Sujet Précédent Sujet Suivant

Impossible d'enlever des virus

Résolu/Fermé
erick38270 Messages postés 67 Date d'inscription lundi 20 octobre 2008 Statut Membre Dernière intervention 10 mars 2009 - 20 oct. 2008 à 07:06
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 29 oct. 2008 à 07:58
Bonjour,
j'ai des virus que je ne peu enlever, de plus j'ai pleins d'erreures quand je veux mettre des programmes comme AVG, il ne veut pas les installer.

J'ai fais une recherche, mais je ne trouve pas le fichier dans mon ordi.

Je ne suis pas un pro

help
A voir également:

110 réponses

Réponse 1 / 110
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
21 oct. 2008 à 14:01
Salut,

il y a une chose que je déteste, ce sont les gens qui crient au secouirs et qui ne sont même pas capbles de lire ce que on leur envoye.

Dans ma signature il est écrit : Faites ce que l'on vous demande, ni plus, ni moins.

Au post 1 j'ai demandé RSIT et Poste le contenu de log.txt

En réponse, j'ai inf.txt et un rapport MBAM que je n'ai pas demandé.

Tu fais ce que je demande, rien de plus ou tu te débrouilles sans moi.

1
Réponse 2 / 110
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
22 oct. 2008 à 12:27
Salut,

belle collection !!!

Y compris de logiciels de sécurité. Tu fais partie des gens qui confient aux cambrioleurs le soin de protéger leur fortune.

Tu supprimes tout ça.
1
Réponse 3 / 110
erick38270 Messages postés 67 Date d'inscription lundi 20 octobre 2008 Statut Membre Dernière intervention 10 mars 2009
22 oct. 2008 à 12:30
salut,

Je supprime quoi?
1
Réponse 4 / 110
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
20 oct. 2008 à 07:07
Binjour,

fais ceci :

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 110
erick38270 Messages postés 67 Date d'inscription lundi 20 octobre 2008 Statut Membre Dernière intervention 10 mars 2009
21 oct. 2008 à 12:56
Bonjour!

Help, les virus ce mettent de partous meme quand je mes un clef usb.
je ne peu meme pas passer en mode sans echec.

SVP aidé moi.
0
Réponse 6 / 110
erick38270 Messages postés 67 Date d'inscription lundi 20 octobre 2008 Statut Membre Dernière intervention 10 mars 2009
21 oct. 2008 à 12:58
info.txt logfile of random's system information tool 1.04 2008-10-20 07:13:19

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Professional-->C:\PROGRA~1\Lavasoft\AD-AWA~2\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\INSTALL.LOG
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Agere Systems PCI Soft Modem-->agrsmdel
Agnitum Outpost Firewall Pro-->"C:\Program Files\Agnitum\Outpost Firewall\unins000.exe"
Alice Auto-diagnostic-->C:\Program Files\TechCity Solutions\AliceSAV\uninstall.exe
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AquaBuild version Beta-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\AquaBuild Beta\ST6UNST.LOG"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CA Yahoo! Anti-Spy (remove only)-->"C:\Program Files\CA Yahoo! Anti-Spy\uninstall.exe"
CamStudio 2.0 Fr-->"C:\Program Files\eMule\CamStudio\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Desktop Smiley Toolbar-->"C:\Documents and Settings\All Users\Application Data\{1088AB07-27EA-4156-B080-B1715080124B}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
Desktop Smiley Toolbar-->C:\Documents and Settings\All Users\Application Data\{1088AB07-27EA-4156-B080-B1715080124B}\Setup.exe
DialMessenger v2.13-->C:\Program Files\DialMessenger/uninstall.exe
DivX Author 1.5-->C:\Program Files\DivX\DivX Author 1.5\DivXAuthorUninstall.exe /DIVX_AUTHOR
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Favorit-->"c:\documents and settings\erick\local settings\application data\nqhsah.exe" -uninstall
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
FunProgrammer USB 1.35-->"C:\Program Files\FunProgrammer USB\unins000.exe"
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
GPSU version 4.54-->"C:\Program Files\GPS Utility\unins000.exe"
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HiYo-->MsiExec.exe /X{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
IncrediMail Xe-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Infinity USB 1.35-->"C:\Program Files\Infinity USB\unins000.exe"
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Kit de Connexion Alice ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}\setup.exe" -l0x40c ControlPanel
Language pack for Ad-Aware SE-->C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\Langs\INSTALL.LOG
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Live TV Toolbar-->C:\PROGRA~1\Live_TV\UNWISE.EXE C:\PROGRA~1\Live_TV\INSTALL.LOG
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech ImageStudio-->MsiExec.exe /I{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}
Ma-Config.com-->MsiExec.exe /X{1C02A760-1682-49AE-BB54-FA7D63BD3504}
Macrogaming SweetIM 2.1-->MsiExec.exe /X{502358FB-0718-45BC-B142-7511F1694D58}
Magentic-->C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync 3.8-->"C:\WINDOWS\ISUN040C.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
MobileMe Control Panel-->MsiExec.exe /I{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{1787603C-E6E3-42D4-8034-55F358486F1D}
Multi Media France Toolbar-->C:\PROGRA~1\MULTI_~1\UNWISE.EXE C:\PROGRA~1\MULTI_~1\INSTALL.LOG
Multimedia Combo Set Driver-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B8C11C23-F46C-48C1-8EA8-CEA82115586A}
Nero 8-->MsiExec.exe /X{88589E19-665C-4575-A4A0-CE9C43C51036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_fre_web(2).exe
Nokia PC Suite-->MsiExec.exe /I{29466F9C-7C6A-419C-B301-F440FAF78760}
Online TV Toolbar-->C:\PROGRA~1\ONLINE~2\UNWISE.EXE C:\PROGRA~1\ONLINE~2\INSTALL.LOG
OpenOffice.org 3.0 Language Pack (French)-->MsiExec.exe /I{2A0DB319-6365-4876-B7D8-994A79AA1329}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Package de pilotes Windows - Nokia Modem (08/03/2007 6.84.0.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf
Package de pilotes Windows - Nokia Modem (10/12/2007 3.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
PC Booster-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B}\setup.exe" -l0x40c -removeonly
PC Connectivity Solution-->MsiExec.exe /I{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
PhotoDVD 2.3.14-->"C:\Program Files\vso\PhotoDVD\unins000.exe"
Photosmart 130,230,7150,7345,7350,7550 (Supprimer uniquement)-->C:\Program Files\HP Photosmart 11\Printer\hphuni04.exe
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RamBoost XP Version 4.0.3-->"C:\Program Files\RamBoost XP\unins001.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c
Registry Easy v4.7-->"C:\Program Files\Registry Easy\unins000.exe"
Smartmouse USB 1.2-->"C:\Program Files\Smartmouse USB\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
SweetIM For Internet Explorer 3.0b-->MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
TomTom HOME-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
torrent_search Toolbar-->C:\PROGRA~1\TORREN~1\UNWISE.EXE C:\PROGRA~1\TORREN~1\INSTALL.LOG
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Web Hottest Videos Personal Player Ver. 3.0-->C:\PROGRA~1\WEBHOT~1\UNWISE.EXE C:\PROGRA~1\WEBHOT~1\INSTALL.LOG
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Hosts File======

127.0.0.1 mpa.one.microsoft.com
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD

======Security center information======

AV: AVG Anti-Virus (outdated)
AV: Avira AntiVir PersonalEdition (outdated)
AV: avast! antivirus 4.8.1229 [VPS 081018-0]
FW: Outpost Firewall Pro
FW: AVG Firewall (disabled)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0304
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1288
Windows 5.1.2600 Service Pack 2

20/10/2008 12:49:26
mbam-log-2008-10-20 (12-49-01).txt

Type de recherche: Examen complet (C:\|H:\|)
Eléments examinés: 120857
Temps écoulé: 1 hour(s), 2 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 86

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\Multi_Media_France\tbMul1.dll (Adware.Shopper) -> No action taken.
C:\Program Files\torrent_search\tbtor1.dll (Adware.Shopper) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1051375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1052640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1098421.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1101562.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1117781.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1120875.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1153906.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1170750.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1181265.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1213109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1223109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1230984.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\14888281.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1555375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\16866390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1687421.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\212562.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\212937.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\213718.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\214359.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\215296.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\215421.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\215718.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\226078.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\227484.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\235421.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\237312.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\252781.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\254671.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\254921.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\258812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\260640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\262437.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\263781.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\274593.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\284203.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\288375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\296687.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\303281.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\304343.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3161656.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3163187.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\316500.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\318921.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\326562.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\327359.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\328281.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3296500.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\330812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3314062.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\333500.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3361171.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3365046.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\336640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\336953.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\337828.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\338640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3400500.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\342562.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3433187.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3459312.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3490687.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3500109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3509468.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\351796.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\356140.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\357000.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\359156.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\359765.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\367875.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\376703.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3933203.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3934531.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\395765.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\424265.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\431234.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\452531.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\465953.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\474375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\556375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\558406.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\884640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\886109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9755078.exe (Trojan.Agent) -> No action taken.
0
Réponse 7 / 110
erick3827 Messages postés 11 Date d'inscription mercredi 22 octobre 2008 Statut Membre Dernière intervention 22 octobre 2008
22 oct. 2008 à 02:17
bonjour,
je n'arrive pas à mettre le log, pourquoi?
0
Réponse 8 / 110
erick3827 Messages postés 11 Date d'inscription mercredi 22 octobre 2008 Statut Membre Dernière intervention 22 octobre 2008
22 oct. 2008 à 02:50
1er partie

Logfile of random's system information tool 1.04 (written by random/random)
Run by erick at 2008-10-21 18:26:40
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 47 GB (65%) free of 71 GB
Total RAM: 511 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:27:03, on 21/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\mozilla firefox\firefox.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Documents and Settings\erick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Documents and Settings\erick\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Documents and Settings\erick\Bureau\Nouveau dossier (2)\RSIT.exe
C:\Program Files\trend micro\erick.exe
C:\Program Files\IncrediMail\bin\ImNotfy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi_Media_France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
R3 - URLSearchHook: torrent_search Toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtor0.dll
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: Online_TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RamBoostXp] "C:\Program Files\RamBoost XP\rambxpfr.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\erick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\pirater la ps3 web hottest videos personal player.exe
O4 - Startup: Smartmouse Usb.lnk = C:\Program Files\Smartmouse USB\SMusb.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 9 / 110
erick3827 Messages postés 11 Date d'inscription mercredi 22 octobre 2008 Statut Membre Dernière intervention 22 octobre 2008
22 oct. 2008 à 02:52
2eme parie



======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\Schedule Task Weekly.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952]
"KBD"=C:\HP\KBD\KBD.EXE [2003-02-11 61440]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363]
"LogitechGalleryRepair"=C:\Program Files\Logitech\ImageStudio\ISStart.exe [2002-12-10 155648]
"LogitechImageStudioTray"=C:\Program Files\Logitech\ImageStudio\LogiTray.exe [2002-12-10 61440]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2008-10-19 335872]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [2002-11-22 188416]
"HPHmon04"=C:\WINDOWS\system32\hphmon04.exe [2002-11-22 348160]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe -hide []
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-02-18 206184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"RamBoostXp"=C:\Program Files\RamBoost XP\rambxpfr.exe [2003-02-19 788992]
"Magentic"=C:\PROGRA~1\Magentic\bin\Magentic.exe [2006-12-11 319532]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2005-01-19 405583]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-10-19 839688]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

C:\Documents and Settings\erick\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
Outil de notification Live Search.lnk - C:\Documents and Settings\erick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
Personal Player.lnk - C:\Program Files\Web Hottest Videos Personal Player\pirater la ps3 web hottest videos personal player.exe
Smartmouse Usb.lnk - C:\Program Files\Smartmouse USB\SMusb.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-08-21 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2008-10-16 87352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:backWeb-8876480"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Documents and Settings\erick\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe"="C:\Documents and Settings\erick\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"C:\Documents and Settings\erick\Mes documents\Downloads\Programs\incredimail_install.exe"="C:\Documents and Settings\erick\Mes documents\Downloads\Programs\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Morpheus\Morpheus.exe"="C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:Morpheus"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Winsos\winsos.exe"="C:\Program Files\Winsos\winsos.exe:*:Enabled:Winsos"
"C:\Program Files\IncrediMail\bin\ImLc.exe"="C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4b65bcf5-0a06-11dc-8f95-00112f4f62cc}]
shell\AutoRun\command - K:\nideiect.com
shell\explore\command - K:\nideiect.com
shell\open\command - K:\nideiect.com


======List of files/folders created in the last 1 months======

2008-10-21 15:13:51 ----D---- C:\Program Files\CCleaner
2008-10-21 14:20:34 ----D---- C:\rsit
2008-10-20 10:38:41 ----D---- C:\WINDOWS\AU_Temp
2008-10-20 07:11:42 ----D---- C:\Program Files\trend micro
2008-10-20 06:49:31 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-10-20 06:49:27 ----D---- C:\Program Files\Grisoft
2008-10-20 06:36:54 ----D---- C:\Program Files\AVG
2008-10-20 01:39:22 ----D---- C:\Documents and Settings\erick\Application Data\Help
2008-10-19 20:28:51 ----D---- C:\WINDOWS\BDOSCAN8
2008-10-19 20:05:22 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2008-10-19 18:04:34 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-10-19 14:34:16 ----D---- C:\Documents and Settings\erick\Application Data\Malwarebytes
2008-10-19 14:34:05 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-19 14:34:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-19 13:46:46 ----A---- C:\WINDOWS\system32\ban_list.txt
2008-10-19 13:44:48 ----D---- C:\Program Files\Spyware Doctor
2008-10-19 13:44:48 ----D---- C:\Documents and Settings\erick\Application Data\PC Tools
2008-10-19 10:13:21 ----D---- C:\Documents and Settings\erick\Application Data\AVGTOOLBAR
2008-10-19 10:11:16 ----A---- C:\WINDOWS\system32\avgfwdx.dll
2008-10-19 10:11:10 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-18 18:03:17 ----A---- C:\WINDOWS\ALCMTR.EXE
2008-10-18 18:03:16 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2008-10-18 18:03:09 ----A---- C:\WINDOWS\ALCWZRD.EXE
2008-10-18 18:02:59 ----A---- C:\WINDOWS\RTLCPL.EXE
2008-10-18 18:02:57 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2008-10-18 18:02:37 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-10-18 15:02:22 ----D---- C:\Program Files\Avira
2008-10-18 14:55:12 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-10-18 07:09:25 ----D---- C:\Documents and Settings\erick\Application Data\Pegasys Inc
2008-10-17 16:49:39 ----D---- C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-10-17 16:48:32 ----A---- C:\WINDOWS\system32\LMIport.dll
2008-10-17 16:48:29 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
2008-10-17 16:46:43 ----A---- C:\WINDOWS\system32\LMIinit.dll
2008-10-17 16:28:44 ----D---- C:\Program Files\Bosco
2008-10-16 20:35:42 ----A---- C:\WINDOWS\system32\lmimirr2.dll
2008-10-16 20:35:40 ----A---- C:\WINDOWS\system32\lmimirr.dll
2008-10-16 15:37:39 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2008-10-16 15:37:30 ----D---- C:\Program Files\WinZip
2008-10-16 10:14:27 ----D---- C:\Documents and Settings\erick\Application Data\OpenOffice.org
2008-10-16 10:05:08 ----D---- C:\Program Files\JRE
2008-10-16 10:05:01 ----D---- C:\Program Files\OpenOffice.org 3
2008-10-15 07:11:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 07:11:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 07:11:05 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 07:10:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 07:10:19 ----A---- C:\WINDOWS\imsins.BAK
2008-10-15 07:10:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 04:47:31 ----D---- C:\Program Files\Beausoft
2008-10-10 14:50:33 ----D---- C:\WINDOWS\report
2008-10-10 14:49:42 ----D---- C:\WINDOWS\AU_Backup
2008-10-10 14:49:41 ----A---- C:\WINDOWS\vsapi32.dll
2008-10-10 14:49:41 ----A---- C:\WINDOWS\tsc.ini
2008-10-10 14:49:41 ----A---- C:\WINDOWS\TSC.exe
2008-10-10 14:49:41 ----A---- C:\WINDOWS\hcextoutput.dll
2008-10-10 14:49:41 ----A---- C:\WINDOWS\BPMNT.dll
2008-10-10 14:48:49 ----A---- C:\WINDOWS\GetServer.ini
2008-10-10 14:48:48 ----D---- C:\WINDOWS\AU_Log
2008-10-10 14:48:25 ----A---- C:\xscan.txt
2008-10-10 14:48:19 ----A---- C:\WINDOWS\UNZIP.DLL
2008-10-10 14:48:19 ----A---- C:\WINDOWS\TMUPDATE.DLL
2008-10-10 14:48:18 ----A---- C:\WINDOWS\PATCH.EXE
2008-10-10 14:39:29 ----D---- C:\Program Files\Registry Easy
2008-10-10 13:49:22 ----D---- C:\Program Files\UltraVNC
2008-10-09 12:59:43 ----D---- C:\Program Files\BitComet
2008-10-09 12:59:40 ----D---- C:\Program Files\Videora
2008-10-09 12:58:06 ----D---- C:\WINDOWS\system32\URTTEMP
2008-10-05 16:23:40 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-04 21:09:33 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2008-10-04 00:30:59 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-10-03 11:05:29 ----D---- C:\Program Files\iPod
2008-10-03 11:05:16 ----D---- C:\Program Files\iTunes
2008-10-03 11:05:16 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-03 11:02:01 ----D---- C:\Program Files\QuickTime
2008-10-03 10:54:41 ----D---- C:\Program Files\Bonjour
2008-10-03 00:40:42 ----D---- C:\WINDOWS\system32\RTCOM
2008-10-03 00:39:36 ----A---- C:\WINDOWS\RtlUpd.exe
2008-10-03 00:39:30 ----A---- C:\WINDOWS\RTHDCPL.EXE
2008-10-03 00:39:28 ----A---- C:\WINDOWS\MicCal.exe
2008-10-03 00:39:08 ----A---- C:\WINDOWS\HideWin.exe
2008-10-03 00:39:07 ----A---- C:\WINDOWS\RtlExUpd.dll
2008-10-03 00:33:22 ----D---- C:\Program Files\ATI Technologies
2008-10-03 00:26:16 ----A---- C:\WINDOWS\system32\RtNicProp32.dll
2008-10-03 00:24:06 ----D---- C:\Documents and Settings\erick\Application Data\InstallShield
2008-10-03 00:23:40 ----A---- C:\WINDOWS\system32\CSVer.dll
2008-10-03 00:23:39 ----D---- C:\Program Files\Intel
2008-10-03 00:08:24 ----D---- C:\Program Files\ma-config.com
2008-10-03 00:08:24 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-10-01 08:23:27 ----A---- C:\WINDOWS\WININIT.INI
2008-09-23 11:55:36 ----D---- C:\Program Files\NOS
2008-09-23 11:55:36 ----D---- C:\Documents and Settings\All Users\Application Data\NOS

======List of files/folders modified in the last 1 months======

2008-10-21 18:09:24 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-21 18:08:02 ----D---- C:\Program Files\eMule
2008-10-21 18:07:36 ----D---- C:\Program Files\RamBoost XP
2008-10-21 18:07:20 ----D---- C:\WINDOWS\Prefetch
2008-10-21 18:01:17 ----D---- C:\Program Files\Mozilla Firefox
2008-10-21 17:23:01 ----D---- C:\WINDOWS\Temp
2008-10-21 17:22:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-21 17:20:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-21 17:20:04 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-21 15:13:51 ----AD---- C:\Program Files
2008-10-20 21:22:43 ----HD---- C:\WINDOWS\system32\drivers
2008-10-20 19:21:41 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-20 18:37:42 ----A---- C:\WINDOWS\NeroDigital.ini
2008-10-20 10:39:03 ----D---- C:\WINDOWS
2008-10-20 10:31:45 ----D---- C:\WINDOWS\system32
2008-10-20 10:18:08 ----D---- C:\WINDOWS\Debug
2008-10-20 06:53:45 ----SHD---- C:\WINDOWS\Installer
2008-10-20 00:27:24 ----SD---- C:\Documents and Settings\erick\Application Data\Microsoft
2008-10-20 00:22:18 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-10-19 20:29:06 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-19 20:28:51 ----HD---- C:\WINDOWS\inf
2008-10-19 18:04:42 ----D---- C:\Program Files\Lavasoft
2008-10-19 18:03:31 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-10-19 17:54:34 ----D---- C:\Documents and Settings\erick\Application Data\GetRightToGo
2008-10-19 15:12:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-19 13:45:58 ----D---- C:\WINDOWS\Minidump
2008-10-19 12:27:03 ----D---- C:\Program Files\Fichiers communs
2008-10-18 18:42:09 ----D---- C:\Program Files\LimeWire
2008-10-18 18:04:07 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-18 18:02:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-18 17:54:28 ----A---- C:\WINDOWS\wwwbatch.ini
2008-10-18 15:27:08 ----D---- C:\Documents and Settings\erick\Application Data\ownsmoreeach
2008-10-18 15:21:03 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-18 15:21:01 ----SD---- C:\WINDOWS\Tasks
2008-10-18 06:54:14 ----A---- C:\WINDOWS\win.ini
2008-10-18 06:47:25 ----D---- C:\Program Files\RS P2P Share Spy Demo
2008-10-18 06:37:53 ----D---- C:\Program Files\Windows Live Toolbar
2008-10-16 10:06:39 ----RSD---- C:\WINDOWS\assembly
2008-10-16 10:06:27 ----D---- C:\WINDOWS\WinSxS
2008-10-16 10:05:23 ----RSD---- C:\WINDOWS\Fonts
2008-10-15 07:11:18 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-15 07:10:52 ----D---- C:\Program Files\Internet Explorer
2008-10-15 07:10:40 ----D---- C:\WINDOWS\ie7updates
2008-10-15 04:03:29 ----D---- C:\Documents and Settings\erick\Application Data\Google
2008-10-15 03:57:58 ----D---- C:\Program Files\Google
2008-10-13 18:04:51 ----D---- C:\Program Files\Yahoo!
2008-10-11 09:38:38 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-10-10 22:01:58 ----D---- C:\WINDOWS\Registration
2008-10-07 21:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-05 16:23:32 ----D---- C:\WINDOWS\ehome
2008-10-03 19:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-03 11:02:09 ----D---- C:\Program Files\Fichiers communs\Apple
2008-10-03 01:07:14 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-03 00:40:19 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-03 00:39:23 ----D---- C:\Program Files\Realtek
2008-10-01 08:23:27 ----D---- C:\Program Files\AidePro5
2008-09-24 05:24:40 ----D---- C:\Program Files\IncrediMail
2008-09-23 12:05:13 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-09-23 12:02:43 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-09-23 11:59:20 ----D---- C:\Program Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-08-25 66952]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225920]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-10-30 1201632]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-19 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-08-21 3299840]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-04-26 135168]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-28 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2004-05-05 2155200]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-28 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-19 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-07-17 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-07-17 109952]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-19 12416]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 srosa;Megadrv3; \??\C:\WINDOWS\system32\drivers\srosa.sys []
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-10-19 23296]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-10-19 23296]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 Dot4 HPH11;Dot4 HPH11; C:\WINDOWS\system32\DRIVERS\hphid411.sys [2002-11-22 50896]
S3 dot4;Pilote MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-04 207360]
S3 Dot4Print HPH11;Print Class Driver for IEEE-1284.4 HPH11; C:\WINDOWS\system32\DRIVERS\hphipr11.sys [2002-11-22 16112]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Storage HPH11;Storage Class Driver for IEEE-1284.4 (HPH11); C:\WINDOWS\System32\Drivers\hphs2k11.sys [2002-11-22 50276]
S3 Dot4Usb HPH11;Dot4Usb HPH11; C:\WINDOWS\System32\drivers\hphius11.sys [2002-11-22 18928]
S3 dot4usb;Filtre Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-23 24064]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
S3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 HWIONT;HWIONT; \??\C:\DOCUME~1\erick\LOCALS~1\Temp\Rar$EX00.688\HWIONT.sys []
S3 INFUSB;INFUSB; C:\WINDOWS\system32\drivers\infusb.sys [2003-11-03 11520]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]
S3 rt2571;Wireless 802.11g USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt2571.sys [2004-05-07 79616]
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-10-31 30464]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-12-06 104064]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-19 73600]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-19 611664]
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 UxTuneUp;Extension de conception TuneUp; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-08-20 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe []
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-25 138168]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 Pml Driver HPH11;Pml Driver HPH11; C:\WINDOWS\system32\HPHipm11.exe [2002-11-22 77824]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-08-21 573440]
0
Réponse 10 / 110
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
22 oct. 2008 à 07:37
Bonjour,

Ouvre Spybot search and destroy.

clique sur mode, choisis advanced mode;

dans la colonne de gauche clique sur le + devant tools.

clique sur résident (colonne de gauche)

dans la fenêtre de droite décoche la case devant "resident tea-timer"

-------------

Telecharge FindyKill sur ton bureau :

--> Lance l installation avec les parametres par default

--> Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir


--> Double clic sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 1 (Recherche)

--> Post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque

----------------------------------

Télécharge Lop S&D ici :

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Double-clique dessus pour lancer l'installation

Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau

Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )

Patiente jusqu'à la fin du scan

Poste le rapport généré ( C:lopR.txt )

0
Réponse 11 / 110
erick3827 Messages postés 11 Date d'inscription mercredi 22 octobre 2008 Statut Membre Dernière intervention 22 octobre 2008
22 oct. 2008 à 08:00
bonjour!

Merci pour ta réponse, mais je le prend ou FindyKill ?
0
Réponse 12 / 110
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
22 oct. 2008 à 08:28
Bonjour,


Findykill ici :

http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
0
Réponse 13 / 110
erick38270 Messages postés 67 Date d'inscription lundi 20 octobre 2008 Statut Membre Dernière intervention 10 mars 2009
22 oct. 2008 à 11:24
----------------- FindyKill V4.095 ------------------

* User : erick - ERICK-5CE73308A
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 22/10/08 par Chiquitine29
* Recherche effectuée à 11:20:08 le 22/10/2008
* Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\erick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Documents and Settings\erick\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
c:\program files\mozilla firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:


»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Present ! - C:\WINDOWS\prefetch\603546.EXE-22F5B1C5.pf
Present ! - C:\WINDOWS\prefetch\WINFILSE.EXE-17C2CF68.pf
Present ! - C:\WINDOWS\Prefetch\PATCH.EXE-1DE617D3.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

Présent ! - C:\WINDOWS\system32\drivers\winfilse.exe

»»»» Presence des fichiers dans C:\Documents and Settings\erick\Application Data


»»»» Presence des fichiers dans C:\DOCUME~1\erick\LOCALS~1\Temp


--------------- [ Registre / Startup ] ----------------


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Raccourci vers la page des propriétés de High Definition Audio REG_SZ HDAudPropShortcut.exe
KBD REG_SZ C:\HP\KBD\KBD.EXE
AGRSMMSG REG_SZ AGRSMMSG.exe
LogitechGalleryRepair REG_SZ C:\Program Files\Logitech\ImageStudio\ISStart.exe
LogitechImageStudioTray REG_SZ C:\Program Files\Logitech\ImageStudio\LogiTray.exe
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
OutpostFeedBack REG_SZ C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup
HPDJ Taskbar Utility REG_SZ C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
HPHmon04 REG_SZ C:\WINDOWS\system32\hphmon04.exe
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Adobe Photo Downloader REG_SZ "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
Alcmtr REG_SZ ALCMTR.EXE
Windows Defender REG_SZ "C:\Program Files\Windows Defender\MSASCui.exe" -hide
TomTomHOME.exe REG_SZ "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
RamBoostXp REG_SZ "C:\Program Files\RamBoost XP\rambxpfr.exe"
Magentic REG_SZ C:\PROGRA~1\Magentic\bin\Magentic.exe /c
H/PC Connection Agent REG_SZ "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
LDM REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
IncrediMail REG_SZ C:\Program Files\IncrediMail\bin\IncMail.exe /c

--------------- [ Registre / Clés infectieuses ] ----------------


Présent ! - HKEY_USERS\S-1-5-21-1409082233-1229272821-725345543-1003\Software\Local AppWizard-Generated Applications\nideiect
Présent ! - HKEY_USERS\S-1-5-21-1409082233-1229272821-725345543-1003\Software\Local AppWizard-Generated Applications\patch
Présent ! - HKEY_USERS\S-1-5-21-1409082233-1229272821-725345543-1003\Software\Local AppWizard-Generated Applications\winfilse
Présent ! - HKEY_USERS\S-1-5-21-1409082233-1229272821-725345543-1003\Software\bisoft
Présent ! - HKEY_USERS\S-1-5-21-1409082233-1229272821-725345543-1003\Software\CHKPTR
Présent ! - HKEY_USERS\S-1-5-21-1409082233-1229272821-725345543-1003\Software\FFC
Présent ! - HKEY_USERS\S-1-5-21-1409082233-1229272821-725345543-1003\Software\FR79732423
Présent ! - HKEY_USERS\S-1-5-21-1409082233-1229272821-725345543-1003\Software\MuleAppData
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\nideiect
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\patch
Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Présent ! - HKEY_CURRENT_USER\Software\bisoft

--------------- [ Etat / Services ] ----------------

Clé manquante : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden

-> Affichage des fichiers cachés non fonctionnel !!


+- Services : [ Auto=2 Demande=3 Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

/!\ Ip6Fw - Type de démarrage = 4

SharedAccess - Type de démarrage = 2

/!\ wuauserv - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe

H: - Lecteur fixe

K: - Lecteur amovible

L: - Lecteur amovible


+- presence des fichiers :

Présent ! - K:\nideiect.com
Présent ! - L:\nideiect.com


--------------- [ Registre / Moutpoint2 ] ----------------


-> Recherche négative.


------------------- ! Fin du rapport ! --------------------
0
Réponse 14 / 110
erick38270 Messages postés 67 Date d'inscription lundi 20 octobre 2008 Statut Membre Dernière intervention 10 mars 2009
22 oct. 2008 à 11:36
--------------------\\ Lop S&D 4.2.4-6 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : BIOS Date: 04/29/05 17:55:16 Ver: 08.00.10
USER : erick ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081022-0] 4.8.1229 (Activated)
Firewall : AVG Firewall 8.0 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 69 Go Free : 45 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (Local Disk) - NTFS - Total : 79 Go Free : 37 Go
I:\ (CD or DVD)
J:\ (USB)
K:\ (USB) - FAT - Total : 249 Mo Free : 0 Go
L:\ (USB) - FAT32 - Total : 979 Mo Free : 0 Go

"C:\Lop SD" ( MAJ : 20-10-2008|20:35 )
Option : [1] ( 22/10/2008|11:29 )

--------------------\\ Listing des dossiers dans APPLIC~1

[20/10/2008|06:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[21/09/2008|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{1088AB07-27EA-4156-B080-B1715080124B}
[03/10/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[23/09/2008|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/11/2007|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[18/07/2007|16:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[20/10/2008|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[22/10/2008|05:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[27/08/2007|13:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\barb coal test cdrom
[13/03/2008|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios
[25/01/2007|23:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[20/10/2008|06:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/05/2008|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HiYo
[04/03/2008|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[04/03/2008|11:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[08/02/2008|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[19/10/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[17/10/2008|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogMeIn
[03/10/2008|00:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[19/10/2008|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[18/10/2008|15:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[28/02/2007|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Corporation
[25/07/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[25/04/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[24/09/2008|14:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[24/01/2007|01:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[09/02/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[21/10/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
[22/10/2008|09:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[22/10/2008|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[29/02/2008|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[26/01/2007|01:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[24/01/2007|01:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/01/2007|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[16/10/2008|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[20/10/2008|00:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/10/2008|09:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[10/10/2008|22:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[11/02/2008|10:51] C:\DOCUME~1\erick\APPLIC~1\Adobe
[28/02/2008|15:41] C:\DOCUME~1\erick\APPLIC~1\Ahead
[28/04/2008|18:34] C:\DOCUME~1\erick\APPLIC~1\Apple Computer
[19/10/2008|10:13] C:\DOCUME~1\erick\APPLIC~1\AVGTOOLBAR
[18/06/2007|11:36] C:\DOCUME~1\erick\APPLIC~1\BitDownload
[27/02/2007|13:19] C:\DOCUME~1\erick\APPLIC~1\BSplayer
[07/09/2007|00:12] C:\DOCUME~1\erick\APPLIC~1\DialMessenger
[27/02/2007|18:36] C:\DOCUME~1\erick\APPLIC~1\DivX
[24/01/2008|09:24] C:\DOCUME~1\erick\APPLIC~1\DMCache
[19/10/2008|17:54] C:\DOCUME~1\erick\APPLIC~1\GetRightToGo
[15/10/2008|04:03] C:\DOCUME~1\erick\APPLIC~1\Google
[18/06/2007|21:20] C:\DOCUME~1\erick\APPLIC~1\GPS Utility
[20/10/2008|01:39] C:\DOCUME~1\erick\APPLIC~1\Help
[24/01/2007|00:54] C:\DOCUME~1\erick\APPLIC~1\Identities
[21/09/2008|16:59] C:\DOCUME~1\erick\APPLIC~1\IDM
[03/10/2008|00:24] C:\DOCUME~1\erick\APPLIC~1\InstallShield
[22/10/2008|03:05] C:\DOCUME~1\erick\APPLIC~1\Lavasoft
[11/09/2008|05:16] C:\DOCUME~1\erick\APPLIC~1\Leadertech
[24/01/2007|01:42] C:\DOCUME~1\erick\APPLIC~1\Macromedia
[19/10/2008|14:34] C:\DOCUME~1\erick\APPLIC~1\Malwarebytes
[22/10/2008|09:48] C:\DOCUME~1\erick\APPLIC~1\Microsoft
[26/08/2008|19:20] C:\DOCUME~1\erick\APPLIC~1\Mozilla
[25/04/2008|14:52] C:\DOCUME~1\erick\APPLIC~1\Nero
[09/02/2008|12:17] C:\DOCUME~1\erick\APPLIC~1\Nokia
[09/02/2008|11:54] C:\DOCUME~1\erick\APPLIC~1\Nokia Multimedia Player
[16/10/2008|10:14] C:\DOCUME~1\erick\APPLIC~1\OpenOffice.org
[18/10/2008|15:27] C:\DOCUME~1\erick\APPLIC~1\ownsmoreeach
[09/02/2008|11:45] C:\DOCUME~1\erick\APPLIC~1\PC Suite
[19/10/2008|13:44] C:\DOCUME~1\erick\APPLIC~1\PC Tools
[18/10/2008|07:09] C:\DOCUME~1\erick\APPLIC~1\Pegasys Inc
[02/06/2007|12:03] C:\DOCUME~1\erick\APPLIC~1\Screenshot Sender
[17/04/2007|15:06] C:\DOCUME~1\erick\APPLIC~1\SecondLife
[01/02/2007|22:31] C:\DOCUME~1\erick\APPLIC~1\Sun
[24/10/2007|13:14] C:\DOCUME~1\erick\APPLIC~1\TomTom
[26/01/2007|01:20] C:\DOCUME~1\erick\APPLIC~1\TuneUp Software
[17/07/2007|14:47] C:\DOCUME~1\erick\APPLIC~1\Vso

[21/10/2008|22:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[20/10/2008|06:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/10/2008|22:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

[20/10/2008|06:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[17/10/2008 12:41][--a------] C:\WINDOWS\tasks\Schedule Task Weekly.job
[10/10/2008 07:04][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[21/10/2008 17:19][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[22/10/2008 10:57][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[23/09/2008|11:59] C:\Program Files\Adobe
[28/02/2007|15:23] C:\Program Files\Agnitum
[01/10/2008|08:23] C:\Program Files\AidePro5
[29/12/2007|17:34] C:\Program Files\Alice
[22/09/2007|21:51] C:\Program Files\Alice SSID
[24/01/2007|00:58] C:\Program Files\Alwil Software
[05/08/2008|14:52] C:\Program Files\Apple Software Update
[13/11/2007|22:32] C:\Program Files\AquaBuild Beta
[30/09/2007|05:19] C:\Program Files\Aripacalc
[03/10/2008|00:33] C:\Program Files\ATI Technologies
[27/07/2007|05:38] C:\Program Files\AvantGo Connect
[20/10/2008|06:36] C:\Program Files\AVG
[15/10/2008|04:47] C:\Program Files\Beausoft
[18/10/2008|07:03] C:\Program Files\BitComet
[03/10/2008|10:54] C:\Program Files\Bonjour
[17/10/2008|20:03] C:\Program Files\Bosco
[27/02/2007|12:46] C:\Program Files\BSplayer_WhenUSave_Installer
[04/06/2008|13:39] C:\Program Files\CA Yahoo! Anti-Spy
[21/10/2008|15:14] C:\Program Files\CCleaner
[04/06/2008|13:37] C:\Program Files\Common Files
[24/01/2007|00:43] C:\Program Files\ComPlus Applications
[07/09/2007|00:12] C:\Program Files\DialMessenger
[08/02/2008|19:53] C:\Program Files\DIFX
[13/03/2008|18:36] C:\Program Files\DivX
[15/04/2008|18:01] C:\Program Files\DoubleD
[13/03/2008|18:32] C:\Program Files\DVD X Player 4.0 Professionnel
[13/03/2008|18:33] C:\Program Files\DVD X Studios
[22/10/2008|06:08] C:\Program Files\eMule
[21/10/2008|22:20] C:\Program Files\Fichiers communs
[22/10/2008|11:20] C:\Program Files\FindyKill
[29/02/2008|08:36] C:\Program Files\Foxit Software
[22/06/2007|18:14] C:\Program Files\FunProgrammer USB
[15/10/2008|03:57] C:\Program Files\Google
[18/06/2007|21:20] C:\Program Files\GPS Utility
[20/10/2008|06:49] C:\Program Files\Grisoft
[07/06/2007|17:47] C:\Program Files\HP Photosmart 11
[24/09/2008|05:24] C:\Program Files\IncrediMail
[22/06/2007|18:02] C:\Program Files\Infinity USB
[29/08/2007|20:20] C:\Program Files\inKline Global
[03/10/2008|01:07] C:\Program Files\InstallShield Installation Information
[03/10/2008|00:23] C:\Program Files\Intel
[29/01/2007|14:38] C:\Program Files\Internet Download Manager
[15/10/2008|07:10] C:\Program Files\Internet Explorer
[03/10/2008|11:05] C:\Program Files\iPod
[03/10/2008|11:05] C:\Program Files\iTunes
[01/08/2008|17:22] C:\Program Files\Java
[16/10/2008|10:05] C:\Program Files\JRE
[22/10/2008|03:05] C:\Program Files\Lavasoft
[18/10/2008|18:42] C:\Program Files\LimeWire
[26/01/2007|16:33] C:\Program Files\Logitech
[03/10/2008|00:14] C:\Program Files\ma-config.com
[24/11/2007|16:26] C:\Program Files\Macrogaming
[21/09/2008|17:02] C:\Program Files\Magentic
[22/10/2008|06:11] C:\Program Files\Malwarebytes' Anti-Malware
[13/08/2008|22:07] C:\Program Files\Messenger
[27/07/2007|05:38] C:\Program Files\Microsoft ActiveSync
[24/01/2007|00:47] C:\Program Files\microsoft frontpage
[02/10/2007|13:13] C:\Program Files\Microsoft Office
[13/11/2007|12:55] C:\Program Files\Microsoft SQL Server Compact Edition
[27/05/2008|22:23] C:\Program Files\Morpheus
[18/02/2008|17:42] C:\Program Files\Movie Maker
[22/10/2008|11:06] C:\Program Files\Mozilla Firefox
[24/01/2007|00:42] C:\Program Files\MSN
[24/01/2007|00:43] C:\Program Files\MSN Gaming Zone
[26/04/2008|22:00] C:\Program Files\MSXML 4.0
[02/10/2007|18:03] C:\Program Files\MSXML 6.0
[22/09/2007|12:45] C:\Program Files\Multi_Media_France
[22/01/2008|11:16] C:\Program Files\Multimedia Combo Set Driver
[23/02/2007|22:46] C:\Program Files\MyXOFT
[29/02/2008|10:13] C:\Program Files\NAVIGON
[25/04/2008|14:47] C:\Program Files\Nero
[24/01/2007|00:44] C:\Program Files\NetMeeting
[08/02/2008|19:52] C:\Program Files\Nokia
[24/09/2008|14:22] C:\Program Files\NOS
[24/01/2007|00:43] C:\Program Files\Online Services
[25/03/2008|00:46] C:\Program Files\Online_TV
[16/10/2008|10:05] C:\Program Files\OpenOffice.org 3
[02/10/2007|18:03] C:\Program Files\Outlook Express
[27/06/2008|21:16] C:\Program Files\ownsmoreeach
[08/02/2008|19:52] C:\Program Files\PC Connectivity Solution
[12/09/2007|17:38] C:\Program Files\PC Inspector File Recovery
[03/10/2008|11:02] C:\Program Files\QuickTime
[22/10/2008|10:58] C:\Program Files\RamBoost XP
[03/10/2008|00:39] C:\Program Files\Realtek
[17/10/2008|12:40] C:\Program Files\Registry Easy
[09/03/2008|21:59] C:\Program Files\RM-X Player V5.2
[24/02/2007|12:21] C:\Program Files\RM-X Store
[18/10/2008|06:47] C:\Program Files\RS P2P Share Spy Demo
[24/01/2007|00:45] C:\Program Files\Services en ligne
[22/06/2007|18:14] C:\Program Files\Smartmouse USB
[22/10/2008|03:01] C:\Program Files\Spybot - Search & Destroy
[22/10/2008|02:55] C:\Program Files\Spyware Doctor
[29/12/2007|17:34] C:\Program Files\TechCity Solutions
[24/10/2007|13:12] C:\Program Files\TomTom DesktopSuite
[21/10/2008|22:22] C:\Program Files\TomTom HOME 2
[16/11/2007|19:13] C:\Program Files\torrent_search
[21/10/2008|18:26] C:\Program Files\trend micro
[24/01/2008|09:17] C:\Program Files\TuneUp Utilities 2007
[17/10/2008|20:05] C:\Program Files\UltraVNC
[24/01/2007|00:53] C:\Program Files\Uninstall Information
[28/07/2007|19:43] C:\Program Files\VideoLAN
[16/10/2008|08:20] C:\Program Files\Videora
[19/01/2008|13:37] C:\Program Files\VirtualDJ
[17/07/2007|14:43] C:\Program Files\vso
[25/03/2008|00:44] C:\Program Files\Web Hottest Videos Personal Player
[27/02/2007|13:19] C:\Program Files\Webteh
[13/11/2007|12:55] C:\Program Files\Windows Live
[18/10/2008|06:37] C:\Program Files\Windows Live Toolbar
[25/01/2007|00:14] C:\Program Files\Windows Media Components
[25/01/2007|23:40] C:\Program Files\Windows Media Connect 2
[03/08/2007|12:02] C:\Program Files\Windows Media Player
[24/01/2007|00:43] C:\Program Files\Windows NT
[24/01/2007|00:45] C:\Program Files\WindowsUpdate
[01/02/2007|18:08] C:\Program Files\WinRAR
[16/10/2008|15:37] C:\Program Files\WinZip
[24/01/2007|00:47] C:\Program Files\xerox
[29/03/2008|19:52] C:\Program Files\XP Codec Pack
[13/10/2008|18:04] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[23/09/2008|12:02] C:\Program Files\Fichiers communs\Adobe
[28/02/2007|15:23] C:\Program Files\Fichiers communs\Agnitum Shared
[21/04/2008|19:48] C:\Program Files\Fichiers communs\Ahead
[03/10/2008|11:02] C:\Program Files\Fichiers communs\Apple
[22/01/2008|11:15] C:\Program Files\Fichiers communs\InstallShield
[28/01/2007|00:17] C:\Program Files\Fichiers communs\Java
[25/01/2007|00:24] C:\Program Files\Fichiers communs\Logitech
[21/04/2008|19:33] C:\Program Files\Fichiers communs\Microsoft Shared
[24/01/2007|00:44] C:\Program Files\Fichiers communs\MSSoap
[25/04/2008|14:49] C:\Program Files\Fichiers communs\Nero
[08/02/2008|19:53] C:\Program Files\Fichiers communs\Nokia
[24/01/2007|01:36] C:\Program Files\Fichiers communs\ODBC
[21/10/2008|22:29] C:\Program Files\Fichiers communs\PC Tools
[08/02/2008|19:52] C:\Program Files\Fichiers communs\PCSuite
[04/06/2008|13:37] C:\Program Files\Fichiers communs\Scanner
[24/01/2007|00:44] C:\Program Files\Fichiers communs\Services
[24/01/2007|01:36] C:\Program Files\Fichiers communs\SpeechEngines
[02/10/2007|18:03] C:\Program Files\Fichiers communs\System
[13/11/2007|12:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[22/10/2008|03:05] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 55 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\erick\APPLIC~1\Bitdownload
C:\DOCUME~1\erick\APPLIC~1\BitDownload
C:\DOCUME~1\erick\APPLIC~1\BitDownload\Data
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\Program Files\Multi_Media_France\tbMul0.dll
C:\Program Files\Multi_Media_France\tbMult.dll
C:\Program Files\Multi_Media_France\toolbar.cfg
C:\Program Files\Multi_Media_France\UNWISE.EXE
C:\Program Files\Multi_Media_France\UNWISE.INI
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\Program Files\Multi_Media_France\tbMul0.dll
C:\Program Files\Multi_Media_France\tbMult.dll
C:\Program Files\Multi_Media_France\toolbar.cfg
C:\Program Files\Multi_Media_France\UNWISE.EXE
C:\Program Files\Multi_Media_France\UNWISE.INI

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 9310 [ 70 ## added by CiD ]

/!\ 2 Not 127.0.0.1 !!

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-22 11:31:29
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 5

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\D‚sinstaller.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Website.url
[b]==> EGDACCESS <==/b

--------------------\\ ROOTKIT !!

Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais
C:\DOCUME~1\erick\Bureau\cle\Avast.Antivirus.Pro.v4.7.892.FR.Incl-Keygen.rar
C:\DOCUME~1\erick\Bureau\cle\Configurer Zone Alarm Pro Fr Fran‡ais French Manuel Manual Alarme Keygen Clee Clef Serial Serie Patch.txt
C:\DOCUME~1\erick\Bureau\cle\Crackfilerecovery.exe
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\Winrar 3.20 Fr - Installation.txt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\wrar320fr.exe
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Default.SFX
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Descript.ion
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Dos.SFX
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\File_Id.diz
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\License.txt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Order.txt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Rar.exe
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\rar.lng
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Rar.txt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\RarExt.dll
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\rarext.lng
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\RarFiles.lst
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Rar_Site.txt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\ReadMe.txt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Register.txt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\TechNote.txt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Uninstall.exe
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\uninstall.lng
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Uninstall.lst
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\UnRAR.exe
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\WhatsNew.txt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\WinCon.SFX
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\WinRAR.cnt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\WinRAR.exe
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\WinRAR.hlp
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\winrar.lng
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Zip.SFX
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats\ace.fmt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats\arj.fmt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats\bz2.fmt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats\cab.fmt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats\gz.fmt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats\iso.fmt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats\lzh.fmt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats\tar.fmt
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats\UNACEV2.DLL
C:\DOCUME~1\erick\Bureau\cle\2_WinRAR - 3.20 + Crack - Francais\PROGRAM FILES\WinRAR\Formats\uue.fmt
C:\DOCUME~1\erick\Bureau\cle\serial XP\2_[Serial] 'MS(Windows 95-98-ME-2000-XP-Plus-Office)' Product Keys Cd Key License Crack.txt
C:\DOCUME~1\erick\Bureau\cle\serial XP\Microsoft Windows 95 98 Me 2000 2K Xp Plus Office Product Keys Cd Key License Crack(1)Windows Xp Pro Gold 5.5 Fr- Sp1 Pre Sp2.5.5(Serial-V).txt
C:\DOCUME~1\erick\Bureau\cle\serial XP\Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familial(1).zip
C:\DOCUME~1\erick\Bureau\cle\serial XP\Xp - Serials Et Cle Activation Crack Windows Xp Fr Pro Et Familial.zip
C:\DOCUME~1\erick\Local Settings\Application Data\Microsoft\Messenger\erick3815@hotmail.com\Sharing Folders\mahoni50@hotmail.fr\Windows Vista Activation-Crack April2007
C:\DOCUME~1\erick\Local Settings\Application Data\Microsoft\Messenger\erick3815@hotmail.com\Sharing Folders\mahoni50@hotmail.fr\Windows Vista Activation-Crack April2007\A lire avant !!!.txt
C:\DOCUME~1\erick\Local Settings\Application Data\Microsoft\Messenger\erick3815@hotmail.com\Sharing Folders\mahoni50@hotmail.fr\Windows Vista Activation-Crack April2007\HOWTOC~1.EXE
C:\DOCUME~1\erick\Local Settings\Application Data\Microsoft\Messenger\erick3815@hotmail.com\Sharing Folders\mahoni50@hotmail.fr\Windows Vista Activation-Crack April2007\HOWTOT~1.EXE
C:\DOCUME~1\erick\Local Settings\Application Data\Microsoft\Messenger\erick3815@hotmail.com\Sharing Folders\mahoni50@hotmail.fr\Windows Vista Activation-Crack April2007\install.cmd
C:\DOCUME~1\erick\Local Settings\Application Data\Microsoft\Messenger\erick3815@hotmail.com\Sharing Folders\mahoni50@hotmail.fr\Windows Vista Activation-Crack April2007\TimerStop.sys
C:\DOCUME~1\erick\Local Settings\Application Data\Microsoft\Messenger\erick3815@hotmail.com\Sharing Folders\mahoni50@hotmail.fr\Windows Vista Activation-Crack April2007\TimerStop64.sys


[F:93][D:13]-> C:\DOCUME~1\erick\LOCALS~1\Temp
[F:12][D:0]-> C:\DOCUME~1\erick\Cookies
[F:293][D:4]-> C:\DOCUME~1\erick\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 22/10/2008|11:33 - Option : [1]

--------------------\\ Fin du rapport a 11:33:45
0
Réponse 15 / 110
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
22 oct. 2008 à 12:36
Re,

tes cracks
0
Réponse 16 / 110
erick38270 Messages postés 67 Date d'inscription lundi 20 octobre 2008 Statut Membre Dernière intervention 10 mars 2009
22 oct. 2008 à 12:49
il faut que désinstal tous mes programmes?
0
Réponse 17 / 110
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
22 oct. 2008 à 13:19
Re


affirmatif pour l'antivrus (prend la version gratuite), le parefeu (il y a l'équivalent en gratuit); le zip (WinRAR).

Pour le reste on en reparlera.
0
Réponse 18 / 110
erick38270 Messages postés 67 Date d'inscription lundi 20 octobre 2008 Statut Membre Dernière intervention 10 mars 2009
22 oct. 2008 à 13:55
voila j'ai viré winrar et le par feu, et j'ai mis zone alarm, mais pour avast, j'ai la version gratuite
0
Réponse 19 / 110
erick38270 Messages postés 67 Date d'inscription lundi 20 octobre 2008 Statut Membre Dernière intervention 10 mars 2009
22 oct. 2008 à 16:32
Re,

que dois je faire maintenant?
0
Réponse 20 / 110
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
22 oct. 2008 à 17:21
Re,

Relance FindyKill :

(vérifie que les supports amovibles susceptibles d'avoir été infectés sont branchés)

-> choisis cette fois-ci l'option 2 .

/!\ durant la procédure, l'ordinateur va redémarrer !... Laisses travailler l'outil jusqu' à l'apparition du message :
"nettoyage terminé" .

Note : lors du message d'avertissement , cliques sur " Ok " .

--> ensuite poste le nouveau rapport FindyKill.txt qui est généré et attends la suite ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )


PS : Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier"-> "Nouvelle tâche":
tape explorer.exe et valide .

-----------------

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,

Nouvelle tâche, tape explorer.exe et valide )

-------------------

Remets un rapport RSIT.
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Comment enlever l'audiodescription pour non voyant ?
chantal1234 -
Sim -

52 réponses
Comment désactiver le mode sécurisé de la Freebox POP.
Cycy -
munstef676 -

11 réponses
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses
libellé page1 excel
imazi -
Raymond PENTIER -

7 réponses