Virus Bagle au secours !!!

Résolu/Fermé

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009 - 15 janv. 2009 à 22:03
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 26 janv. 2009 à 19:48

Bonjour,

Je suis infecte par bagle, impossible de lanver mes antivirus et ma connexion internet coupe environs apres 5mn de connexion (je post depuis un portable en wifi).
Je ne peux pas faire de scan en ligne.
Je n'arrive a demarer en mode sans echec seulement en faisant la commande executer/msconfig/ et en conchant boot ini.
J'ai fai plusieur pasage de elibagla (j'envoi le rapport) et combofix en le renomant combo (j'envoi aussi le rapport) mais rien n'y fait.
Un scan avec bitdefender m'a je pense localise le virus :

BitDefender Log File !!!!!
Product : BitDefender Total Security 2008
Version : BitDefender UIScanner v.11
Log date : 09:54:32 14/01/2009
Log path : C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1231923272_1_02.xml

Scan Paths:Path0000: C:\
Path0001: I:\
Path0002: Y:\
Path0003: Z:\

Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes

Target selection options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :

Target ProcessingDefault action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None

Scan engines summaryNumber of virus signatures : 0
Archive plugins : 0
Email plugins : 0
Scan plugins : 0
Archive plugins : 0
System plugins : 0
Unpack plugins : 0

Overall scan summaryScanned items : 0
Infected items : 0
Suspicious items : 0
Resolved items : 57
Individual viruses found : 0
Scanned directories : 0
Scanned boot sectors : 0
Scanned archives : 0
Input-output errors : 0
Scan time : 00:03:19:45
Files per second : 0

Scanned processes summaryScanned : 0
Infected : 0

Scanned registry keys summaryScanned : 0
Infected : 0

Scanned cookies summaryScanned : 0
Infected : 0

Remaining issues:Object Name Threat Name Final Status
C:\Documents and Settings\El Azhar\Local Settings\Application Data\Identities\{58A20F8C-59E2-424A-8A70-5D7878D0BA46}\Microsoft\Outlook Express\Boîte de réception.dbx=](message 180): TOURNICOTI TOUNICOTA =][Subject: Fw: TOURNICOTI TOUNICOTA ][Date: Tue, 23 Sep 2003 17:11:46 +0200]=](MIME part)=]metro.exe Application.Joke.Slidescreen.A No action was possible
C:\WINDOWS\report\20040419.log Generic.Qhost.452A825F No action was possible
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0397930.sys Rootkit.Bagle.Gen No action was possible
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0398961.sys Rootkit.Bagle.Gen No action was possible
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399047.sys Rootkit.Bagle.Gen No action was possible
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399077.sys Rootkit.Bagle.Gen No action was possible
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399107.sys Rootkit.Bagle.Gen No action was possible
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399131.sys Rootkit.Bagle.Gen No action was possible
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399472.sys Rootkit.Bagle.Gen No action was possible
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400311.sys Rootkit.Bagle.Gen No action was possible

Resolved issues:Object Name Threat Name Final Status
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2182\A0401888.exe Backdoor.Generic.134197 Deleted
C:\Muestras\WINUPGRO.EXE.Muestra EliBagle v12.10 MemScan:Trojan.Downloader.Bagle.LI Deleted
C:\Muestras\143421.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\145125.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\14767484.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\148234.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\14877296.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\150265.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\169843.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\228812.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\230203.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\235015.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\242828.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\253828.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\29389703.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\29465828.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\320359.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\332796.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\350968.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\391265.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\394390.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\43940828.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\44016515.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\491109.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\58483562.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\73049875.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\73274703.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\87785093.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\Muestras\87951140.EXE.Muestra EliBagle v12.10 MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399815.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399816.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399825.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399839.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399846.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399853.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399866.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399940.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399944.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399949.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399951.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399957.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0399988.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400008.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400025.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400037.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400045.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400061.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400062.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400070.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400087.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400105.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400116.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400145.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400156.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400180.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\System Volume Information\_restore{24537CC8-33A2-48C8-B213-A2E8249FF9B4}\RP2177\A0400197.exe MemScan:Trojan.PWS.LdPinch.TSE Deleted
C:\WINDOWS\system32\drivers\etc\tuneup2006keygen.exe Trojan.Packed.27015 Deleted

Objects that were not scanned:Object Name Reason Final Status
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\CometCursors.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\CometCursors.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchCameUp.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchCameUp.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchToolband.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchToolband.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb1.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb1.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb10.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb10.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb11.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb11.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb12.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb12.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb13.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb13.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb14.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb14.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb15.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb15.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb2.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb3.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb4.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb4.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb5.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb5.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb6.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb6.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb7.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb7.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb8.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb8.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb9.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWeb9.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts10.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts10.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts11.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts11.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts12.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts12.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts13.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts13.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts14.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts14.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts15.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts15.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts16.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts16.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts17.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts17.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts18.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts18.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts19.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts19.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts2.zip=]m3ffxtbr.manifest Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts20.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts20.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts21.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts21.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts22.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts22.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts23.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts23.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts24.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts24.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts25.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts25.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts26.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts26.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts27.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts27.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts28.zip=]ScreenSaver/Images/011C5713.urr Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts28.zip=]Shared/Cache/CursorManiaBtn.html Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts28.zip=]Shared/Cache/SmileyCentralBtn.html Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts28.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts29.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts29.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts3.zip=]m3ffxtbr.jar Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts30.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts30.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts31.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts31.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts32.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts32.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts33.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts33.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts34.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts34.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts35.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts35.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts36.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts36.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts37.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts37.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts38.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts38.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts39.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts39.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts40.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts40.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts41.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts41.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts42.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts42.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts43.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts43.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts44.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts44.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts45.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts45.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts46.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts46.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts47.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts47.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts48.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts48.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts49.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts49.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts5.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts5.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts50.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts50.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts51.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts51.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts52.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts52.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts53.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts53.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts54.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts54.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts55.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts55.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts56.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts56.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts57.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts57.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts58.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts58.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts6.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts6.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts7.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts7.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts8.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts8.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts9.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts9.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MagicAntiSpy.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MagicAntiSpy.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip=]MWSOESTB.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch10.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch10.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch11.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch11.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch12.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch12.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch13.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch13.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch14.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch14.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch15.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch15.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch16.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch16.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch17.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch17.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch18.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch18.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch19.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch19.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch20.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch20.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3BKGERR.JPG Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3BROVLY.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3CJPEG.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3DTACTL.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3HISTSW.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3HTMLMU.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3HTTPCT.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3IMSTUB.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3POPSWT.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3PSSAVR.SCR Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3REPROX.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3RESTUB.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3SCHMON.EXE Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3SCRCTR.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3SHLLVW.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3SPACER.WMV Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3WALLPP.DAT Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/F3WPHOOK.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3FFXTBR.JAR Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3FFXTBR.MANIFEST Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3HTML.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3IDLE.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3IMPIPE.EXE Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3MSG.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3NTSTBR.JAR Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3NTSTBR.MANIFEST Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3OUTLCN.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3PLUGIN.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3SKIN.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3SKPLAY.EXE Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/M3SLSRCH.EXE Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/MWSOEMON.EXE Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/MWSOEPLG.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/1.bin/NPMYWEBS.DLL Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Avatar/COMMON.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Cache/011C3EE8 Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Cache/011C434D Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Cache/011C486D.bin Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Cache/011C4A52.bin Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Cache/011C4BD8.bin Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Cache/011C4DFB.bin Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Cache/files.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Game/CHECKERS.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Game/CHESS.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Game/REVERSI.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/History/search2 Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/icons/CM.ICO Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/icons/MFC.ICO Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/icons/PSS.ICO Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/icons/SMILEY.ICO Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/icons/WB.ICO Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/icons/ZWINKY.ICO Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Message/COMMON.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/COMMON.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/DOG.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/FISH.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/KUNGFU.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/LIFEGARD.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/MAID.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/MAILBOX.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/OPERA.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/ROBOT.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/SEDUCT.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Notifier/SURFER.F3S Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Settings/prevcfg2.htm Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Settings/setting2.htm Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Settings/settings.dat Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]bar/Settings/s_pid.dat Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch22.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch22.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch23.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch23.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch24.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch24.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch25.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch25.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch26.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch26.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch27.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch27.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch28.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch28.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch29.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch29.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch3.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch3.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch30.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch30.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch31.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch31.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch32.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch32.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch33.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch33.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch34.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch34.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch35.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch35.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch36.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch36.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch37.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch37.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch38.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch38.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch39.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch39.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch40.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch40.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch41.zip=]sbRecovery.reg Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch41.zip=]sbRecovery.ini Password-Protected No action was possible
C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch42.zip=]sbRec

A voir également:

Virus Bagle au secours !!!
Svchost.exe virus - Guide
Faux message virus iphone - Forum iPhone
Operagxsetup virus ✓ - Forum Virus
Vérificateur de lien virus - Guide
Produkey virus ✓ - Forum Windows 10

77 réponses

Réponse 1 / 77

Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
25 janv. 2009 à 00:36

Salut,

Quels sont tes problèmes ?

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
25 janv. 2009 à 13:32

Merci pour la reponse.
Il y à l'historique de poster. J'ai ete aider mais la procedure n'as pas été fini. Et depuis je suis toujours contaminer je pense pas Bagle. Il m'empeche de lancer mes antivirus et me coupe ma connexion internet au bout de 5 minutes environs. Il y a plus haut tout les rapports de postés. Ca à été realiser avec plusieur programme comme tu peux le voir.
J'ai recu mon CD d'install. Club-internet, je suis en train d'essayer la ré-installation de mon pilote modem.
Merci pour ton aide c'est sympa.

Réponse 2 / 77

Utilisateur anonyme
15 janv. 2009 à 22:08

Salut ,

Telecharge FindyKill sur ton bureau :

--> Lance l installation avec les parametres par default

--> Double clic sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 1 (Recherche)

--> Post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque

Tuto : malekal
Tuto : 01net

Réponse 3 / 77

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
15 janv. 2009 à 22:17

Merci

Durant le scan j'ai eu un message d'erreur : "exception processing message c0000013 parameters 75afbf7c 4 7Safb7c..." le reste n'apparaissant pas dans la fenetre d'erreur (bug d'affichage du sans echec?)
en faisant recommencer, impossible de continuer.
J'ai cliquer plusieur fois sur continuer jusqu'a ce que lanalyse se relance et finnise pour me remettre le rapport suivant :

----------------- FindyKill V4.712 ------------------

* User : Propriétaire - LAZHAR-JW26RP4V
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 14/01/09 par Chiquitine29
* Recherche effectuée à 22:12:14 le 15/01/2009
* Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((((( *** Recherche *** ))))))))))))))))))

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

--------------- [ Fichiers/Dossiers infectieux ] ----------------

»»»» Presence des fichiers dans C:

Found ! [14/01/2009 04:05] - "C:\Muestras"
Found ! [15/01/2009 21:58] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS

»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-041A0D93.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32

»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

»»»» Presence des fichiers dans C:\Documents and Settings\Propriétaire\Application Data

»»»» Presence des fichiers dans C:\DOCUME~1\PROPRI~2\LOCALS~1\Temp

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
LXCRCATS=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
MSConfig=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\Bit.Defender.Antivirus.Plus.v10.Fr.Incl-Serials]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\looksingle]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MMDiag]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\patch]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\telbook]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\WCESCOMM]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

--------------- [ Registre / Clés infectieuses ] ----------------

Found ! - HKEY_USERS\S-1-5-21-606747145-1972579041-839522115-1003\Software\Local AppWizard-Generated Applications\Bit.Defender.Antivirus.Plus.v10.Fr.Incl-Serials
Found ! - HKEY_USERS\S-1-5-21-606747145-1972579041-839522115-1003\Software\Local AppWizard-Generated Applications\patch
Found ! - HKEY_USERS\S-1-5-21-606747145-1972579041-839522115-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\Bit.Defender.Antivirus.Plus.v10.Fr.Incl-Serials
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\patch
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------

+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

/!\ Ip6Fw - Type de démarrage = 4

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

wscsvc - Type de démarrage = 2

--------------- [ Recherche dans supports amovibles] ----------------

+- Informations :

C: - Lecteur fixe

I: - Lecteur fixe

N: - Lecteur amovible

Y: - Lecteur fixe

Z: - Lecteur fixe

+- presence des fichiers :

--------------- [ Registre / Mountpoint2 ] ----------------

Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e021f40-74ba-11da-8ace-000c76358aaf}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a23bf7b6-38e8-11db-8c44-222222222222}\Shell\AutoRun\command

------------------- ! Fin du rapport ! --------------------

Merci de votre aide !

Réponse 4 / 77

Utilisateur anonyme
15 janv. 2009 à 22:20

ok

tout ça pour avoir : Bit.Defender.Antivirus.Plus....

berff ,

--> Double clic sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 2 (Suppression)

/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "Cleaning complete"

/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !

-------> ensuite post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
/!\ A lire dans tons cas 1 : http://www.libellules.ch/...
/!\ A lire dans tons cas 2 : http://forum.malekal.com/ftopic893.php
/!\ A visionner : http://secuboxlabs.fr/archives/computertoday.html

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 77

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
15 janv. 2009 à 22:25

Re,
J'ai lancer entre temps Malwarebyte's anti-malware. Il me signale 1 element infectes pour le moment.

C'est un bon anti malware ?

Apres je reprendrai ce que tu ma demander.

Merci

Réponse 6 / 77

Utilisateur anonyme
15 janv. 2009 à 22:27

arff

ferme malewarebyte

et passe a l option deux de findykill stp

Réponse 7 / 77

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
15 janv. 2009 à 22:29

Ok fait, ca redemarre ...

Réponse 8 / 77

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
15 janv. 2009 à 22:33

le PC à donc redemmarer, j'ai entrer mon mots de passe.
Mon bureau s'affiche normalement en mode sans echec, il semble que rien ne se passe...
Pas de message, rien.
:s

Réponse 9 / 77

Utilisateur anonyme
15 janv. 2009 à 22:35

en mode sans echec

je n ais pas dis en mode sans echec

recommence la manip

et laisse le pc redémmarer normalement stp

Réponse 10 / 77

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
15 janv. 2009 à 22:54

salut

Voici le rapport apres redemarage du pc en mode normal.
J'ai eu quelques message d'erreur que je n'ai pas pu relever.(acces denied avec un numero de clef)

----------------- FindyKill V4.712 ------------------

* User : Propri‚taire - LAZHAR-JW26RP4V
* executed from : C:\Program Files\FindyKill
* Update on 14/01/09 par Chiquitine29
* Start at 22:39:22 the 15/01/2009
* Windows XP - Internet Explorer 7.0.5730.11

((((((((((((((( *** deleting *** ))))))))))))))))))

--------------- [ Active Processes ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

--------------- [ Infected files / folders ] ----------------

»»»» Supression files in C:

Deleted ! - "C:\Muestras"
Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\WINDOWS

»»»» Supression files in C:\WINDOWS\Prefetch

Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-041A0D93.pf

»»»» Supression files in C:\WINDOWS\system32

»»»» Supression files in C:\WINDOWS\system32\drivers

»»»» Supression files in C:\Documents and Settings\Propri‚taire\Application Data

»»»» Supression files in C:\DOCUME~1\PROPRI~2\LOCALS~1\Temp

»»»» Supression files in C:\Documents and Settings\Propri‚taire\Local Settings\Temporary Internet Files\Content.IE5

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-606747145-1972579041-839522115-1003\Software\Local AppWizard-Generated Applications\Bit.Defender.Antivirus.Plus.v10.Fr.Incl-Serials
Deleted ! - HKEY_USERS\S-1-5-21-606747145-1972579041-839522115-1003\Software\Local AppWizard-Generated Applications\patch
Deleted ! - HKEY_USERS\S-1-5-21-606747145-1972579041-839522115-1003\Software\Local AppWizard-Generated Applications\winupgro

--------------- [ States / Restarting of services ] ----------------

+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe

I: - Lecteur fixe

Y: - Lecteur fixe

Z: - Lecteur fixe

+- deleting files :

--------------- [ Registry / Mountpoint2 ] ----------------

Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e021f40-74ba-11da-8ace-000c76358aaf}\Shell\AutoRun\command
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a23bf7b6-38e8-11db-8c44-222222222222}\Shell\AutoRun\command

--------------- [ Searching Other Infections ] ----------------

Suspect ! - 94303305483458bc17e153c25c1cea7b C:\Program Files\AVSMedia\VideoTools\CaptureWizard\CaptureWizard.exe
Suspect ! - 3b258060e34264fbd09b7ed989ed1b30 C:\Program Files\AVSMedia\VideoTools\VideoConverter\AVSVideoConverter.exe
Suspect ! - a7b43a3222ed5fcb2afa48d6baa204d2 C:\Program Files\AVSMedia\VideoTools\VideoConverter\Registration.exe
Suspect ! - d22be274a82ec98c249189abce80a8d4 C:\Program Files\AVSMedia\VideoTools\VideoReMaker\AVSVideoReMaker.exe
Suspect ! - d25a8cea33d9d496eba3df55e0097548 C:\Program Files\AVSMedia\VideoTools\VideotoGo\AVSVideotoGo.exe
Suspect ! - f9beaf03b4edc6b5d04fe86a2d2e84a0 C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\AVSDVDMenuEditor.exe
Suspect ! - 54078ea2d1e0b05067dd9e14bd4bb57d C:\Program Files\Fichiers communs\AVSMedia\BurnerService\AVSVideoBurner.exe
Suspect ! - a9db856b410b218538b40f1e07c8bd95 C:\Program Files\Fichiers communs\AVSMedia\MobileUploader\AVSMobileUploader.exe

--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\Propri‚taire\Mes documents\Jeux amiga\PushOver_(1992)(Ocean_Software)(M4)\Pushover (1992)(Ocean Software)(M4)[cr Crack Inc](Disk 1 of 2).adf
C:\Documents and Settings\Propri‚taire\Mes documents\Jeux amiga\PushOver_(1992)(Ocean_Software)(M4)\Pushover (1992)(Ocean Software)(M4)[cr Crack Inc](Disk 2 of 2).adf

---------------- ! End of report ! ------------------

Ca dit quoi ?

Réponse 11 / 77

Utilisateur anonyme
15 janv. 2009 à 23:08

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:files
C:\Program Files\Fichiers communs\AVSMedia
C:\Program Files\Fichiers communs\AVSMedia
C:\Documents and Settings\Propriétaire\Mes documents\Jeux amiga\PushOver_(1992)(Ocean_Software)(M4)

:commands
[emptytemp]
[start explorer]
[reboot]

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Réponse 12 / 77

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
15 janv. 2009 à 23:16

C'est fait

Voici le rapport

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Program Files\Fichiers communs\AVSMedia\MobileUploader moved successfully.
C:\Program Files\Fichiers communs\AVSMedia\Licence moved successfully.
C:\Program Files\Fichiers communs\AVSMedia\BurnerService moved successfully.
C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor moved successfully.
C:\Program Files\Fichiers communs\AVSMedia\ActiveX\RMBin\tools moved successfully.
C:\Program Files\Fichiers communs\AVSMedia\ActiveX\RMBin\plugins moved successfully.
C:\Program Files\Fichiers communs\AVSMedia\ActiveX\RMBin\codecs moved successfully.
C:\Program Files\Fichiers communs\AVSMedia\ActiveX\RMBin\audiences moved successfully.
C:\Program Files\Fichiers communs\AVSMedia\ActiveX\RMBin moved successfully.
C:\Program Files\Fichiers communs\AVSMedia\ActiveX\Repair moved successfully.
C:\Program Files\Fichiers communs\AVSMedia\ActiveX moved successfully.
C:\Program Files\Fichiers communs\AVSMedia moved successfully.
File/Folder C:\Program Files\Fichiers communs\AVSMedia not found.
C:\Documents and Settings\Propriétaire\Mes documents\Jeux amiga\PushOver_(1992)(Ocean_Software)(M4) moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01152009_231131

(pour info je suis deconnecte d'internet, cable debranche)

ca evolue bien?

Réponse 13 / 77

Utilisateur anonyme
15 janv. 2009 à 23:25

ok refais avec un oubli de ma part désolé :

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:files
C:\Program Files\AVSMedia

:commands
[emptytemp]
[start explorer]

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Réponse 14 / 77

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
15 janv. 2009 à 23:29

Pas de probleme !

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Program Files\AVSMedia\VideoTools\VideotoGo\presets moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideotoGo moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\Skins moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Pets\Dolmatines\advanced\layers moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Pets\Dolmatines\advanced moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Pets\Dolmatines moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Pets\Cartoon\advanced\layers moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Pets\Cartoon\advanced moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Pets\Cartoon moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Pets moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Holiday\Christmas\advanced\layers moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Holiday\Christmas\advanced moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Holiday\Christmas moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Holiday moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Album\Summer\advanced\layers moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Album\Summer\advanced moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Album\Summer moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Album\Loving Hearts\advanced\layers moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Album\Loving Hearts\advanced moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Album\Loving Hearts moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles\Album moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDMenuStyles moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker\DVDHelp moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoReMaker moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\Skins moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Pets\Dolmatines\advanced\layers moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Pets\Dolmatines\advanced moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Pets\Dolmatines moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Pets\Cartoon\advanced\layers moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Pets\Cartoon\advanced moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Pets\Cartoon moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Pets moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Holiday\Christmas\advanced\layers moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Holiday\Christmas\advanced moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Holiday\Christmas moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Holiday moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Album\Summer\advanced\layers moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Album\Summer\advanced moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Album\Summer moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Album\Loving Hearts\advanced\layers moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Album\Loving Hearts\advanced moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Album\Loving Hearts moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles\Album moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter\DVDMenuStyles moved successfully.
C:\Program Files\AVSMedia\VideoTools\VideoConverter moved successfully.
C:\Program Files\AVSMedia\VideoTools\CaptureWizard moved successfully.
C:\Program Files\AVSMedia\VideoTools moved successfully.
C:\Program Files\AVSMedia moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01152009_232745

:)

Réponse 15 / 77

Utilisateur anonyme
15 janv. 2009 à 23:35

oui sorry ,

-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

http://download.piriform.com/ccsetup210.exe

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

-> Tuto : https://www.malekal.com/tutoriel-ccleaner/ (fais registre : corriger les erreures et lancer le nettoyage)

ensuite :

Télécharge ToolsCleaner sur ton bureau.
-->
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

puis :

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt

Réponse 16 / 77

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
15 janv. 2009 à 23:37

J'ai deja CCleaner V2.13.270 c'est ok?

Réponse 17 / 77

Utilisateur anonyme
15 janv. 2009 à 23:38

oui c ok

Réponse 18 / 77

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
15 janv. 2009 à 23:55

Voici les logs

[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\FindyKill.txt: trouvé !
C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\KillBox.exe: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\Raccourcis Bureau non utilisés\HijackThis.lnk: trouvé !
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\Hijackthis Version Française\hijackthis.log: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\KillBox.exe: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\Raccourcis Bureau non utilisés\HijackThis.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\FindyKill.txt: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\OTMoveIt3.exe: supprimé !
C:\Program Files\Hijackthis Version Française\hijackthis.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\FindyKill: supprimé !
C:\Program Files\FindyKill: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

----------------------------------------------------------------------------------------------------------------------------------

Logfile of random's system information tool 1.05 (written by random/random)
Run by Propriétaire at 2009-01-15 23:51:55
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 25 GB (19%) free of 130 GB
Total RAM: 2047 MB (80% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\Nettoyage de disque.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{94A22F57-DB80-4B51-A07D-BEE3BFFCDB7B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19C8E43B-07B3-49CB-BFFC-6777B593E6F8}]
Download Manager Browser Helper Object - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL [2007-05-21 525792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealOne Player\rpbrowserrecordplugin.dll [2007-11-16 370296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2008-12-02 73040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar4.dll [2007-01-19 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-13 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar4.dll [2007-01-19 2436160]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-02-28 86016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LXCRCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared]
C:\Program Files\a-squared Anti-Malware\a2guard.exe [2009-01-11 2782352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-02-16 360448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitDefender Antiphishing Helper]
C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe [2007-10-09 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
C:\Program Files\BroadJump\Client Foundation\CFD.exe [2003-01-27 376912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanalPlayer]
C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe [2007-07-16 2016928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
C:\Program Files\CCleaner\ccleaner.exe [2008-10-23 1336560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files\Fichiers communs\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2007-08-16 531272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
C:\Program Files\Lexmark 2400 Series\ezprint.exe [2006-02-07 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP]
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe [2006-01-02 1591808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HI-SPEED USB DEVICE Coinstaller]
C:\WINDOWS\system32\PL15Co2K.exe [2003-06-19 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\I downloaded pirated Software from P2P]
Virtua Tennis 3 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\I downloaded pirated Software from P2P ]
Need for Speed Carbon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2007-01-23 101136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 3100 Series]
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe [2003-09-03 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2007-01-23 101136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-28 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe [2006-03-06 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe [2006-04-21 438359]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\Msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 9.0]
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe [2009-01-11 1122304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-02-12 21898024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-01 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-11-16 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client]
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-01-11 919016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2007-05-11 738968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^BlueSoleil.lnk]
C:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^desktop.ini]
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\desktop.ini []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^DVD@ccess.lnk]
C:\PROGRA~1\APPLEC~1\DVD@CC~1\DVDACC~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Google Updater.lnk]
C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE [2008-10-13 161264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
C:\Program Files\Fichiers communs\GMT\GMT.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
C:\PROGRA~1\CLUB-I~1\LECOMP~1\bin\matcli.exe [2005-06-03 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe /start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-01-30 688128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE -b -l []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk]
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe -h []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Salat Time.lnk]
C:\WINDOWS\Installer\{721B7505-F382-443E-A3EF-A121A6C4DF2A}\NewShortcut1_721B7505F382443EA3EFA121A6C4DF2A.exe [2007-10-30 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2007-02-05 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
C:\PROGRA~1\CLUB-I~1\Lanceur\lanceur.exe [2007-12-26 5484544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^desktop.ini]
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\desktop.ini []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
C:\WINDOWS\BRICOP~1\CRYSTA~1\ROCKET~1\ROCKET~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
C:\WINDOWS\BRICOP~1\CRYSTA~1\UberIcon\UBERIC~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
C:\WINDOWS\BRICOP~1\CRYSTA~1\YzShadow\YzShadow.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Y'z Toolbar.lnk]
C:\WINDOWS\BRICOP~1\CRYSTA~1\YZTOOL~1\YZTOOL~1.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
C:\WINDOWS\system32\WRLogonNTF.dll [2006-01-25 492544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e852422-8661-11dc-a938-000c76358aaf}]
shell\AutoRun\command - H:\InstallTomTomHOME.exe

======List of files/folders created in the last 1 months======

2009-01-15 23:51:55 ----D---- C:\rsit
2009-01-15 23:50:42 ----A---- C:\TCleaner.txt
2009-01-15 22:19:53 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
2009-01-15 22:19:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-15 22:19:45 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-15 21:59:36 ----SHD---- C:\RECYCLER
2009-01-15 21:36:23 ----D---- C:\WINDOWS\temp
2009-01-15 21:25:45 ----D---- C:\Combo
2009-01-15 21:08:33 ----A---- C:\WINDOWS\zip.exe
2009-01-15 21:08:33 ----A---- C:\WINDOWS\VFIND.exe
2009-01-15 21:08:33 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-01-15 21:08:33 ----A---- C:\WINDOWS\SWSC.exe
2009-01-15 21:08:33 ----A---- C:\WINDOWS\SWREG.exe
2009-01-15 21:08:33 ----A---- C:\WINDOWS\sed.exe
2009-01-15 21:08:33 ----A---- C:\WINDOWS\NIRCMD.exe
2009-01-15 21:08:33 ----A---- C:\WINDOWS\grep.exe
2009-01-15 21:08:33 ----A---- C:\WINDOWS\fdsv.exe
2009-01-15 20:22:22 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-01-14 00:37:22 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Bitdefender
2009-01-14 00:37:22 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
2009-01-13 22:45:07 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2009-01-13 18:16:41 ----D---- C:\Documents and Settings\Propriétaire\Application Data\F-Secure
2009-01-13 18:08:09 ----D---- C:\Program Files\F-Secure Internet Security
2009-01-13 18:02:02 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\fssg
2009-01-13 18:01:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\f-secure
2009-01-12 01:13:12 ----HDC---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-01-11 23:57:38 ----D---- C:\Program Files\GRISOFT
2009-01-11 15:07:47 ----D---- C:\WINDOWS\ERDNT
2009-01-08 20:10:48 ----D---- C:\Program Files\eToro
2009-01-08 01:21:16 ----D---- C:\Program Files\Fichiers communs\Nikon
2009-01-08 01:21:14 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Nikon
2009-01-08 01:21:02 ----D---- C:\Program Files\Nikon
2009-01-08 01:20:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ultima_T15
2009-01-08 01:20:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\EnterNHelp
2009-01-01 03:23:42 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TomTom
2009-01-01 03:21:48 ----D---- C:\Documents and Settings\Propriétaire\Application Data\TomTom
2009-01-01 03:19:57 ----D---- C:\Program Files\TomTom HOME 2
2008-12-27 21:15:38 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\NCH Swift Sound
2008-12-27 21:15:37 ----D---- C:\Documents and Settings\Propriétaire\Application Data\NCH Swift Sound
2008-12-27 21:15:26 ----D---- C:\Program Files\NCH Software
2008-12-27 21:15:23 ----D---- C:\Program Files\NCH Swift Sound
2008-12-25 13:26:29 ----D---- C:\Program Files\Zg cd extractor
2008-12-17 21:04:24 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-17 21:00:04 ----D---- C:\Program Files\Microsoft

======List of files/folders modified in the last 1 months======

2009-01-15 23:50:23 ----D---- C:\Program Files\Trend Micro
2009-01-15 23:50:23 ----AD---- C:\Program Files
2009-01-15 23:50:17 ----D---- C:\WINDOWS
2009-01-15 23:50:17 ----D---- C:\Program Files\Hijackthis Version Française
2009-01-15 23:40:32 ----D---- C:\WINDOWS\Debug
2009-01-15 23:27:45 ----D---- C:\WINDOWS\Prefetch
2009-01-15 23:11:51 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-01-15 23:11:33 ----D---- C:\Program Files\Fichiers communs
2009-01-15 22:36:10 ----A---- C:\WINDOWS\win.ini
2009-01-15 22:36:10 ----A---- C:\WINDOWS\system.ini
2009-01-15 22:36:10 ----A---- C:\boot.ini
2009-01-15 22:19:49 ----HD---- C:\WINDOWS\system32\drivers
2009-01-15 21:36:24 ----D---- C:\WINDOWS\system32
2009-01-15 21:36:23 ----D---- C:\Documents and Settings
2009-01-15 21:33:47 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-15 21:29:58 ----D---- C:\WINDOWS\AppPatch
2009-01-15 21:05:26 ----D---- C:\Program Files\DkZ Studio
2009-01-15 21:01:02 ----D---- C:\WINDOWS\Internet Logs
2009-01-15 20:33:07 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2009-01-15 20:22:23 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-15 20:22:22 ----HD---- C:\WINDOWS\inf
2009-01-15 20:16:49 ----SHD---- C:\WINDOWS\Installer
2009-01-15 20:16:49 ----D---- C:\Config.Msi
2009-01-15 20:12:57 ----A---- C:\WINDOWS\bdagent.INI
2009-01-14 09:56:32 ----D---- C:\Program Files\Mozilla Firefox
2009-01-14 03:17:21 ----RSD---- C:\WINDOWS\Fonts
2009-01-14 03:05:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-14 03:04:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-14 03:04:44 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-14 02:02:04 ----D---- C:\Program Files\Amigo DVD Ripper
2009-01-14 00:42:37 ----D---- C:\Program Files\Fichiers communs\BitDefender
2009-01-14 00:41:47 ----D---- C:\Program Files\BitDefender
2009-01-14 00:40:43 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-14 00:37:29 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-01-14 00:20:06 ----D---- C:\WINDOWS\pss
2009-01-13 18:22:03 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-12 01:13:02 ----D---- C:\Program Files\Uniblue
2009-01-11 15:12:33 ----D---- C:\WINDOWS\system32\config
2009-01-11 15:11:11 ----D---- C:\Program Files\Microsoft ActiveSync
2009-01-11 15:09:18 ----D---- C:\Program Files\Internet Explorer
2009-01-11 13:33:03 ----D---- C:\Program Files\a-squared Anti-Malware
2009-01-11 00:50:12 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Uniblue
2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-09 22:03:57 ----SHD---- C:\System Volume Information
2009-01-09 22:03:57 ----D---- C:\WINDOWS\system32\Restore
2009-01-09 21:58:50 ----D---- C:\WINDOWS\system32\wbem
2009-01-09 21:58:50 ----D---- C:\WINDOWS\Registration
2009-01-09 21:34:26 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-01-08 20:20:16 ----D---- C:\WINDOWS\system
2009-01-08 13:00:58 ----D---- C:\Program Files\eMule
2009-01-08 01:22:29 ----RSD---- C:\WINDOWS\assembly
2009-01-01 14:56:47 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-01 03:16:35 ----D---- C:\Program Files\TomTom HOME
2008-12-28 23:08:12 ----D---- C:\WINDOWS\Minidump
2008-12-28 01:56:37 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-25 19:06:52 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Macromedia
2008-12-25 12:56:11 ----D---- C:\Program Files\Web Hottest Videos Personal Player
2008-12-24 21:37:29 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-12-24 18:06:02 ----D---- C:\Program Files\lx_cats
2008-12-23 19:51:14 ----D---- C:\Program Files\Google
2008-12-23 19:51:14 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
2008-12-22 00:58:43 ----D---- C:\Documents and Settings\Propriétaire\Application Data\XnView
2008-12-18 23:03:37 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-18 01:45:01 ----D---- C:\WINDOWS\ie7updates
2008-12-17 21:11:11 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-17 21:04:09 ----D---- C:\Program Files\Windows Live
2008-12-17 21:02:52 ----D---- C:\WINDOWS\system32\DirectX
2008-12-17 20:59:19 ----D---- C:\Program Files\Windows Live SkyDrive

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 bdftdif;bdftdif; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 GearAspiWDM;GearAspiWDM; C:\WINDOWS\system32\drivers\GearAspiWDM.sys [2004-08-02 14384]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 PQIMount;PQIMount; C:\WINDOWS\system32\drivers\PQIMount.sys [2004-08-02 46779]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-12-13 394952]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-30 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 JiaoIO;JiaoIO; \??\C:\WINDOWS\system32\drivers\JiaoIO.sys []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-01-25 85520]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys []
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-26 1372992]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-08-31 43008]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 Intels51;Creatix V.9X DSP Data Fax Modem; C:\WINDOWS\System32\DRIVERS\ctxs51.sys [2002-07-01 638366]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-01-23 20496]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\WINDOWS\system32\drivers\libusb0.sys [2005-03-09 33792]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 hidfltr;HID Filter Driver; C:\WINDOWS\System32\DRIVERS\MWhid.sys [2004-07-22 13300]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
S1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys []
S2 JiaoCap;JiaoCap, WDM Video Capture for VCDCut; C:\WINDOWS\system32\DRIVERS\JiaoCap.sys [2004-11-29 349964]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 axzg7c73;axzg7c73; C:\WINDOWS\system32\drivers\axzg7c73.sys []
S3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2004-10-19 20096]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-09-21 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-01-17 23000]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-01-13 12500]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DIGIRPS;Pilote PortServer Digi; C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-23 42656]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 Fadpu16E;Fadpu16E; \??\C:\DOCUME~1\PROPRI~2\LOCALS~1\Temp\Fadpu16E.sys []
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2002-10-29 40960]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2005-06-28 10345]
S3 hid8101;hid8101; C:\WINDOWS\system32\drivers\hid8101.SYS [2006-10-23 31899]
S3 IPFilter;Microsoft IntelliPoint Features driver; C:\WINDOWS\System32\DRIVERS\IPFilter.sys [2002-04-11 11136]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-01-23 62992]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-01-23 34576]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-01-23 33296]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-01-23 78864]
S3 Lvckap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-19 2109592]
S3 lvmvdrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-19 2142488]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys []
S3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys []
S3 LVUVC;Logitech QuickCam Fusion(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys []
S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-30 5888]
S3 Ser2pl;SIEMENS Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-05-07 41472]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 TSP;TSP; C:\WINDOWS\system32\DRIVERS\klif.sys []
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2004-11-05 82148]
S3 VHidMinidrv;Bluetooth HID Device Service; C:\WINDOWS\system32\drivers\VHIDMini.sys [2004-09-22 12504]
S3 w800bus;Sony Ericsson W800 driver (WDM); C:\WINDOWS\system32\DRIVERS\w800bus.sys [2005-05-24 52384]
S3 w800mdfl;Sony Ericsson W800 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w800mdfl.sys [2005-05-24 6096]
S3 w800mdm;Sony Ericsson W800 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w800mdm.sys [2005-05-24 87424]
S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w800mgmt.sys [2005-05-24 79216]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-09-01 104064]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-05-16 54784]
R2 GEARSecurity;GEARSecurity; C:\WINDOWS\System32\GEARSec.exe [2004-08-02 53248]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-13 168432]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-29 307200]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\WINDOWS\system32\libusbd-nt.exe [2005-03-09 18944]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2008-02-08 1130496]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 WSearch;Recherche Windows; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-27 86016]
R3 lxcr_device;lxcr_device; C:\WINDOWS\system32\lxcrcoms.exe [2006-02-20 495616]
R3 SCAN;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-01-11 611664]
S2 Norton Ghost;Norton Ghost; C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe [2009-01-11 1269760]
S2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-02-25 1216512]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Service CANALPLAY;Service CANALPLAY; C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe [2007-07-16 419488]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
S4 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-01-11 75304]

-----------------EOF-----------------

Réponse 19 / 77

Utilisateur anonyme
16 janv. 2009 à 00:00

ok ,

on en reviens a tes antivirus -;)

y en a 3 sur ta machine ...

je sais pas lequel est actif ou detruit par ton infection

fais ceci :

Télécharge HijackThis (outils de diagnostic) ici :

-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau

-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> HijackThis

-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

-> Clique sur Install ensuite sur I Accept

-> Clique sur Do a scan system and save log file

-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

Réponse 20 / 77

elazhar Messages postés 53 Date d'inscription jeudi 15 janvier 2009 Statut Membre Dernière intervention 22 août 2009
16 janv. 2009 à 00:04

Le voici !

Logfile of HijackThis v1.99.1
Scan saved at 00:02:03, on 16/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealOne Player\rpbrowserrecordplugin.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.73\AMVConverter\grab.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download with &FileFactory Turbo - C:\Program Files\FileFactory Turbo\Plugins\IE\FileFactoryIE.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.73\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: ConferenceRoom Java Client - http://irc2.bluewin.ch/java/cr.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20061023/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fr/filesharingctrl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - http://us-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} (Microsoft Office XP Professional Step by Step Interactive) - file://C:\Program Files\Formation interactive Microsoft\o10c\mitm0026.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_3_18_0.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - https://sourceforge.net/p/libusb-win32/wiki/Home/ - C:\WINDOWS\system32\libusbd-nt.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe" /service (file missing)

:)

Discussions similaires

Est ce que le site tlauncher est dangereux ?

4 virus en raison d’un porno ????

Comment savoir si j'ai attrapé un virus sur mon téléphone ?

Virus Altruistic

Supprimer notifications myavids.com sous Android.

Discussions similaires

Newsletters