PC trés lent - Page 2

Précédent
  • 1
  • 2
  • 3
Réponse 21 / 55
jojo
 
d'acord merci de ton aide quand même
0
Réponse 22 / 55
jojo
 
Tu veux que je mette tout le compte rendu, parce que il est très long ??
0
Réponse 23 / 55
Utilisateur anonyme
 
Re,

Oui poste le même enn deux fois si il le faut.
0
Réponse 24 / 55
jojo
 
Voila le compte rendu:

ComboFix 08-12-23.01 - Admin 2008-12-24 1:01:44.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.511.80 [GMT 1:00]
Lancé depuis: c:\documents and settings\Admin\Bureau\C-Fix.exe
* Un nouveau point de restauration a été créé

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Admin\Application Data\ShoppingReport
c:\documents and settings\Admin\Application Data\ShoppingReport\cs\Config.xml
c:\documents and settings\Admin\Application Data\ShoppingReport\cs\db\Aliases.dbs
c:\documents and settings\Admin\Application Data\ShoppingReport\cs\db\Sites.dbs
c:\documents and settings\Admin\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
c:\documents and settings\Admin\Application Data\ShoppingReport\cs\report\aggr_storage.xml
c:\documents and settings\Admin\Application Data\ShoppingReport\cs\report\send_storage.xml
c:\documents and settings\Admin\Application Data\ShoppingReport\cs\res1\WhiteList.dbs
c:\documents and settings\Admin\Application Data\WeatherDPA
c:\documents and settings\Admin\Application Data\WeatherDPA\Weather\WeatherStartup.xml
c:\documents and settings\Admin\Application Data\Zango
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\1.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\1041655.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\1384900.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\1390732.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\1400879.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\1415040.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\1817352.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\1859639.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\1936389.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\1967082.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\2828477.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\2899632.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\297049.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\3251993.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\3404705.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\3893245.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\3893642.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\3895082.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\600583.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\898494.sdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\domains.txt
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000023690
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000023901
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000023964
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000024268
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000024690
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000024736
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000024806
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000025015
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000025243
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000025311
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000025635
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000025764
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000025975
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000026235
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000026287
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000027037
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000027865
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000027956
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000028063
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000032917
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000032930
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000032977
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000033027
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000033059
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000033070
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000033079
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000037209
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000037257
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000044868
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000051643
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000051994
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052008
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052451
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052615
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052875
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000053498
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000056860
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000058289
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000059554
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000061197
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000061367
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000063616
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000064073
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000068556
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000068631
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000069039
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000069497
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000078587
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000079006
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000079780
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000079933
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000082797
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000083256
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000091175
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000091308
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000091336
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000091386
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000091430
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000091806
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000093924
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000093943
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\104622
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\116977
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\12457
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\13031
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\17025
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\17040
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\19052
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\199413
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\200804
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\21669
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\21889
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\22657
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\247895
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\266291
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\277907
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\306449
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\33695
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\337118
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\33912
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\374830
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\4226
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44492
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\455904
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\456080
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\461315
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\472390
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\481176
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\505911
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\520094
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\528757
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\54189
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\553177
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\58804
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\59287
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\61367
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\624815
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6292
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\630279
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\652325
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\658110
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\67469
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\67560
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\68041
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\69235
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\696893
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\704982
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\704984
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705022
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705206
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705286
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705328
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705334
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705541
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\70779
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\710858
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\738022
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\73804
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\742100
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\746718
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\749354
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753426
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753427
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753530
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753541
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753573
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753582
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753593
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\79989
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\81293
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\81392
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\8282
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\9974
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\dynamic\ustat\3793.dat
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\avatar.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\btntrans.idx
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\btntrans1.dat
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\buttondir.txt
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\components.cdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\cursors.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_1000.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_2000.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_3000.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bar.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bbar1.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_logos.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_other.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\d_icons_weather.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\default.cdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_511745-514279.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-ca.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-us.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_categorize.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_comparison.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-Mails.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-people.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_favorites.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_Games.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_Hide.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_hotbarcom.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_Hotmail.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_hsskin.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_jemster.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_jemsterie.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_jemsteruk.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_jobsearch.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_Mails.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_MobileSidewalk.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_new.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_premium.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_reun.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_ringtones.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_SearchBoxTrapper.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_searchfor.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_searchgo.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_weather.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Default_yellowpages.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\editblbuttons.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-548964.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-9595.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\email-t1-bg.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\icons2.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\ie_games_icon.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\ie_video.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\keywords.idx
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\keywords1.dat
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\layout.cdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\linkpathlegal.txt
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\progress.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\s_icons_buttons.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\sales_buttons.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\sdfmodifier.xml
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\t2_bg.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\theweb.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\top7.cdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\Top7_theweb.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\tsd_bg.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\zango_btn.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\1\zango_ie_menu.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\avatar.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\btntrans.idx
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\btntrans1.dat
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\buttondir.txt
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\components.cdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\cursors.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_1000.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_2000.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_3000.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bar.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bbar1.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_logos.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_other.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\d_icons_weather.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\default.cdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_categorize.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_comparison.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_favorites.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_Games.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_Hide.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_hotbarcom.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_hsskin.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_jemster.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_Mails.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_new.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_premium.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_reun.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_ringtones.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_searchfor.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_searchgo.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_weather.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\editblbuttons.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-548964.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-9595.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\email-t1-bg.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\icons2.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\ie_games_icon.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\ie_video.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\keywords.idx
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\keywords1.dat
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\layout.cdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\linkpathlegal.txt
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\progress.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\s_icons_buttons.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\sales_buttons.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\sdfmodifier.xml
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\t2_bg.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\theweb.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\top7.cdf
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\Top7_theweb.mnu
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\tsd_bg.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\zango_btn.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\2\zango_ie_menu.res
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\avatar.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\buttondir.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\default.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\layout.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\top7.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip
c:\documents and settings\Admin\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip
c:\documents and settings\Admin\Local Settings\Application Data\qosyk.dat
c:\documents and settings\Admin\Local Settings\Application Data\qosyk.exe
c:\documents and settings\Admin\Local Settings\Application Data\qosyk_nav.dat
c:\documents and settings\Admin\Local Settings\Application Data\qosyk_navps.dat
c:\documents and settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\documents and settings\All Users\Application Data\ZangoSA
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSA.dat
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAau.dat
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht
c:\program files\ShoppingReport
c:\program files\zango
c:\program files\zango\bin\10.3.37.0\OEAddOn.exe
c:\program files\zango\bin\10.3.37.0\Weather.exe
c:\program files\zango\bin\10.3.37.0\WeSkin.dll
c:\program files\zango\bin\10.3.37.0\ZangoSA.exe
c:\program files\zango\bin\10.3.37.0\ZangoSAHook.dll
c:\program files\zango\bin\10.3.37.0\ZangoUninstaller.exe
c:\windows\fxstaller.exe
c:\windows\system32\awtrqQGV.dll
c:\windows\system32\ayakvnav.dll
c:\windows\system32\cghpfz.dll
c:\windows\system32\ddcdCvUl.dll
c:\windows\system32\ehuuklxy.ini
c:\windows\system32\ekgpwaoh.ini
c:\windows\system32\fccyyVPj.dll
c:\windows\system32\geBqRLfD.dll
c:\windows\system32\hgGyvtQJ.dll
c:\windows\system32\iifgHaxy.dll
c:\windows\system32\jkkJdBqo.dll
c:\windows\system32\jkkKbCVM.dll
c:\windows\system32\jkkLEVoN.dll
c:\windows\system32\khfDstRk.dll
c:\windows\system32\khfEXnNe.dll
c:\windows\system32\mcrh.tmp
c:\windows\system32\mlJAsSIc.dll
c:\windows\system32\mlJDuuVm.dll
c:\windows\system32\MVCbKkkj.ini
c:\windows\system32\MVCbKkkj.ini2
c:\windows\system32\nnnmnnoL.dll
c:\windows\system32\opnnkkJB.dll
c:\windows\system32\opnnnLbc.dll
c:\windows\system32\opnolIAr.dll
c:\windows\system32\ovslupbu.ini
c:\windows\system32\pjedinaq.dll
c:\windows\system32\pmnnOIyV.dll
c:\windows\system32\qanidejp.ini
c:\windows\system32\qyvipm.dll
c:\windows\system32\rqRIyYRH.dll
c:\windows\system32\rs32net.exe
c:\windows\system32\tuvSijHw.dll
c:\windows\system32\tuvTlmkL.dll
c:\windows\system32\tuvVLeDU.dll
c:\windows\system32\tuvVNDsT.dll
c:\windows\system32\urqNDSMc.dll
c:\windows\system32\urqNHAQj.dll
c:\windows\system32\urqnkihf.dll
c:\windows\system32\vtUlJYOI.dll
c:\windows\system32\vtUmLebb.dll
c:\windows\system32\vtUmMeed.dll
c:\windows\system32\winamp.exe
c:\windows\system32\wvUlljii.dll
c:\windows\system32\xxyvwUNH.dll
c:\windows\system32\yayvVOfC.dll
c:\windows\Tasks\rsbiwkjj.job

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-24 au 2008-12-24 ))))))))))))))))))))))))))))))))))))
.

2008-12-24 00:55 . 2008-12-24 00:55 69,682 --a------ c:\windows\system32\cyupxnm.exe
2008-12-24 00:16 . 2008-12-24 00:16 69,682 --a------ c:\windows\system32\ckcvrotc.exe
2008-12-23 22:31 . 2008-12-23 22:30 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-23 20:55 . 2008-12-24 00:55 32,768 --a------ c:\windows\system32\drivers\ati0vyxx.sys
2008-12-23 19:20 . 2008-12-23 19:20 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-23 19:20 . 2008-12-23 19:20 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-23 19:20 . 2008-12-23 19:20 <REP> d-------- c:\documents and settings\Admin\Application Data\Malwarebytes
2008-12-23 19:20 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-23 19:20 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-23 15:26 . 2008-12-23 15:26 <REP> d-------- c:\documents and settings\Administrateur\Application Data\U3
2008-12-23 15:15 . 2008-12-23 18:56 <REP> d-------- c:\program files\a-squared Free
2008-12-20 20:08 . 2008-12-20 20:07 55,858 -r-hs---- c:\windows\sysrest32.exe
2008-12-20 20:07 . 2008-12-20 20:07 55,858 --a------ C:\reps.exe
2008-12-20 18:23 . 2007-12-13 18:39 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau
2008-12-20 18:23 . 2007-12-13 18:39 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression
2008-12-20 18:23 . 2007-12-13 17:45 <REP> d--h----- c:\documents and settings\Administrateur\Modèles
2008-12-20 18:23 . 2008-12-23 15:15 <REP> d-------- c:\documents and settings\Administrateur\Mes documents
2008-12-20 18:23 . 2007-12-13 18:39 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer
2008-12-20 18:23 . 2007-12-13 18:39 <REP> d-------- c:\documents and settings\Administrateur\Favoris
2008-12-20 18:23 . 2008-12-23 15:27 <REP> d-------- c:\documents and settings\Administrateur\Bureau
2008-12-20 18:22 . 2008-12-20 18:23 <REP> d-------- c:\documents and settings\Administrateur
2008-12-11 20:30 . 2008-12-11 20:30 <REP> d-------- c:\documents and settings\Admin\Application Data\Apple Computer
2008-12-11 20:29 . 2008-12-12 00:04 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-11 19:59 . 2008-12-11 19:59 <REP> d-------- c:\documents and settings\Admin\Application Data\ArcSoft
2008-12-11 19:57 . 2008-12-11 19:57 26 --a------ C:\UpdaterforApp.ini
2008-12-11 19:56 . 2008-12-11 19:57 <REP> d-------- c:\program files\Fichiers communs\ArcSoft
2008-12-11 19:56 . 2005-04-27 16:36 245,408 --a------ c:\windows\system32\unicows.dll
2008-12-11 19:56 . 2007-03-07 16:05 126,976 --a------ c:\windows\system32\MediaImpression Slideshow.scr
2008-12-11 19:56 . 2005-02-23 14:58 11,776 --a------ c:\windows\system32\drivers\afc.sys
2008-12-11 19:55 . 2008-12-11 19:58 <REP> d-------- c:\windows\system32\MediaImpression Slideshow
2008-12-11 19:55 . 2008-12-11 19:55 <REP> d-------- c:\program files\ArcSoft
2008-12-11 19:52 . 2008-12-11 19:53 <REP> d-------- c:\program files\QuickTime
2008-12-11 19:52 . 2008-12-11 19:52 <REP> d-------- c:\program files\Apple Software Update
2008-12-11 19:52 . 2008-12-11 19:52 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2008-12-11 19:52 . 2008-12-11 19:52 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-12-04 13:26 . 2008-12-04 13:26 <REP> d-------- c:\documents and settings\Admin\Application Data\Panasonic
2008-11-28 12:22 . 2006-03-02 13:00 221,184 --a------ c:\windows\system32\wmpns.dll
2008-11-27 16:31 . 2008-11-27 16:31 <REP> d-------- c:\windows\system32\fr
2008-11-27 16:31 . 2008-11-27 16:31 <REP> d-------- c:\windows\system32\bits
2008-11-27 16:31 . 2008-11-27 16:31 <REP> d-------- c:\windows\l2schemas
2008-11-27 16:24 . 2008-11-27 16:32 <REP> d-------- c:\windows\ServicePackFiles
2008-11-27 16:04 . 2008-11-27 16:04 <REP> d-------- c:\windows\EHome

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-24 00:12 --------- d-----w c:\documents and settings\Admin\Application Data\OpenOffice.org2
2008-12-24 00:11 --------- d-----w c:\program files\lg_fwupdate
2008-12-23 21:52 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-23 21:30 --------- d-----w c:\program files\Java
2008-12-23 18:19 --------- d-----w c:\documents and settings\Admin\Application Data\U3
2008-12-23 14:46 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-12-12 23:47 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-12-11 18:55 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-28 23:31 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2008-11-28 23:30 --------- d-----w c:\program files\Norton Security Scan
2008-11-20 17:02 --------- d-----w c:\program files\YesMessenger
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-04-09 19:50 135,680 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"EPSON Stylus DX8400 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE" [2007-04-12 182272]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-07 68856]
"EPSON Stylus DX8400 Series (Copie 1)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE" [2007-04-12 182272]
"EPSON Stylus DX8400 Series (Copie 2)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE" [2007-04-12 182272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-01-12 249856]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-23 136600]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-09 1836544]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-04-09 185632]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-10-11 31232]
"Secure System Restore"="sysrest32.exe" [2008-12-20 c:\windows\sysrest32.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Admin\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 393216]
YesMessenger.lnk - c:\program files\YesMessenger\YesMessenger.exe [2008-11-07 2772992]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
PHOTOfunSTUDIO -viewer-.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe [2008-06-03 40960]
VIA RAID TOOL.lnk - c:\program files\VIA\RAID\raid_tool.exe [2007-12-14 585728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.mp42"= c:\windows\Mpg4c32.dll
"vidc.mp43"= c:\windows\Mpg4c32.dll
"vidc.mpg4"= c:\windows\Mpg4c32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati0vyxx.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\mldmm.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12935:TCP"= 12935:TCP:NortonAV
"5900:TCP"= 5900:TCP:vnc5900
"5800:TCP"= 5800:TCP:vnc5800

R0 ati0vyxx;ati0vyxx;c:\windows\system32\Drivers\ati0vyxx.sys [2008-12-23 32768]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-06-11 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-06-11 20560]
S3 ADM8511;Convertisseur USB vers Fast Ethernet ADMtek ADM8511/AN986;c:\windows\system32\DRIVERS\ADM8511.SYS [2007-12-13 20160]
S3 AGV;AGV;c:\windows\system32\drivers\AGV.sys [2008-02-08 180617]
S3 GV600V2;GV600V2;c:\windows\system32\drivers\GV600V2.sys [2008-02-08 47014]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-23 38496]
.
Contenu du dossier 'Tâches planifiées'

2008-12-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 13:42]

2008-11-28 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe [2007-09-18 22:42]

2008-12-23 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{2F550F99-7875-4C88-BD24-37B1D9C96AEB} - c:\windows\system32\jkkKbCVM.dll
BHO-{8f35e492-43b3-493c-aeae-d77c2e7566aa} - c:\windows\system32\cghpfz.dll
HKCU-Run-qosyk - c:\documents and settings\admin\local settings\application data\qosyk.exe
HKCU-Run-rs32net - c:\windows\System32\rs32net.exe
HKLM-Run-EoEngine - c:\program files\EoRezo\EoEngine.exe
HKLM-Run-ItsTV - c:\program files\ItsLabel\ItsTV.exe
HKLM-Run-EoWeather - (no file)
Notify-__c003EBFA - c:\windows\system32\__c003EBFA.dat

.
------- Examen supplémentaire -------
.
mStart Page = hxxp://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
uInternet Connection Wizard,ShellNext = iexplore
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\8cph11l4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-24 01:10:52
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Fichiers communs\logishrd\LVMVFM\LVPrcSrv.exe
c:\program files\a-squared Free\a2service.exe
c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\logishrd\LVCOMSER\LVComSer.exe
c:\program files\OpenOffice.org 2.3\program\soffice.exe
c:\program files\OpenOffice.org 2.3\program\soffice.bin
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Fichiers communs\logishrd\LQCVFX\COCIManager.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Fichiers communs\logishrd\LVCOMSER\LVComSer.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
.
**************************************************************************
.
Heure de fin: 2008-12-24 1:20:14 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-24 00:20:07

Avant-CF: 19 547 058 176 octets libres
Après-CF: 20,347,817,984 octets libres

604 --- E O F --- 2008-12-12 23:47:55
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 55
Utilisateur anonyme
 
Re,

▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

▶ Double clique sur RSIT.exe pour lancer l'outil.

▶ Clique sur ' continue ' à l'écran Disclaimer.

Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 26 / 55
nowhere_ Messages postés 259 Date d'inscription   Statut Membre 50
 
sources officiels pour telecharger combofix :

--> http://download.bleepingcomputer.com/sUBs/ComboFix.exe
--> https://forospyware.com
--> http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/

certaines versions ont un trojan

suivre avec attention le tutoriel : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
c'est un outil puissant.

un interprete des log d'hijackthis : http://www.hijackthis.de/fr
vous donnera une idee : une tache inconnue n'est pas bon signe
*verifier en postant ici
0
Réponse 27 / 55
jojo
 
voici le rapport info:

info.txt logfile of random's system information tool 1.05 2008-12-24 01:34:21

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Angelina Jolie 1-->C:\WINDOWS\ss3unstl.exe "Angelina Jolie 1"
Apple Software Update-->MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}\SETUP.EXE" -l0x40c UNINST
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Dofus 1.22.0-->C:\Program Files\Dofus\uninstall.exe
eoEngine 5.1-->"C:\Program Files\EoRezo\unins000.exe"
EoWeather 5.1-->"C:\Program Files\EoRezo\EoWeather\unins000.exe"
EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x40c UNINST
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel-->C:\Program Files\EPSON\TPMANUAL\ES_CX_DX\FRA\USE_G\DOCUNINS.EXE
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2-->"H:\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\setup.exe"
Logitech QuickCam-->MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Essentials-->MsiExec.exe /X{9B4E6CB9-E54D-47F7-A414-E2D5740E1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Security Scan-->MsiExec.exe /I{230C4A45-2586-4161-84EF-5C0D75D5B270}
OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
PHOTOfunSTUDIO -viewer--->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x040c -z"Uninstall" -removeonly
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Sagem Wi-Fi 11g USB adapter (driver)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2ED60C17-4568-4CD5-830A-03C4688B09A1}\setup.exe" -l0x40c
SAGEM Wi-Fi 11g USB adapter (pilote)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7421E270-0140-4F62-AE39-ECB9F1C81B35}\setup.exe" -l0x40c
SAGEM Wi-Fi 11g USB adapter (pilote)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E2AA331E-E10E-438C-B1C0-24B2FFD3D9C4}\setup.exe" -l0x40c
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe" -l0x40c
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
YesMessenger 2.2.40-->"C:\Program Files\YesMessenger\unins000.exe"

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 080930-0] (outdated)

System event log

Computer Name: ADMIN-DBBDDBA8D
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 12574
Source Name: EventLog
Time Written: 20081215181325.000000+060
Event Type: Informations
User:

Computer Name: ADMIN-DBBDDBA8D
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 12573
Source Name: EventLog
Time Written: 20081215181325.000000+060
Event Type: Informations
User:

Computer Name: ADMIN-DBBDDBA8D
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 12572
Source Name: Tcpip
Time Written: 20081215175842.000000+060
Event Type: Avertissement
User:

Computer Name: ADMIN-DBBDDBA8D
Event Code: 7036
Message: Le service Service de transfert intelligent en arrière-plan est entré dans l'état : en cours d'exécution.

Record Number: 12571
Source Name: Service Control Manager
Time Written: 20081215174952.000000+060
Event Type: Informations
User:

Computer Name: ADMIN-DBBDDBA8D
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de transfert intelligent en arrière-plan.

Record Number: 12570
Source Name: Service Control Manager
Time Written: 20081215174950.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Application event log

Computer Name: ADMIN-DBBDDBA8D
Event Code: 0
Message:
Record Number: 7630
Source Name: LVCOMSer
Time Written: 20081103151455.000000+060
Event Type: Informations
User:

Computer Name: ADMIN-DBBDDBA8D
Event Code: 1001
Message: Échec de détection du produit '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', fonctionnalité 'QuickCam' lors de la demande du composant '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'

Record Number: 7629
Source Name: MsiInstaller
Time Written: 20081103151455.000000+060
Event Type: Avertissement
User: AUTORITE NT\SERVICE RÉSEAU

Computer Name: ADMIN-DBBDDBA8D
Event Code: 1004
Message: Échec de détection du produit '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', fonctionnalité 'QuickCam', composant '{B52C7B4D-F46F-438C-ADF2-05A138C57757}. La ressource 'HKEY_CURRENT_USER\Software\Logitech\InstallerKeys\QCDesktopShortcutKey' n'existe pas

Record Number: 7628
Source Name: MsiInstaller
Time Written: 20081103151455.000000+060
Event Type: Avertissement
User: AUTORITE NT\SERVICE RÉSEAU

Computer Name: ADMIN-DBBDDBA8D
Event Code: 0
Message:
Record Number: 7627
Source Name: gusvc
Time Written: 20081103151451.000000+060
Event Type: Informations
User:

Computer Name: ADMIN-DBBDDBA8D
Event Code: 1001
Message: Échec de détection du produit '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', fonctionnalité 'QuickCam' lors de la demande du composant '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'

Record Number: 7626
Source Name: MsiInstaller
Time Written: 20081103151432.000000+060
Event Type: Avertissement
User: AUTORITE NT\SERVICE RÉSEAU

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 28 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=1c00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 28 / 55
jojo
 
voici le rapport log:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Admin at 2008-12-24 01:34:01
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 19 GB (50%) free of 39 GB
Total RAM: 511 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:34:16, on 24/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\YesMessenger\YesMessenger.exe
C:\WINDOWS\sysrest32.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Admin\Bureau\RSIT.exe
C:\Documents and Settings\Admin\Bureau\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Secure System Restore] sysrest32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SBB.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S3F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series (Copie 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S14.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: YesMessenger.lnk = C:\Program Files\YesMessenger\YesMessenger.exe
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
0
Réponse 29 / 55
Utilisateur anonyme
 
Re,

@nowhere_,

c bon pas besoin c déjà passer et la .

@JOJO:

1. Fermez tous les navigateurs ouverts.

2. Fermez/désactivez tous les programmes anti-virus, anti-malware ou anti-spyware afin qu'ils n'interfèrent pas avec le travail de ComboFix.

3. Ouvrez le Bloc-notes et faites un copier/coller du texte en gras situé dans la boîte Citation ci-dessous dans le Bloc-notes:


File::
c:\documents and settings\admin\application data\zango\v3.0\zango\dynamic\ustat\3793.dat
c:\documents and settings\admin\application data\zango\v3.0\zango\static\1\btntrans1.dat
c:\documents and settings\admin\application data\zango\v3.0\zango\static\1\keywords1.dat
c:\documents and settings\admin\application data\zango\v3.0\zango\static\2\btntrans1.dat
c:\documents and settings\admin\application data\zango\v3.0\zango\static\2\keywords1.dat
c:\documents and settings\admin\local settings\application data\qosyk_nav.dat
c:\documents and settings\admin\local settings\application data\qosyk_navps.dat
c:\documents and settings\all users\application data\zangosa\zangosa.dat
c:\documents and settings\all users\application data\zangosa\zangosa_kyf.dat
c:\documents and settings\all users\application data\zangosa\zangosaau.dat
c:\program files\zango\bin\10.3.37.0\oeaddon.exe
c:\program files\zango\bin\10.3.37.0\weather.exe
c:\program files\zango\bin\10.3.37.0\weskin.dll
c:\program files\zango\bin\10.3.37.0\zangosa.exe
c:\program files\zango\bin\10.3.37.0\zangosahook.dll
c:\program files\zango\bin\10.3.37.0\zangouninstaller.exe
c:\windows\fxstaller.exe
c:\windows\system32\mvcbkkkj.ini
c:\windows\system32\rs32net.exe
c:\windows\system32\vtuljyoi.dll
c:\windows\system32\vtumlebb.dll
c:\windows\system32\vtummeed.dll
c:\windows\system32\winamp.exe
c:\windows\system32\__c003ebfa.dat

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-

Enregistrez le fichier sous le nom CFScript.txt, au même endroit que ComboFix.exe

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

Comme sur l'image ci-dessus, faites glisser CFScript puis déposez-le sur ComboFix.exe

Lorsque l'outil aura terminé, il vous affichera un rapport nommé C:\ComboFix.txt que vous devez m'envoyer dans votre prochain message.
0
Réponse 30 / 55
nowhere_ Messages postés 259 Date d'inscription   Statut Membre 50
 
je trouve que ça donne beaucoup d'information sur un systeme... distant.. tout ces logs
0
Réponse 31 / 55
Utilisateur anonyme
 
Re,

Ben regarde les pas alors!!

;)
0
Réponse 32 / 55
jojo
 
j'ai des boite de dialogue qui s'affiche, Windows - lecteur non pret
exception processing message c00000a3 parameters .....
que dois je faire ??
0
Réponse 33 / 55
Utilisateur anonyme
 
Re,

desactivé en decochant la premiere case "connect at power on" de la fenetre qui s'ouvre lorsqu'on double click sur floopy disk.
0
Réponse 34 / 55
Utilisateur anonyme
 
moi je regarde et ça trip de voir enfin des fichiers plutot qu'un avartar de virus ^^

...c'est pour comprendre HiJackThis et tous ceux qui en ont peur aussi, lol
0
Réponse 35 / 55
jojo
 
Mais avec le message je peux juste annule recommencer ou continuer
0
Réponse 36 / 55
Utilisateur anonyme
 
Re,

Laisse tomber le script et fait ceci dans l'ordre:

▶ Télécharge UsbFix (de Chiquitine29) sur ton Bureau :

▶ Lance l'installation avec les paramètres par défaut.

▶ Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.

▶ Double-clique sur le raccourci UsbFix sur ton Bureau.

Choisit l'option 1

▶ Le PC va redémarrer.

▶ Après redémarrage, poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte

Mets le à jour

▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.

▶ Sélectionne Exécuter un examen complet si ce n'est pas déjà fait

▶ clique sur Rechercher

▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

Tutoriel pour MalwareByte's
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Une fois que tu auras fait malwarebyte et supprimer la quarantaine,tu redémarre ton pc normalement et tu poste le rapport de malwarebyte et tu refais un rapport avec RSIT.
0
Utilisateur anonyme
 
svp X-V,

existe-t'il des prduits type Malewarebyte's dans le commerce ?
0
Réponse 37 / 55
Utilisateur anonyme
 
Re,

Mawarebyte et a une version payante et il et pas trop mal.
0
Réponse 38 / 55
jojo
 
rapport UsbFix.txt :

-------------- UsbFix V2.413.7 ---------------

* User : Admin - ADMIN-DBBDDBA8D
* Outils mis a jours le 24/12/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 2:12:02 le 2008-12-24
* Windows Xp - Internet Explorer 7.0.5730.13

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur de CD-ROM

F: - Lecteur de CD-ROM

G: - Lecteur de CD-ROM

H: - Lecteur amovible

+- Contenu de l'autorun : G:\autorun.inf

[AutoRun]
open=LaunchU3.exe -a
icon=LaunchU3.exe,0
action=Run U3 Launchpad

[Definitions]
Launchpad=LaunchPad.exe
Vtype=2

[CopyFiles]
FileNumber=1
File1=LaunchPad.zip

[Update]
URL=http://u3.sandisk.com/download/lp_installer.asp?custom=1.6.1.2&brand=PelicanBFG

[Comment]
brand=PelicanBFG

+- Contenu de l'autorun : H:\autorun.inf

[autorun]
open=RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\sysrest32.exe
icon=%SystemRoot%\system32\SHELL32.dll,4
action=Open folder to view files
shell\open=Open
shell\open\command=RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\sysrest32.exe
shell\open\default=1

--------------- [ Lecteur C ] ----------------

C: - Lecteur fixe

+- Listing des fichiers présents :

[2007-12-13 17:50][--a------] C:\AUTOEXEC.BAT
[2006-03-02 13:00][-rahs----] C:\NTDETECT.COM
[2008-12-20 20:07][--a------] C:\reps.exe
[2007-12-13 17:43][---hs----] C:\boot.ini
[2007-12-13 17:43][---hs----] C:\UpdaterforApp.ini
[2008-12-24 02:12][--a------] C:\UsbFix.txt
[2007-12-13 17:50][--a------] C:\CONFIG.SYS
[2007-12-13 17:50][--a------] C:\hiberfil.sys
[2007-12-13 17:50][--a------] C:\IO.SYS
[2007-12-13 17:50][--a------] C:\MSDOS.SYS
[2007-12-13 17:50][--a------] C:\pagefile.sys

--------------- [ Lecteur D ] ----------------

D: - Lecteur fixe

+- Listing des fichiers présents :

[2007-10-26 13:57][--a------] D:\AUTOEXEC.BAT
[][] D:\NTDETECT.COM
[2007-10-26 13:44][---hs----] D:\boot.ini
[2007-10-26 13:57][--a------] D:\CONFIG.SYS
[2007-10-26 13:57][--a------] D:\hiberfil.sys
[2007-10-26 13:57][--a------] D:\IO.SYS
[2007-10-26 13:57][--a------] D:\MSDOS.SYS
[2007-10-26 13:57][--a------] D:\pagefile.sys

--------------- [ Lecteur E ] ----------------

E: - Lecteur de CD-ROM

+- Listing des fichiers présents :

--------------- [ Lecteur F ] ----------------

F: - Lecteur de CD-ROM

+- Listing des fichiers présents :

--------------- [ Lecteur G ] ----------------

G: - Lecteur de CD-ROM

+- Listing des fichiers présents :

[2007-10-23 08:45][-r-------] G:\LaunchU3.exe
[2008-05-06 13:26][-r-------] G:\autorun.inf

--------------- [ Lecteur H ] ----------------

H: - Lecteur amovible

+- Listing des fichiers présents :

[2007-10-23 09:45][-ra------] H:\LaunchU3.exe
[2007-10-23 09:45][-ra------] H:\a2FreeSetup.exe
[2007-10-23 09:45][-ra------] H:\spybotsd160.exe
[2007-10-23 09:45][-ra------] H:\mbam-setup.exe
[2007-10-23 09:45][-ra------] H:\C-Fix.exe
[2007-10-23 09:45][-ra------] H:\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[2007-10-23 09:45][-ra------] H:\RSIT.exe
[2007-10-23 09:45][-ra------] H:\UsbFix.exe
[2008-12-24 02:08][--a------] H:\autorun.inf
[2008-12-24 01:21][--a------] H:\log.txt
[2008-12-24 01:21][--a------] H:\info111.txt
[2008-12-24 01:21][--a------] H:\log111.txt
[2008-12-24 01:21][--a------] H:\CFScript.txt

--------------- [ Registre / Startup ] ----------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
EPSON Stylus DX8400 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SBB.tmp" /EF "HKCU"
swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
EPSON Stylus DX8400 Series (Copie 1)=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S3F.tmp" /EF "HKCU"
EPSON Stylus DX8400 Series (Copie 2)=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S14.tmp" /EF "HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
LanguageShortcut="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
LGODDFU="C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
SecurDisc=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
InCD=C:\Program Files\Nero\Nero 7\InCD\InCD.exe
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Smapp=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
LogitechCommunicationsManager="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
LogitechQuickCamRibbon="C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
ArcSoft Connection Service=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
Secure System Restore=sysrest32.exe
UserFaultCheck=%systemroot%\system32\dumprep 0 -u
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

--------------- [ Registre / Mountpoint2 ] ----------------

-> Recherche négative.

--------------- [ Nettoyage des disques ] ----------------

Supprimé ! - [2008-04-14 03:34][--a------] C:\WINDOWS\system32\mldmm.exe
H:\autorun.inf ~> fichier appelé : "H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\sysrest32.exe" ( présent ! )
Supprimé ! - H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\sysrest32.exe
Echec de la supression !! - [2008-05-06 13:26] G:\autorun.inf
Echec de la supression !! - [2008-05-06 13:26] G:\autorun.inf
Echec de la supression !! - [2008-05-06 13:26] G:\autorun.inf
Supprimé ! - [2008-12-24 02:08][--a------] H:\autorun.inf

--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[2007-12-13 17:50][--a------] C:\AUTOEXEC.BAT
[2006-03-02 13:00][-rahs----] C:\NTDETECT.COM
[2008-12-20 20:07][--a------] C:\reps.exe
[2007-12-13 17:43][---hs----] C:\boot.ini
[2007-12-13 17:43][---hs----] C:\UpdaterforApp.ini
[2007-10-26 13:57][--a------] D:\AUTOEXEC.BAT
[][] D:\NTDETECT.COM
[2007-10-26 13:44][---hs----] D:\boot.ini
[2007-10-23 08:45][-r-------] G:\LaunchU3.exe
[2008-05-06 13:26][-r-------] G:\autorun.inf
[2007-10-23 09:45][-ra------] H:\LaunchU3.exe
[2007-10-23 09:45][-ra------] H:\a2FreeSetup.exe
[2007-10-23 09:45][-ra------] H:\spybotsd160.exe
[2007-10-23 09:45][-ra------] H:\mbam-setup.exe
[2007-10-23 09:45][-ra------] H:\C-Fix.exe
[2007-10-23 09:45][-ra------] H:\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[2007-10-23 09:45][-ra------] H:\RSIT.exe
[2007-10-23 09:45][-ra------] H:\UsbFix.exe

Joyeuses fetes a tous de la part de T'Chiki et Chimay ...et merci a toutes les personnes ayant,
de pret ou de loin participé a UsbFix durant l annee 2008 , merci a eux !

--------------- ! Fin du rapport ! ----------------
0
Réponse 39 / 55
jojo
 
Re,
Malware est toujours entrain de scanné, je sais pas si c'est normal que ce soit aussi long, ??
0
Réponse 40 / 55
Utilisateur anonyme
 
Re,

Le plus long que j'ai vue c'est 15 heures de scans.

Mais bon laisse tourner et va te coucher.

A++
0
Précédent
  • 1
  • 2
  • 3