Disc 2435.3: ST6UNST.EXE<BR>> BackOffice Server: ST6UNST.EXE<BR>> MSDN Disc 0527.1: ST6UNST.EXE<BR>> MSDN Disc 0526: ST6UNST.EXE<BR>> Building Interactive Entertainment and E-Commerce Content: ST6UNST.EXE<BR>> MSDN Disc 0527.2: ST6UNST.EXE<BR>> MSDN Disc 3235: ST6UNST.EXE<BR>> MSDN Disc0003: ST6UNST.EXE<BR>> MSDN Disc 2436.20: ST6UNST.EXE<BR>> MSDN MS Commerce Server 2002 Developer ed., Exchange Server 2003 Enterprise ed., Exchange Server 2003 Standard ed., Host Integration server 2000, SQL: ST6UNST.EXE<BR>> Visual Basic: St6unst.exe<BR>> MSDN Disc 2432.11: ST6UNST.EXE<BR>> MSDN Development Platform Disc1: ST6UNST.EXE<BR>> MSDN Development Platform Disc2: ST6UNST.EXE<BR>> MSDN Disc 2436.22: ST6UNST.EXE<BR><BR>( Silver Star Publishing )<BR><BR>> Guide to Hacking Software Security 2002: ST6UNST.EXE<BR><BR>( Bytesize CD-ROM Inc. )<BR><BR>> PC Maintenance: ST6UNST.EXE<BR>> CD Recorder: ST6UNST.EXE<BR><BR>
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=996f83e516552ca3b51445bb994a6d38' target='_blank'>http://www.threatexpert.com/report.aspx?md5=996f83e516552ca3b51445bb994a6d38</a>

Fichier Setup1.exe reçu le 2009.08.20 18:42:05 (UTC)Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.20 -
AhnLab-V3 5.0.0.2 2009.08.20 -
AntiVir 7.9.1.3 2009.08.20 -
Antiy-AVL 2.0.3.7 2009.08.20 -
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.20 -
AVG 8.5.0.406 2009.08.20 -
BitDefender 7.2 2009.08.20 -
CAT-QuickHeal 10.00 2009.08.20 -
ClamAV 0.94.1 2009.08.20 -
Comodo 2037 2009.08.20 -
DrWeb 5.0.0.12182 2009.08.20 -
eSafe 7.0.17.0 2009.08.20 -
eTrust-Vet 31.6.6691 2009.08.20 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.20 -
Fortinet 3.120.0.0 2009.08.20 -
GData 19 2009.08.20 -
Ikarus T3.1.1.68.0 2009.08.20 -
Jiangmin 11.0.800 2009.08.20 -
K7AntiVirus 7.10.823 2009.08.20 -
Kaspersky 7.0.0.125 2009.08.20 -
McAfee 5715 2009.08.20 -
McAfee+Artemis 5715 2009.08.20 -
McAfee-GW-Edition 6.8.5 2009.08.20 -
Microsoft 1.4903 2009.08.20 -
NOD32 4353 2009.08.20 -
Norman 6.01.09 2009.08.20 -
nProtect 2009.1.8.0 2009.08.20 -
Panda 10.0.0.14 2009.08.20 -
PCTools 4.4.2.0 2009.08.20 -
Prevx 3.0 2009.08.20 -
Rising 21.43.34.00 2009.08.20 -
Sophos 4.44.0 2009.08.20 -
Sunbelt 3.2.1858.2 2009.08.20 -
Symantec 1.4.4.12 2009.08.20 -
TheHacker 6.3.4.3.384 2009.08.20 -
TrendMicro 8.950.0.1094 2009.08.20 -
VBA32 3.12.10.9 2009.08.20 -
ViRobot 2009.8.20.1893 2009.08.20 -
VirusBuster 4.6.5.0 2009.08.19 -

Information additionnelle
File size: 286720 bytes
MD5   : b941549d8f8167cc573c460ae20ba5ea
SHA1  : f1fb5952beef486d116a525d2655695050fd04a9
SHA256: bbb7d06b0bc43049515471a78a458b6ce67684b3b63e75a2d40a535edd3908ea
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x3E94<BR>timedatestamp.....: 0x4922F263 (Tue Nov 18 17:50:43 2008)<BR>machinetype.......: 0x14C (Intel I386)<BR><BR>( 3 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x3DDA4 0x3E000 6.01 b214f9956a9b35e7de39564377303004<BR>.data 0x3F000 0x4D54 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110<BR>.rsrc 0x44000 0x5958 0x6000 3.37 cce7a5a53091dd27705c59d7bdf405ea<BR><BR>( 1 imports )<BR><BR>> msvbvm60.dll: __vbaVarTextTstLe, __vbaVarSub, __vbaStrI2, _CIcos, _adj_fptan, __vbaVarMove, __vbaStrI4, __vbaVarVargNofree, __vbaFreeVar, __vbaLineInputStr, __vbaGosubReturn, -, __vbaStrVarMove, __vbaLenBstr, -, -, __vbaFreeVarList, _adj_fdiv_m64, __vbaFreeObjList, -, _adj_fprem1, __vbaRecAnsiToUni, -, -, __vbaCopyBytes, __vbaResume, __vbaStrCat, __vbaLsetFixstr, -, __vbaVarTextTstEq, __vbaSetSystemError, __vbaRecDestruct, __vbaNameFile, __vbaHresultCheckObj, __vbaLenVar, _adj_fdiv_m32, -, __vbaAryDestruct, __vbaLateMemSt, -, __vbaForEachCollObj, __vbaBoolStr, __vbaExitProc, __vbaFileCloseAll, -, __vbaCyAdd, __vbaOnError, __vbaObjSet, _adj_fdiv_m16i, -, __vbaObjSetAddref, _adj_fdivr_m16i, -, __vbaStrFixstr, __vbaBoolVar, -, __vbaForEachCollVar, -, __vbaStrTextCmp, -, __vbaBoolVarNull, _CIsin, -, __vbaErase, __vbaVarCmpGt, __vbaLateMemStAd, __vbaNextEachCollObj, -, -, __vbaVarZero, __vbaChkstk, __vbaGosubFree, __vbaFileClose, -, EVENT_SINK_AddRef, -, -, __vbaGenerateBoundsError, __vbaStrCmp, __vbaCyI2, -, __vbaCyI4, __vbaObjVar, __vbaNextEachCollVar, __vbaPrintObj, __vbaI2I4, DllFunctionCall, __vbaVarOr, __vbaVarLateMemSt, __vbaLbound, __vbaRedimPreserve, _adj_fpatan, __vbaR4Var, __vbaLateIdCallLd, __vbaRedim, __vbaRecUniToAnsi, EVENT_SINK_Release, __vbaNew, -, __vbaVarTextTstNe, __vbaUI1I2, _CIsqrt, __vbaVarAnd, EVENT_SINK_QueryInterface, __vbaFpCmpCy, __vbaVarTextCmpEq, __vbaVarMul, __vbaExceptHandler, __vbaPrintFile, __vbaStrToUnicode, -, _adj_fprem, _adj_fdivr_m64, __vbaGosub, -, __vbaI2Str, __vbaVarDiv, -, -, -, __vbaFPException, __vbaInStrVar, -, -, __vbaStrVarVal, __vbaUbound, -, -, __vbaVarCat, __vbaDateVar, __vbaI2Var, -, -, -, _CIlog, -, __vbaErrorOverflow, __vbaFileOpen, -, -, __vbaInStr, __vbaNew2, -, __vbaCyMulI2, _adj_fdiv_m32i, -, _adj_fdivr_m32i, -, __vbaStrCopy, -, __vbaFreeStrList, -, __vbaDerefAry1, __vbaVarTextTstGt, _adj_fdivr_m32, __vbaPowerR8, -, _adj_fdiv_r, -, -, -, -, __vbaI4Var, __vbaAryLock, __vbaLateMemCall, __vbaVarAdd, __vbaVarDup, __vbaStrToAnsi, -, __vbaFpI2, -, __vbaFpI4, __vbaVarCopy, __vbaVarLateMemCallLd, -, __vbaLateMemCallLd, _CIatan, -, __vbaStrMove, __vbaCastObj, __vbaStrVarCopy, -, -, _allmul, __vbaLenVarB, __vbaLateIdSt, -, __vbaVarTextCmpNe, _CItan, -, __vbaAryUnlock, __vbaFPInt, _CIexp, __vbaMidStmtBstr, -, __vbaFreeStr, __vbaFreeObj, -<BR><BR>( 0 exports )<BR>
TrID  : File type identification<BR>Win32 Executable Microsoft Visual Basic 6 (68.5%)<BR>Win32 Executable MS Visual C++ (generic) (20.5%)<BR>Win32 Executable Generic (4.6%)<BR>Win32 Dynamic Link Library (generic) (4.1%)<BR>Generic Win/DOS Executable (1.0%)
ssdeep: 6144:iTxCa82WzGsomiviXHW1gh1YpnopuCzbujoe:A3WzYZqgpnLo
PEiD  : -
RDS   : NSRL Reference Data Set<BR>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.20 -
AhnLab-V3 5.0.0.2 2009.08.20 -
AntiVir 7.9.1.3 2009.08.20 -
Antiy-AVL 2.0.3.7 2009.08.20 -
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.20 -
AVG 8.5.0.406 2009.08.20 -
BitDefender 7.2 2009.08.20 -
CAT-QuickHeal 10.00 2009.08.20 -
ClamAV 0.94.1 2009.08.20 -
Comodo 2037 2009.08.20 -
DrWeb 5.0.0.12182 2009.08.20 -
eSafe 7.0.17.0 2009.08.20 -
eTrust-Vet 31.6.6691 2009.08.20 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.20 -
Fortinet 3.120.0.0 2009.08.20 -
GData 19 2009.08.20 -
Ikarus T3.1.1.68.0 2009.08.20 -
Jiangmin 11.0.800 2009.08.20 -
K7AntiVirus 7.10.823 2009.08.20 -
Kaspersky 7.0.0.125 2009.08.20 -
McAfee 5715 2009.08.20 -
McAfee+Artemis 5715 2009.08.20 -
McAfee-GW-Edition 6.8.5 2009.08.20 -
Microsoft 1.4903 2009.08.20 -
NOD32 4353 2009.08.20 -
Norman 6.01.09 2009.08.20 -
nProtect 2009.1.8.0 2009.08.20 -
Panda 10.0.0.14 2009.08.20 -
PCTools 4.4.2.0 2009.08.20 -
Prevx 3.0 2009.08.20 -
Rising 21.43.34.00 2009.08.20 -
Sophos 4.44.0 2009.08.20 -
Sunbelt 3.2.1858.2 2009.08.20 -
Symantec 1.4.4.12 2009.08.20 -
TheHacker 6.3.4.3.384 2009.08.20 -
TrendMicro 8.950.0.1094 2009.08.20 -
VBA32 3.12.10.9 2009.08.20 -
ViRobot 2009.8.20.1893 2009.08.20 -
VirusBuster 4.6.5.0 2009.08.19 -

Information additionnelle
File size: 286720 bytes
MD5   : b941549d8f8167cc573c460ae20ba5ea
SHA1  : f1fb5952beef486d116a525d2655695050fd04a9
SHA256: bbb7d06b0bc43049515471a78a458b6ce67684b3b63e75a2d40a535edd3908ea
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x3E94<BR>timedatestamp.....: 0x4922F263 (Tue Nov 18 17:50:43 2008)<BR>machinetype.......: 0x14C (Intel I386)<BR><BR>( 3 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x3DDA4 0x3E000 6.01 b214f9956a9b35e7de39564377303004<BR>.data 0x3F000 0x4D54 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110<BR>.rsrc 0x44000 0x5958 0x6000 3.37 cce7a5a53091dd27705c59d7bdf405ea<BR><BR>( 1 imports )<BR><BR>> msvbvm60.dll: __vbaVarTextTstLe, __vbaVarSub, __vbaStrI2, _CIcos, _adj_fptan, __vbaVarMove, __vbaStrI4, __vbaVarVargNofree, __vbaFreeVar, __vbaLineInputStr, __vbaGosubReturn, -, __vbaStrVarMove, __vbaLenBstr, -, -, __vbaFreeVarList, _adj_fdiv_m64, __vbaFreeObjList, -, _adj_fprem1, __vbaRecAnsiToUni, -, -, __vbaCopyBytes, __vbaResume, __vbaStrCat, __vbaLsetFixstr, -, __vbaVarTextTstEq, __vbaSetSystemError, __vbaRecDestruct, __vbaNameFile, __vbaHresultCheckObj, __vbaLenVar, _adj_fdiv_m32, -, __vbaAryDestruct, __vbaLateMemSt, -, __vbaForEachCollObj, __vbaBoolStr, __vbaExitProc, __vbaFileCloseAll, -, __vbaCyAdd, __vbaOnError, __vbaObjSet, _adj_fdiv_m16i, -, __vbaObjSetAddref, _adj_fdivr_m16i, -, __vbaStrFixstr, __vbaBoolVar, -, __vbaForEachCollVar, -, __vbaStrTextCmp, -, __vbaBoolVarNull, _CIsin, -, __vbaErase, __vbaVarCmpGt, __vbaLateMemStAd, __vbaNextEachCollObj, -, -, __vbaVarZero, __vbaChkstk, __vbaGosubFree, __vbaFileClose, -, EVENT_SINK_AddRef, -, -, __vbaGenerateBoundsError, __vbaStrCmp, __vbaCyI2, -, __vbaCyI4, __vbaObjVar, __vbaNextEachCollVar, __vbaPrintObj, __vbaI2I4, DllFunctionCall, __vbaVarOr, __vbaVarLateMemSt, __vbaLbound, __vbaRedimPreserve, _adj_fpatan, __vbaR4Var, __vbaLateIdCallLd, __vbaRedim, __vbaRecUniToAnsi, EVENT_SINK_Release, __vbaNew, -, __vbaVarTextTstNe, __vbaUI1I2, _CIsqrt, __vbaVarAnd, EVENT_SINK_QueryInterface, __vbaFpCmpCy, __vbaVarTextCmpEq, __vbaVarMul, __vbaExceptHandler, __vbaPrintFile, __vbaStrToUnicode, -, _adj_fprem, _adj_fdivr_m64, __vbaGosub, -, __vbaI2Str, __vbaVarDiv, -, -, -, __vbaFPException, __vbaInStrVar, -, -, __vbaStrVarVal, __vbaUbound, -, -, __vbaVarCat, __vbaDateVar, __vbaI2Var, -, -, -, _CIlog, -, __vbaErrorOverflow, __vbaFileOpen, -, -, __vbaInStr, __vbaNew2, -, __vbaCyMulI2, _adj_fdiv_m32i, -, _adj_fdivr_m32i, -, __vbaStrCopy, -, __vbaFreeStrList, -, __vbaDerefAry1, __vbaVarTextTstGt, _adj_fdivr_m32, __vbaPowerR8, -, _adj_fdiv_r, -, -, -, -, __vbaI4Var, __vbaAryLock, __vbaLateMemCall, __vbaVarAdd, __vbaVarDup, __vbaStrToAnsi, -, __vbaFpI2, -, __vbaFpI4, __vbaVarCopy, __vbaVarLateMemCallLd, -, __vbaLateMemCallLd, _CIatan, -, __vbaStrMove, __vbaCastObj, __vbaStrVarCopy, -, -, _allmul, __vbaLenVarB, __vbaLateIdSt, -, __vbaVarTextCmpNe, _CItan, -, __vbaAryUnlock, __vbaFPInt, _CIexp, __vbaMidStmtBstr, -, __vbaFreeStr, __vbaFreeObj, -<BR><BR>( 0 exports )<BR>
TrID  : File type identification<BR>Win32 Executable Microsoft Visual Basic 6 (68.5%)<BR>Win32 Executable MS Visual C++ (generic) (20.5%)<BR>Win32 Executable Generic (4.6%)<BR>Win32 Dynamic Link Library (generic) (4.1%)<BR>Generic Win/DOS Executable (1.0%)
ssdeep: 6144:iTxCa82WzGsomiviXHW1gh1YpnopuCzbujoe:A3WzYZqgpnLo
PEiD  : -
RDS   : NSRL Reference Data Set<BR>-

Le dernier est long mais ca arrive.... Alors ca donne quoi pour l'instant ?

▶ Double clic sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous Customs Scans/Fixes :

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:OTL
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:3E2028C8


:reg
[HKEY_USERS\S-1-5-21-366844691-4290838981-367203893-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=-

:files
C:\Windows\System32\reg.exe
C:\Windows\System32\actskin4.ocx

:commands
[emptytemp]
[reboot]


▶ Clique sur RunFix pour lancer la suppression.


▶ Poste le rapport.

ensuite :

▶ Passer de Avast à AntiVir :

▶ Télécharge Désinstalleur d'Avast!.

▶ redemarre en mode sans echec :

Comment aller en Mode sans échec
1) Redémarres ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)


▶ Désinstalle via Ajout/Suppression de Programmes (si présents) :

* Avast!


▶ ensuite execute le desinstaller

Ceci effacera la majorité des traces du produit Avast! d'Alwil Software.

▶ redemarre

▶ Télécharge Ccleaner sur ton Bureau. :

▶ Clique sur "download the latest version"
▶ Installe-le en laissant seulement les options suivantes cochées :

- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner

▶ Lance le Nettoyage
▶ Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

plus de precision sur la configuration de ccleaner te seront donnees plus tard


tuto Comment utiliser CCleaner.
***************

▶ Télécharge Antivir en Francais ou Antivir en Francais sur ton Bureau.:



▶ Double clique sur l'exécutable téléchargé pour lancer l'installation.
▶ À la fin de l'installation, clique sur Finish.
▶ Ouvre Antivir, assure-toi qu’il soit bien à jour !
▶ Dans l'onglet Protection Locale, choisis Contrôler.
▶ Active la recherche de rootkits via le + de Recherche de Rootkits, puis dans Sélection manuelle, coche tout (tes partitions de disque dur).
▶ Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
▶ Poste moi le rapport généré : Pour cela, clique sur l'onglet Aperçu, puis choisis Rapports, tu trouveras son rapport..
▶ Sélectionne le rapport et clique sur l'icône "Afficher le fichier de rapport du rapport sélectionné.


▶ Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

Pourquoi changer ? :Avast Vs Antivir

Tuto de configuration en vidéo (Merci Nico)

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
ADS C:\ProgramData\TEMP:3E2028C8 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-21-366844691-4290838981-367203893-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
========== FILES ==========
File move failed. C:\Windows\System32\reg.exe scheduled to be moved on reboot.
C:\Windows\System32\actskin4.ocx unregistered successfully.
C:\Windows\System32\actskin4.ocx moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Diamanka
->Temp folder emptied: 1573456 bytes
->Temporary Internet Files folder emptied: 138828722 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
Windows Temp folder emptied: 7958 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 133,91 mb


OTL by OldTimer - Version 3.0.10.7 log created on 08202009_210206

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\reg.exe scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Fichier Pref34.D1l reçu le 2009.08.20 18:27:10 (UTC)Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.20 -
AhnLab-V3 5.0.0.2 2009.08.20 -
AntiVir 7.9.1.3 2009.08.20 -
Antiy-AVL 2.0.3.7 2009.08.20 -
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.20 -
AVG 8.5.0.406 2009.08.20 -
BitDefender 7.2 2009.08.20 -
CAT-QuickHeal 10.00 2009.08.20 -
ClamAV 0.94.1 2009.08.20 -
Comodo 2013 2009.08.20 -
DrWeb 5.0.0.12182 2009.08.20 -
eSafe 7.0.17.0 2009.08.20 -
eTrust-Vet 31.6.6691 2009.08.20 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.20 -
Fortinet 3.120.0.0 2009.08.20 -
GData 19 2009.08.20 -
Ikarus T3.1.1.68.0 2009.08.20 -
Jiangmin 11.0.800 2009.08.20 -
K7AntiVirus 7.10.823 2009.08.20 -
Kaspersky 7.0.0.125 2009.08.20 -
McAfee 5715 2009.08.20 -
McAfee+Artemis 5715 2009.08.20 -
McAfee-GW-Edition 6.8.5 2009.08.20 -
Microsoft 1.4903 2009.08.20 -
NOD32 4353 2009.08.20 -
Norman 2009.08.20 -
nProtect 2009.1.8.0 2009.08.20 -
Panda 10.0.0.14 2009.08.20 -
PCTools 4.4.2.0 2009.08.20 -
Prevx 3.0 2009.08.20 -
Rising 21.43.34.00 2009.08.20 -
Sophos 4.44.0 2009.08.20 -
Sunbelt 3.2.1858.2 2009.08.20 -
Symantec 1.4.4.12 2009.08.20 -
TheHacker 6.3.4.3.384 2009.08.20 -
TrendMicro 8.950.0.1094 2009.08.20 -
VBA32 3.12.10.9 2009.08.20 -
ViRobot 2009.8.20.1893 2009.08.20 -
VirusBuster 4.6.5.0 2009.08.19 -

Information additionnelle
File size: 25 bytes
MD5   : 9d07fce28434db954a1693bdcd06d545
SHA1  : de3bbfe130ffeeef53320e56eaf897a105a97d0f
SHA256: 7cb297841668e2d87e460f1a65617ee8c2d52d01a2ba1681da25614e0730a77b
TrID  : File type identification<BR>Unknown!
ssdeep: 3:s08jXU:s3jXU
PEiD  : -
RDS   : NSRL Reference Data Set<BR>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.20 -
AhnLab-V3 5.0.0.2 2009.08.20 -
AntiVir 7.9.1.3 2009.08.20 -
Antiy-AVL 2.0.3.7 2009.08.20 -
Authentium 5.1.2.4 2009.08.19 -
Avast 4.8.1335.0 2009.08.20 -
AVG 8.5.0.406 2009.08.20 -
BitDefender 7.2 2009.08.20 -
CAT-QuickHeal 10.00 2009.08.20 -
ClamAV 0.94.1 2009.08.20 -
Comodo 2013 2009.08.20 -
DrWeb 5.0.0.12182 2009.08.20 -
eSafe 7.0.17.0 2009.08.20 -
eTrust-Vet 31.6.6691 2009.08.20 -
F-Prot 4.4.4.56 2009.08.19 -
F-Secure 8.0.14470.0 2009.08.20 -
Fortinet 3.120.0.0 2009.08.20 -
GData 19 2009.08.20 -
Ikarus T3.1.1.68.0 2009.08.20 -
Jiangmin 11.0.800 2009.08.20 -
K7AntiVirus 7.10.823 2009.08.20 -
Kaspersky 7.0.0.125 2009.08.20 -
McAfee 5715 2009.08.20 -
McAfee+Artemis 5715 2009.08.20 -
McAfee-GW-Edition 6.8.5 2009.08.20 -
Microsoft 1.4903 2009.08.20 -
NOD32 4353 2009.08.20 -
Norman 2009.08.20 -
nProtect 2009.1.8.0 2009.08.20 -
Panda 10.0.0.14 2009.08.20 -
PCTools 4.4.2.0 2009.08.20 -
Prevx 3.0 2009.08.20 -
Rising 21.43.34.00 2009.08.20 -
Sophos 4.44.0 2009.08.20 -
Sunbelt 3.2.1858.2 2009.08.20 -
Symantec 1.4.4.12 2009.08.20 -
TheHacker 6.3.4.3.384 2009.08.20 -
TrendMicro 8.950.0.1094 2009.08.20 -
VBA32 3.12.10.9 2009.08.20 -
ViRobot 2009.8.20.1893 2009.08.20 -
VirusBuster 4.6.5.0 2009.08.19 -

Information additionnelle
File size: 25 bytes
MD5   : 9d07fce28434db954a1693bdcd06d545
SHA1  : de3bbfe130ffeeef53320e56eaf897a105a97d0f
SHA256: 7cb297841668e2d87e460f1a65617ee8c2d52d01a2ba1681da25614e0730a77b
TrID  : File type identification<BR>Unknown!
ssdeep: 3:s08jXU:s3jXU
PEiD  : -
RDS   : NSRL Reference Data Set<BR>-

bien j attends la suite