EXE supprimé de Avast , spybot, Antivir ...Résolu/Fermé

Question

Bonjour,

Ce probleme touche plusieurs personnes d'après ce que j'ai vu sur le forum j'ai essayé divers façon proposé mais rien ne marche.

J'ai des executables de Avast, spybot, antivir qui sont supprimé par quelque chose.

Si quelqu'un pouvait m'aider merci

Voici le rapport HijackThis

Logfile of HijackThis v1.99.1
Scan saved at 14:10:18, on 08/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\DAVID\Bureau\franck\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: (no name) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab28177.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28177.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28177.cab
O18 - Protocol: bw+0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {5F4AC77F-ED10-4603-9BCF-7CFFE4B992DF} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: SmartLinkService (SLService) -   - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

salwa5 · Answer

bonjour Télécharge Blacklight (de F-Secure) 
https://www.f-secure.com/en
https://europe.f-secure.com/exclude/blacklight/index.shtml 


et sauvegarde le sur ton Bureau. 

Double-clique blbeta.exe et accepte la licence ; laisse [X]scan through Windows Explorer activé ; clique Scan puis Next 

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres). 

Copie et colle le contenu de ce rapport dans ta prochaine réponse 

a+++

Diambars · Answer

Merci pour ton aide.

Voici donc le contenu de ce rapport

02/08/07 15:00:20 [Info]: BlackLight Engine 1.0.55 initialized
02/08/07 15:00:20 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/08/07 15:00:21 [Note]: 7019 4
02/08/07 15:00:21 [Note]: 7005 0
02/08/07 15:00:56 [Note]: 7006 0
02/08/07 15:00:56 [Note]: 7011 1600
02/08/07 15:00:57 [Note]: 7026 0
02/08/07 15:00:57 [Note]: 7026 0
02/08/07 15:00:57 [Note]: 7024 3
02/08/07 15:00:57 [Info]: Hidden process: C:\WINDOWS\system32\hldrrr.exe
02/08/07 15:00:57 [Note]: 7024 3
02/08/07 15:00:57 [Info]: Hidden process: C:\WINDOWS\system32\hldrrr.exe
02/08/07 15:01:04 [Note]: FSRAW library version 1.7.1021
02/08/07 15:01:07 [Info]: Hidden file: c:\Documents and Settings\DAVID\Application Data\hidires\hidr.exe
02/08/07 15:01:07 [Note]: 10002 2
02/08/07 15:01:07 [Info]: Hidden file: c:\Documents and Settings\DAVID\Application Data\hidires\m_hook.sys
02/08/07 15:01:07 [Note]: 10002 2
02/08/07 15:01:08 [Note]: 10002 3
02/08/07 15:01:08 [Note]: 10002 3
02/08/07 15:01:08 [Note]: 10002 2
02/08/07 15:01:08 [Note]: 10002 2
02/08/07 15:03:55 [Info]: Hidden file: c:\Program Files\Movie Maker\shared\empty.txt
02/08/07 15:03:55 [Note]: 10002 3
02/08/07 15:03:55 [Info]: Hidden file: c:\Program Files\Movie Maker\shared\filters.xml
02/08/07 15:03:55 [Note]: 10002 3
02/08/07 15:03:55 [Info]: Hidden file: c:\Program Files\Movie Maker\shared
ews.png
02/08/07 15:03:55 [Note]: 10002 3
02/08/07 15:03:55 [Info]: Hidden file: c:\Program Files\Movie Maker\shared\paint.png
02/08/07 15:03:55 [Note]: 10002 3
02/08/07 15:03:55 [Info]: Hidden file: c:\Program Files\Movie Maker\shared\profiles\blank.txt
02/08/07 15:03:55 [Note]: 10002 3
02/08/07 15:03:55 [Info]: Hidden file: c:\Program Files\Movie Maker\shared\sample1.jpg
02/08/07 15:03:55 [Note]: 10002 3
02/08/07 15:03:55 [Info]: Hidden file: c:\Program Files\Movie Maker\shared\sample2.jpg
02/08/07 15:03:55 [Note]: 10002 3
02/08/07 15:03:55 [Note]: 10002 2
02/08/07 15:03:55 [Note]: 10002 2
02/08/07 15:13:57 [Note]: 10002 2
02/08/07 15:13:57 [Note]: 10002 2
02/08/07 15:15:39 [Info]: Hidden file: C:\WINDOWS\system32\hldrrr.exe
02/08/07 15:15:39 [Note]: 10002 2
02/08/07 15:17:31 [Note]: 2000 1012
02/08/07 15:18:27 [Note]: 7007 0

salwa5 · Answer

ree :)

imprimes ou enregistres les instruction suivante pour ne rien oublié : 


telecharge the killbox 

http://www.downloads.subratam.org/KillBox.exe 


1.redemarre en mode sans echec (redemarage + tapotte sans arret sur F8 desque l'ordi s'allume) 

2.desactive ta restauration (pour win xp ) comme ceci : 
clike droit sur post de travaille/proprietes/restauration system et la tu coche desactiver la restauration du systeme tu applique 

3.Double clic sur killbox.exe (Pocket Killbox) 

- Dans "Full Path of File to Delete" 
copie et colle: 

C:\WINDOWS\system32\hldrrr.exe 

-clique sur single file 
- clique sur la croix rouge 
- une fenêtre va apparaître pour confirmation de suppression clique sur YES 

tu fait pareil avec ces fichiers : 




c:\Documents and Settings\DAVID\Application Data\hidires\hidr.exe
c:\Documents and Settings\DAVID\Application Data\hidires\m_hook.sys
c:\WINDOWS\system32\wintems.exe 



3.ensuite va dans post de travail / lecteur C: cherche et supprime le dossier nommée : !KillBox 

ce dossier contien tout les virus que t'as supprimé avec the kill box 

4.vide la corbeille 

redemare en mode normal refait un scan blacklight et colle le resultat ici 

a+++

Diambars · Answer

Je ne peux pas demarrer en mode sans echec

le pc reboot a chaque fois que j'essaye de demarrer en mode sans echec.

Est-ce que je dois continuer la procédure quand même ?

salwa5 · Answer

ok essay comme ceci

Double clic sur killbox.exe (Pocket Killbox) 

- coche: delete on reboot: qui veut dire = ( supprimer au demarrage) 
- Dans "Full Path of File to Delete" 
copie et colle: 

C:\WINDOWS\system32\hldrrr.exe 

- clique sur la croix rouge 
- une fenêtre va apparaître pour confirmation de suppression clique sur YES 
- une seconde fenêtre te demande si tu veux redémarrer clique sur YES 

Si ce message s’affiche ignore le : 
http://tinypic.com/images/goodbye.jpg 
Laisse le pc redémarrer ou redemarre manuellement s il le fait pas. 


tu fait pareil avec ces fichiers 


c:\Documents and Settings\DAVID\Application Data\hidires\hidr.exe
c:\Documents and Settings\DAVID\Application Data\hidires\m_hook.sys
c:\WINDOWS\system32\wintems.exe 

ensuite va dans post de travail / lecteur C: cherche et supprime le dossier nommée : !KillBox

ce dossier contien tout les virus que t'as supprimé avec the kill box

vide la corbeille

efait un scan blacklight et colle le resultat ici

a+++

Diambars · Answer

Ok merci

Voila donc le resultat

02/08/07 17:09:10 [Info]: BlackLight Engine 1.0.55 initialized
02/08/07 17:09:10 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/08/07 17:09:12 [Note]: 7019 4
02/08/07 17:09:12 [Note]: 7005 0
02/08/07 17:09:20 [Note]: 7006 0
02/08/07 17:09:20 [Note]: 7011 1964
02/08/07 17:09:20 [Note]: 7026 0
02/08/07 17:09:20 [Note]: 7026 0
02/08/07 17:09:35 [Note]: FSRAW library version 1.7.1021
02/08/07 17:24:38 [Note]: 2000 1012
02/08/07 17:25:05 [Note]: 7007 0

salwa5 · Answer

ok le raport est propre normalement tu poura installé un antivirus


dans un premier je te conseille d'installer le la versio d'essai de kaspersky

Télécharge la version d'essai de kaspersky ici : 
https://www.kaspersky.fr/downloads?chapter=186498689 

tutorial a suivre i (merci Malekal_morte) : 
https://www.malekal.com/tutorial-kaspersky-trial/ 

Imprime ces instructions pour ne rien oublié 

Après l'installation, lors de la configuration via l'assistant : 

- désactive ou desinstalle avast sinon il va y'avoir un conflit
- Active la version d'évaluation des licences de 30 jours 
- Lance une mise à jour automatique 
- Active la protection de base 
**Ne lance pas le scan tout de suite** 

Redémarre en Sans Échec 

- Démarre Kaspersky à partir du Menu Démarrer >> Tous les programmes >> Kaspersky Anti-virus 
- Une icone avec un K grisé va apparaître en bas à droite à côté de l'horloge 
- Fais un clic droit sur cette icône puis "Analyser le Poste de travail" 
- Le scan de l'ordinateur va démarrer 
- Une fois le scan terminé, de preference repare tous les virus trouvé 
- Créé un rapport à partir du bouton Enregistrer-sous en bas de la fenêtre, enregistre le fichier sous le nom Kaspersky.txt sur ton Bureau. 
--------------------------------------------------------- 

Poste (copie/colle) le rapport de Kaspersky ici 

a++++

Diambars · Answer

Super cela fonctionne

Je te remercie grandement.

Mais peux-tu me dire a quoi servent les fichiers que l'on a effacé et qui ne sont pas reperé par les antivirus et les spywares ?

salwa5 · Answer

ils servent a regenerer le virus (worm bagle)  qui est reponsable de la disparition des exe d'antivirus


pour finir quelque conseils de base :



* Ne pas telecharger n'importe quoi eviter les programes gratuit genre smileys ...ect

* Toujour analyser les  fichiers telecharger depuis un peer to peer (emule , kazza ... ect) avant de les executer

* Ne pas ouvrir les pieces jointes d'un expediteur inconnu et toujour les analysé avant de les ouvrir 

* Toujour analysé les fichiers recu via msn ou autre avec ton antivirus

* Ne pas cliqué sur des lien louche dans msn 

* Passe reglierement les antispyware (adaware , spybot , avg .. ect) pense a les mettre ajour avant de les lancé c'est tres important 

* Supprime regulierement les fichiers inutiles (fichiers temporaire , cookies .. ect) a l'aide de CCleaner https://www.malekal.com/tutoriel-ccleaner/ 

* Netoye ta base de registre avec regcleaner https://www.malekal.com/nettoyer-sa-base-de-registre-avec-windows-registry-cleaner/ 

* Utiliser le navigateur Mozzilla  il est plus sure http://www.mozilla-europe.org/fr/products/firefox/

-Maintenant que ton ordinateur est propre je te conseille de creer un point de restauration comme ca en cas de probleme (virus , plantage ..ect) tu poura tjr revenir en arriere 
http://www.aidoforum.com/tutoriaux-371-creer-un-point-de-restauration-sous-windows.html

a+++ 

Bon surf ;)
a+++

Lucky · Answer

Je viens d'avoir le même problème  (J'utilisais Avast et ce dernier était inactif depuis l'apparition de ce virus + impossible d'installer d'autres anti-virus). Grâce aux excellentes informations ci-dessus je viens de me débarasser de ce virus (hldrrr.exe). Merci encore pour tout.

Vicky · Answer

Bonjour
J'ai le même problème et j'ai donc essayé de le résoudre en suivant vos instructions. Mais au moment d'installer "Blacklight" une fenêtre apparait et me dit que "blacklight n'a pas pu acquérir les privilèges nécesaires pour l'instalation"...est-ce que quelqun peut m'aider?

Vicky · Answer

* voici mon rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:18:37, on 10.08.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\qfwqlfvw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\TEMP\winFE7.tmp.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\SecCenter\scprot4.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\mgrs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Crash Overall 6 instal\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {00AE2806-CC87-4D9E-B908-7BBC013ECDAF} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0FA06B95-9CDE-4FB9-8B53-466789E77DCB} - C:\WINDOWS\system32\pmkhg.dll
O2 - BHO: (no name) - {2BDB77B3-C00C-4EA3-BA25-2A8A7AE5CBD6} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {6D55F78D-57E0-7A56-9975-02E12506D1B4} - C:\Program Files\Wzkoksgk\lyoqvfnl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {941508F8-CCD9-44E0-AC29-4F1E141373F7} - C:\WINDOWS\system32\xxyyxyx.dll
O2 - BHO: (no name) - {A36D7F38-0661-4217-A599-6E81BE7CF357} - (no file)
O2 - BHO: (no name) - {C3D25D4E-1DB1-4D0B-B37D-D43606908DB3} - (no file)
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\ynlrvpvg.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\winFE7.tmp.exe
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvfor.dll,startup
O4 - HKLM\..\Run: [tifmlwdi] rundll32.exe "C:\Program Files	ifmlwdi
ajkfina.dll",Init
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [SC2] C:\Program Files\SecCenter\scprot4.exe
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\upilaqhd.dll",forkonce
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s
O4 - HKCU\..\Run: [MessengerPlus3] "F:\Program Files\MSN Plus\MsgPlus.exe" /WinStart
O4 - HKCU\..\Policies\Explorer\Run: [{ACD8E6EC-05DC-4108-0608-040109200029}] "C:\Program Files\Fichiers communs\{ACD8E6EC-05DC-4108-0608-040109200029}\Update.exe" mc-110-12-0000272
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1844237615-57989841-725345543-1004 Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (User 'Urs')
O4 - S-1-5-21-1844237615-57989841-725345543-1004 User Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (User 'Urs')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O20 - Winlogon Notify: awtsp - C:\WINDOWS\system32\awtsp.dll (file missing)
O20 - Winlogon Notify: ddayx - C:\WINDOWS\system32\ddayx.dll (file missing)
O20 - Winlogon Notify: IPConfTSP - C:\WINDOWS\system32\dn4q01h5e.dll (file missing)
O20 - Winlogon Notify: pmkhg - C:\WINDOWS\system32\pmkhg.dll
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32pcc.dll
O20 - Winlogon Notify: ssqpn - C:\WINDOWS\system32\ssqpn.dll (file missing)
O20 - Winlogon Notify: vturp - C:\WINDOWS\system32\vturp.dll (file missing)
O20 - Winlogon Notify: winepi32 - C:\WINDOWS\SYSTEM32\winepi32.dll
O20 - Winlogon Notify: xxyyxyx - C:\WINDOWS\SYSTEM32\xxyyxyx.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: DomainService -   - C:\WINDOWS\system32\qfwqlfvw.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: ewido anti-spyware 4.0 guard - Unknown owner - C:\Program Files\ewido anti-spyware 4.0\guard.exe (file missing)
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

salwa5 · Answer

bonjour essay ceci

Va sur ce site, et telecharge la dernier verion ici
http://www.zonavirus.com/datos/descargas/95/elibagla.asp 

tout en bas de cette page tu trouveras un outil 
à telecharger, 
clique surescargar Elibagla 10.25
installe ce fichier sur le bureau. 
ensuite double-clic sur Elibagla.exe 
>laisse la case 
"eliminar ficheros automaticamente" coché 
>clique sur"explorar" 
>laisse-le travailler 
>poste le rapport final qui sera 
dans c:\infosat.txt 

a+++

luckluckyluck · Answer

Salut à tous!

bon bah moi aussi j'ai le meme probleme...

J'ai suivi la methode donnée par salwa5, mais rien ne change! Pfff lol y a un truc que je dois mal faire ou alors c'est peut etre un peu different pour moi je sais pas.

Moi c'est Avast qui ne marche plus, spybot, et au passage j'ai aussi perdu le wifi.

Voici mon rapport:

08/25/07 15:23:36 [Info]: BlackLight Engine 1.0.64 initialized
08/25/07 15:23:36 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/25/07 15:23:36 [Note]: 7019 4
08/25/07 15:23:36 [Note]: 7005 0
08/25/07 15:23:40 [Note]: 7006 0
08/25/07 15:23:40 [Note]: 7011 788
08/25/07 15:23:40 [Note]: 7026 0
08/25/07 15:23:40 [Note]: 7026 0
08/25/07 15:23:43 [Note]: FSRAW library version 1.7.1022
08/25/07 15:23:58 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Empty.txt
08/25/07 15:23:58 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Filters.xml
08/25/07 15:23:58 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\NEWS.PNG
08/25/07 15:23:58 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\PAINT.PNG
08/25/07 15:23:58 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Sample1.jpg
08/25/07 15:23:58 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Sample2.jpg
08/25/07 15:23:58 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Profiles\Blank.txt
08/25/07 15:23:58 [Note]: 10002 2
08/25/07 15:23:58 [Note]: 10002 2
08/25/07 15:23:58 [Info]: Hidden file: c:\Program Files\MSN Apps\Shared\UNICOWS.DLL
08/25/07 15:23:58 [Info]: Hidden file: c:\Program Files\MSN Apps\Shared\01.05.0000.1009\FR\MKTTOOLS.DLL
08/25/07 15:23:58 [Info]: Hidden file: c:\Program Files\MSN Apps\Shared\01.05.0000.1009\FR\marketstrings.cab
08/25/07 15:23:58 [Note]: 10002 2
08/25/07 15:23:58 [Note]: 10002 2
08/25/07 15:24:09 [Info]: Hidden file: c:\WINDOWS\IME\SHARED\RES\PADRS804.DLL
08/25/07 15:24:09 [Info]: Hidden file: c:\WINDOWS\IME\SHARED\RES\PADRS404.DLL
08/25/07 15:24:09 [Info]: Hidden file: c:\WINDOWS\IME\SHARED\RES\PADRS411.DLL
08/25/07 15:24:09 [Info]: Hidden file: c:\WINDOWS\IME\SHARED\RES\PADRS412.DLL
08/25/07 15:24:09 [Info]: Hidden file: c:\WINDOWS\IME\SHARED\IMLANG.DLL
08/25/07 15:24:09 [Info]: Hidden file: c:\WINDOWS\IME\SHARED\IMEPADSV.EXE
08/25/07 15:24:09 [Info]: Hidden file: c:\WINDOWS\IME\SHARED\IMEPADSM.DLL
08/25/07 15:24:09 [Info]: Hidden file: c:\WINDOWS\IME\SHARED\IMEPADEN.HLP
08/25/07 15:24:09 [Note]: 10002 2
08/25/07 15:24:09 [Note]: 10002 2
08/25/07 15:24:10 [Note]: 10002 2
08/25/07 15:24:10 [Note]: 10002 2
08/25/07 15:24:11 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\HIDR.EXE
08/25/07 15:24:11 [Note]: 10002 2
08/25/07 15:24:11 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS
08/25/07 15:24:11 [Note]: 10002 2
08/25/07 15:24:47 [Note]: 7007 0

Please help!!!

luckluckyluck · Answer

Bon finalement j'ai refait et j'avais du mal faire un truc maintenant c'est NETTEMENT mieux lol

08/25/07 17:29:48 [Info]: BlackLight Engine 1.0.64 initialized
08/25/07 17:29:48 [Info]: OS: 5.1 build 2600 (Service Pack 2)
08/25/07 17:29:48 [Note]: 7019 4
08/25/07 17:29:48 [Note]: 7005 0
08/25/07 17:29:51 [Note]: 7006 0
08/25/07 17:29:51 [Note]: 7011 696
08/25/07 17:29:51 [Note]: 7026 0
08/25/07 17:29:51 [Note]: 7026 0
08/25/07 17:29:53 [Note]: FSRAW library version 1.7.1022
08/25/07 17:30:37 [Note]: 7007 0

J'ai retrouvé Avast, spybot. J'ai totu rescanné dans tous les sens et maintenant tout est clean apparement.

Par contre toujours pas de wifi, voila un screen schot:

http://img513.imageshack.us/img513/5870/sanstitreku6.jpg

Avant je voyais le reseau du voisin et tout, mais depuis ce matin, plus rien. C'est sur c'est lié...
Quelqu'un a deja eu cette consequence? Des idees?

Merci d'avance pour votre aide!! ;-)

gilou · Answer

Bonjour , 

J'ai exactement le même problème : les fichiers executables d'Avast et de Spybot sont devenus introuvables .... En lisant votre procédure , je pensais parvenir à résoudre le problème .. mais cela ne fonctionne pas pour moi ... je vous avoue que je suis dépité ! ....
Conformémént à vos conseils , j'ai donc téléchargé Blacklight , repéré 3 fichiers qui me parassaient correpondre aux rapports blacklight  précédents de ce forum , je les supprime ensuite avec Killbox , (pas en mode sans echec puisque ce mode ne fonctionne plus ..) mais 1 par 1 en cochant la case delete after reboot , ils apparaissent bien ensuite dans le fichier Killbox , que je supprime et je vide la corbeille . 
Mais ensuite , lorsque je refait un scan avec Blacklight , je retouve ces 3 fichiers ....... je n'y comprends plus rien ... 
J'espère que vous pourrez m'aider ......... 

Voici donc le dernier log du scan avec Blacklight :

09/12/07 23:41:12 [Info]: BlackLight Engine 1.0.64 initialized
09/12/07 23:41:12 [Info]: OS: 5.1 build 2600 (Service Pack 2)
09/12/07 23:41:12 [Note]: 7019 4
09/12/07 23:41:12 [Note]: 7005 0
09/12/07 23:41:20 [Note]: 7006 0
09/12/07 23:41:20 [Note]: 7011 1628
09/12/07 23:41:20 [Note]: 7026 0
09/12/07 23:41:20 [Note]: 7026 0
09/12/07 23:41:20 [Note]: 7024 3
09/12/07 23:41:20 [Info]: Hidden process: C:\WINDOWS\system32\drivers\hidr.exe
09/12/07 23:41:20 [Note]: 7024 3
09/12/07 23:41:20 [Info]: Hidden process: C:\Documents and Settings\Gilou\Application Data\m\flec006.exe
09/12/07 23:41:23 [Note]: FSRAW library version 1.7.1022
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\PDF-Pro Classic 2.7 Cracked.
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\PDF Meld 7.2.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Pico Blog Software 1.0.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Picture and Sound Show 3.1d.
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Points Import for IntelliCAD
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Power Card Maker 5.12.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Pragma Fortress 4.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Presentation to Video Conver
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\QuickRecord 3 3.00 Serial.zi
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\RAD Tabstrip 2.6.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Ranking-Manager Standard Edi
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Regjump 1.01.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Reset Password Management 4.
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\roGL Beta 1.0.0.04 [Serial].
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\AWicons Standard 9.4.0 [With
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Backup To The Web 5.2.2.4 [W
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Barcode Alpha 1.1 [Patch].zi
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\BarracudaDrive 3.3.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\BatControls (OS X) 1.5.1.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Battlefield Vietnam River Si
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Blue Frog Anti Spam for Fire
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Tamarilo 1.12.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\TCP-File 1.5.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Terminus demo.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\teu_FRTK_TeaM_Antivir_2006.z
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\TimeGuard Basic 1.006.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Tinnitus Masker Deluxe 6.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\TRAVELClip USB 1.10.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Twister 2.0.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\TYPO3 4.1.1.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Ulises-H 1.5.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\JComm Serial Communications 
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\jLynx JDBC Framework 1.1 R1.
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\JOC Master Shutdown 1.0.1.7 
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Kaspersky.Avp.5.0.388.Key.Up
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\KeyboardLocker 2.4 (Serial).
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Kform Project Manager 2.5.0.
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\KickItBack.com eBay search W
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\LeafPicker 0.12.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\mp3DirectCut 2.05.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\MSDict Pocket Oxford Russian
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\MusicEase 8.2 (With Crack).z
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\MySQL Tools 2.9.1.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\n.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Naevius CD & DVD Burner 1.zi
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\NetNote 5.3 build 325.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Network Protocols Handbook 1
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\NFTP 1.72 beta 4.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Undeletion Wizard 1.1.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Unreal Tournament 2003 - Ech
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Unreal Tournament 2004 DM Tr
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Valentine's Day Cursors 1.0.
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Vista Firewall Control 1.0.1
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\VisualMath 1.5 [KeyGen].zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\VMware Lab Manager 2.4.0-202
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Web Confidential for Palm 1.
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Web Forum & File Sharing Ser
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Web Recycle Bin v.2.0 (Crack
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\WinProcesses 0.99.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\x-Wall series 3.1 With Crack
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Zipbit 1.2 Patch.zip
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\[APP.-.Antivirus].Avast.4.6.
09/12/07 23:41:26 [Note]: 10002 3
09/12/07 23:41:26 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Active CallerID 2.52.78 [Ser
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Amazing MP3 Creator V2.20.zi
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\AVS Cover Editor 1.3.1.92 Cr
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Bopup Messenger 4.3.5.3311.z
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\CGIRedirect 1.00.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Crystal MP3 Converter 1.20.z
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Docsmartz Professional : Con
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Docsmartz Professional 
09/12/07 23:41:27 [Note]: 7002 0
09/12/07 23:41:27 [Note]: 7003 1
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Flash! 1.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Hodoman Timer : Internet Caf
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Hodoman Timer 
09/12/07 23:41:27 [Note]: 7002 0
09/12/07 23:41:27 [Note]: 7003 1
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Image for Windows 1.70a.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Liatro SWF Tools 1.0 [Serial
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Mashed v1.1 patch.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Rune Fortress map.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\TakeAction Motivational Scre
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Apple NVIDIA Driver 3.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Argentum Coolbase 2.50 Key.z
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Articulation 1.1.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\AsciiConvert 6.11.1012 (Key+
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Aspose Excel Web 1.4.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\ATF Cleaner 1.0.0.15.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\AutoLyrix 0.2.1.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\AutoPatcher x64 July 2007 Co
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Chaocrypt 1.0.1.32.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Chatlog 1.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Chris PC-Lock 2.50 [Serial].
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Chrome Clock 2.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Clarus Clock 2.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\CodeLocker Source Code Libra
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\CoffeeCup Flash Website Font
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Command & Conquer Generals -
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Doc to Jpg converter 1.2 (Ke
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Early Reader 1.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\eatshrimp.com Recipe Widget 
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\EMS Data Pump 2006 for DB2 2
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\EMS Source Rescuer 1.0.0.1.z
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\eQSLMaster 1.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\eTopping Proxy Changer 1.0 [
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Excellink 16.2.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Export Table to SQL for MS S
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Fanurio 1.6.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Flash Horizontal Menu Wizard
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Flash in a Shell 1.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\HotPhone 1.98.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\HTML Scanner 0.993.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\HTMLXpress Demo 1.1.0.4 With
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\HyperExplorer 2.25 (Serial).
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\IBM WebSphere IIS DataStage 
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\IE Keeper 1.2.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\MemSL 4.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Message Box Generator 1.0.zi
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Meteor Bar toolbar for IE 4.
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\MIDI Tracker 1.2.2 [With Cra
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Mitec WMI Explorer 1.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\MixMeister Fusion + Video 7.
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Mosaic-Pictures 2.1.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\MP3 CDOrganizer 1.4.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Nitobi Grid JSP 3.22 [Serial
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\NOD32.Windows.95.98.ME.ITA.z
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\NOKIA-Symantec.Antivirus.for
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Notefish Firefox Extension 1
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\OkCanvas 1.1.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Oko 1.15 (Crack).zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Operation Flashpoint Cold Wa
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Operation Flashpoint Cold Wa
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\OraPiper 1.00 Serial.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\PanelBar for JSP 4.0.92 [Wit
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\PC Security Manager 1.2.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Advanced Clock 5.8.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Advanced Launcher 1.33 [With
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Advanced Security Level 6.2.
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Age of Mythology The Titans 
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Age of Mythology The Titans 
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Aglare Video to 3GP Converte
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\AK-FireFrame 1.4.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\AK-Isolator 1.2.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\All-in-1 Personal Organizer 
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Alldj PSP Video Converter 2.
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Secure Disk 2.1.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\SelfKBM 1.0.0 b0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Simple Reminder Opera Widget
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Spaceship Crash Frenzy 1.2.z
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\SpamButcher 1.9e [Key].zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Stellar Phoenix FAT Data Rec
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\SuperTweakXP 1.4.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Symantec.Norton.Internet.Sec
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Symantec.Win.Fax.Pro.10.-.Re
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\!.Norton.Antivirus.2007.Crac
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\-ARN.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\000-639 - Rational Unified P
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\1st Calculator 1.15.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\2DoToday 1.0.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\3270Link 2.5.0.13.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\3D Funny Fish Screensaver 1.
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\3GP Mobile Converter 2.0 [Ke
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\AAA Real Recorder 1.7 (With 
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\AccelClip 3.0 Key+Serial.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Ace Spam Scram 1.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\AceKeyboard 1.00 With Crack.
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Date Reminder 3.0 [Key+Seria
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Date Wizard 2.2.2.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\DB Visual Architect for Java
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Design Intuition 1.5.136.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Diet Calculator 1.2.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Dirty Mouse 1.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Disk Throughput Tester 1.2.9
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\FOAM Font 1.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Folder Ward XP 1.2 Cracked.z
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Forms Management Program 1.1
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Fret Calculator 1.0.1.12.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\FXLib 3.01.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Grab Text 4.6 Serial.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\GSview 4.8.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Guitar Tuner - learn to tune
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\HDD Capacity Restore 1.1.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Image Sequencer 2.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\IMinent 1.1 Build 1.1.722.0.
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\IMITATION 1.2 (Serial).zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\ImTOO DVD to 3GP Converter 4
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\In the Raven Shadow 2.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\iProjectViewer 2.1 [Crack].z
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\IPUP 2.40 Crack.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\LITTLE Yellow Stickers 2.2.0
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Macaw Website Monitor 2.0.2.
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Macromedia Fireworks 8.0.0.7
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Magic Marks 1.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Mapsoft ImagePlacer 1.5.1.0.
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\MarshallSoft DUN Dialer for 
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Bubbloids 1.2.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\BuddyVision 1.5.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Campaign Suite Extended 04.1
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Candy Catchup 1.0.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\Caps Lock On 1.1.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\CardDragon2006 1.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Info]: Hidden file: c:\Documents and Settings\Gilou\Application Data\m\shared\CD Mate 2.5.4.17.zip
09/12/07 23:41:27 [Note]: 10002 3
09/12/07 23:41:27 [Note]: 10002 2
09/12/07 23:41:27 [Note]: 10002 2
09/12/07 23:44:44 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Empty.txt
09/12/07 23:44:44 [Note]: 10002 3
09/12/07 23:44:44 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Filters.xml
09/12/07 23:44:44 [Note]: 10002 3
09/12/07 23:44:44 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\news.png
09/12/07 23:44:44 [Note]: 10002 3
09/12/07 23:44:44 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\paint.png
09/12/07 23:44:44 [Note]: 10002 3
09/12/07 23:44:44 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Profiles\Blank.txt
09/12/07 23:44:44 [Note]: 10002 3
09/12/07 23:44:44 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Sample1.jpg
09/12/07 23:44:44 [Note]: 10002 3
09/12/07 23:44:44 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Sample2.jpg
09/12/07 23:44:44 [Note]: 10002 3
09/12/07 23:44:44 [Note]: 10002 2
09/12/07 23:44:44 [Note]: 10002 2
09/12/07 23:50:41 [Note]: 10002 2
09/12/07 23:50:41 [Note]: 10002 2
09/12/07 23:51:44 [Info]: Hidden file: c:\WINDOWS\system32\wintems.exe
09/12/07 23:51:44 [Note]: 10002 2
09/12/07 23:52:05 [Info]: Hidden file: C:\WINDOWS\system32\drivers\hidr.exe
09/12/07 23:52:05 [Note]: 10002 2
09/12/07 23:52:05 [Info]: Hidden file: c:\WINDOWS\system32\drivers\srosa.sys
09/12/07 23:52:05 [Note]: 10002 2
09/12/07 23:53:40 [Note]: 2000 1012




Les 3 fichiers que je tente de supprimer avec Killbox sont les suivants : 

c:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\drivers\hidr.exe
c:\WINDOWS\system32\drivers\srosa.sys

Voila ..... 

En esperant que cela va vous inspirer car j'ai déja tenté pas mal de choses , sans succes ...

D'avance , merci .

gilou · Answer

Ca MARCHE !!!!!! 

J'avais juste oublié un fichier dans lequel devait se trouver le p...ain de Bagle et qui le régènérait à chaque démarrage de windows ...

pour info : C:\Documents and Settings\Gilou\Application Data\m\flec006.exe

Donc , Merci de votre aide précieuse !

salwa5 · Answer

bonjour :) just pour info un nouvel outil a été developé et qui supprime tres bien cette infection et en plus il repare le mode sans echec

Va sur ce site, et telecharge la dernier verion ici 
http://www.zonavirus.com/datos/descargas/95/elibagla.asp 

tout en bas de cette page tu trouveras un outil 
à telecharger, 
clique surescargar Elibagla 10.25 
installe ce fichier sur le bureau. 
ensuite double-clic sur Elibagla.exe 
>laisse la case 
"eliminar ficheros automaticamente" coché 
>clique sur"explorar" 
>laisse-le travailler 
>poste le rapport final qui sera 
dans c:\infosat.txt 


je te conseil de passé cette outil just pour reparer le mode sans echec :p 

a+++

EXE supprimé de Avast , spybot, Antivir ...

18 réponses

Discussions similaires

Newsletters