Avg scan

Réponse 21 / 51

Utilisateur anonyme

Re,

Reposte le log txt en deux fois sur le forum.

merci

Fait USBFIX aussi

Réponse 22 / 51

titihani Messages postés 29 Statut Membre 2

Logfile of random's system information tool 1.05 (written by random/random)
Run by client at 2009-01-03 02:23:37
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 5 GB (19%) free of 25 GB
Total RAM: 479 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:24:26, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\client\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Telecom Factory\MANA ADSL by telecom factory\dslmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\client\Bureau\remove wga\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\client\Bureau\remove wga\client.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?hl=fr&gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [9xadiras] 9xadiras.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.36.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.36.0\ZangoSA.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.36.0\Weather.exe" -auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\ckvo.exe
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\client\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?00b0b9cfbd2140dea8a7995ca5d833d9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?00b0b9cfbd2140dea8a7995ca5d833d9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-e1f2b12e8955e4f0.spaces.live.com/PhotoUpload/MsnPUpld.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Réponse 23 / 51

Utilisateur anonyme

Re,

Passe usbfix et ensuite tu redémarre ton pc et refait un log avec RSIT mais poste le en deus ou trois fois

C très important.

Réponse 24 / 51

titihani Messages postés 29 Statut Membre 2

S3 STV680m;USB Dual-mode Cameram; C:\WINDOWS\system32\drivers\STV680m.sys [2002-02-11 9024]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-10-31 30464]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\client\LOCALS~1\Temp\mc21.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-01-02 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-01-02 231704]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2005-11-28 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [2005-08-29 266295]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe [2007-02-06 109344]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-12-11 504104]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]
S2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-26 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 KodakCCS;Kodak Camera Connection Software; C:\WINDOWS\system32\drivers\KodakCCS.exe []
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------

Réponse 25 / 51

Utilisateur anonyme

Re,

▶ Télécharge UsbFix (de Chiquitine29) sur ton Bureau :

▶ Lance l'installation avec les paramètres par défaut.

▶ Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.

▶ Double-clique sur le raccourci UsbFix sur ton Bureau.

▶ Choisit l'option 1

▶ Le PC va redémarrer.

▶ Après redémarrage, poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

titihani Messages postés 29 Statut Membre 2

-------------- UsbFix V2.413.8 ---------------

* User : client - CLIENT-A40CD034
* Outils mis a jours le 27/12/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 2:40:18 le 03/01/2009
* Windows Xp - Internet Explorer 6.0.2900.2180

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\userinit.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

D: - Lecteur fixe

+- Contenu de l'autorun : C:\autorun.inf

[AutoRun]
open=n1deiect.com
;shell\open=Open(&O)
shell\open\Command=n1deiect.com
shell\open\Default=1
;shell\explore=Manager(&X)
shell\explore\Command=n1deiect.com

+- Contenu de l'autorun : D:\autorun.inf

[AutoRun]
open=n1deiect.com
;shell\open=Open(&O)
shell\open\Command=n1deiect.com
shell\open\Default=1
;shell\explore=Manager(&X)
shell\explore\Command=n1deiect.com

--------------- [ Lecteur C ] ----------------

C: - Lecteur fixe

+- Listing des fichiers présents :

[12/04/2007 09:07][---hs----] C:\AUTOEXEC.BAT
[03/08/2004 22:38][-rahs----] C:\NTDETECT.COM
[22/10/2007 02:11][-rahs----] C:\boot.ini
[02/01/2009 02:32][-r-hs----] C:\autorun.inf
[03/01/2009 02:06][--a------] C:\cleannavi.txt
[03/01/2009 02:06][--a------] C:\EyeCandyLog.txt
[03/01/2009 02:06][--a------] C:\fixnavi.txt
[03/01/2009 02:06][--a------] C:\TB.txt
[03/01/2009 02:06][--a------] C:\UsbFix.txt
[12/05/2006 12:03][--a------] C:\CONFIG.SYS
[12/05/2006 12:03][--a------] C:\IO.SYS
[12/05/2006 12:03][--a------] C:\MSDOS.SYS
[12/05/2006 12:03][--a------] C:\pagefile.sys

--------------- [ Lecteur D ] ----------------

D: - Lecteur fixe

+- Listing des fichiers présents :

[02/01/2009 02:32][-r-hs----] D:\autorun.inf

--------------- [ Registre / Startup ] ----------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Uniblue RegistryBooster 2=C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
LDM=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
Skype="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
WeatherDPA="C:\Program Files\Zango\bin\10.3.36.0\Weather.exe" -auto
MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
AnumanLive=C:\Documents and Settings\client\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
SuperCopier2.exe=C:\Program Files\SuperCopier2\SuperCopier2.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMan=SOUNDMAN.EXE
SiSUSBRG=C:\WINDOWS\SiSUSBrg.exe
RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
WinampAgent=C:\Program Files\Winamp\winampa.exe
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
9xadiras=9xadiras.exe
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
SSBkgdUpdate="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
OpwareSE4="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
LogitechCommunicationsManager="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
LogitechQuickCamRibbon="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
MDNS=C:\WINDOWS\system32\service.exe
ZangoOE=C:\Program Files\Zango\bin\10.3.36.0\OEAddOn.exe
ZangoSA="C:\Program Files\Zango\bin\10.3.36.0\ZangoSA.exe"
AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{073841ae-4c06-11dd-a008-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a10dcaf-baf3-11dc-9f01-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ee14a0b-e95d-11db-9d84-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1accb494-31e7-11dd-9fe2-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1accb496-31e7-11dd-9fe2-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1accb496-31e7-11dd-9fe2-4d6564696130}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1accb496-31e7-11dd-9fe2-4d6564696130}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2084f7ec-f927-11db-9da1-e62a688e224a}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e34ba3c-7f89-11dd-a07a-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{366600eb-1c94-11dd-9fab-c9ef9049363a}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{366600eb-1c94-11dd-9fab-c9ef9049363a}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{366600eb-1c94-11dd-9fab-c9ef9049363a}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c6cb0a8-0ae8-11dc-9dc5-9654572d5d4a}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c6cb0a8-0ae8-11dc-9dc5-9654572d5d4a}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c6cb0a8-0ae8-11dc-9dc5-9654572d5d4a}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d9fd679-899b-11dc-9eca-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3eb0815a-bf02-11db-9cd6-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f61b8eb-0255-11db-9b23-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47a96f40-2f92-11dd-9fd9-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47a96f40-2f92-11dd-9fd9-4d6564696130}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47a96f40-2f92-11dd-9fd9-4d6564696130}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49502fec-9ee7-11db-9c6e-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c6b2386-e03b-11db-9d67-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{557a9eef-bf28-11dc-9f08-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{563c3cb4-715b-11db-9c04-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57747ed3-2c3a-11dc-9e2e-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6239237b-d520-11dc-9f1a-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6434636c-f05b-11db-9d94-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67cd9d82-ee16-11db-9d8e-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67cd9d82-ee16-11db-9d8e-0015f20320d1}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67cd9d82-ee16-11db-9d8e-0015f20320d1}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{682a5de4-ef69-11da-9af8-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{682a5de4-ef69-11da-9af8-0015f20320d1}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{682a5de4-ef69-11da-9af8-0015f20320d1}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69f54e6b-5dd4-11dc-9e99-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6cc358da-ee78-11dc-9f56-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f439afc-d781-11dd-a0a2-00116760ab63}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f439afc-d781-11dd-a0a2-00116760ab63}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f439afc-d781-11dd-a0a2-00116760ab63}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77ccb172-6cd6-11dd-a04e-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77ccb172-6cd6-11dd-a04e-4d6564696130}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77ccb172-6cd6-11dd-a04e-4d6564696130}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a326902-55a1-11db-9bd5-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a8abb5d-5377-11db-9bcf-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b5d113e-5b58-11dc-9e95-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8cc4f941-16d0-11dc-9dde-d0a78dcb294a}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d9d23a6-b380-11dc-9ef8-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99cbe403-d6b8-11dc-9f1b-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9cc32044-1a02-11dc-9de4-bac51395214a}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fb48b8a-9776-11db-9c5a-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fb48b8a-9776-11db-9c5a-0015f20320d1}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fb48b8a-9776-11db-9c5a-0015f20320d1}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5b75d0b-a1b7-11db-9c7a-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8bb8ed9-bb30-11db-9cc6-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aadc790a-7ea3-11db-9c29-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aadc790c-7ea3-11db-9c29-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ace4c870-426f-11dc-9e6b-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad970794-958e-11db-9c58-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ade62c10-d775-11db-9d3c-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af75c222-38e8-11dd-9feb-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af75c222-38e8-11dd-9feb-4d6564696130}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af75c222-38e8-11dd-9feb-4d6564696130}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b2810553-f023-11dc-9f58-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6f4821d-f714-11dc-9f67-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba806777-0dca-11db-9b41-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb41961e-42c1-11dc-9e6d-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd02d8d3-8c25-11dc-9ecc-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf652eb6-30e2-11dc-9e3d-f31061b84549}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c75b821c-dde3-11dc-9f27-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8afbbfc-199f-11dd-9fa4-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d27e5f99-6fbc-11db-9bff-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d69d3c78-de52-11db-9d53-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc04aea2-4b21-11dd-a006-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de883440-c733-11dc-9f12-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e813e6c6-f21b-11db-9d98-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9765317-4af4-11dc-9e7a-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb535342-da91-11db-9d49-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef436cdc-cf54-11db-9d0e-0015f20320d1}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f96cb716-2c70-11dd-9fc9-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f96cb716-2c70-11dd-9fc9-4d6564696130}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f96cb716-2c70-11dd-9fc9-4d6564696130}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc106bae-45e7-11dc-9e71-4d6564696130}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd125f52-d87c-11dc-9f1c-4d6564696130}\Shell\AutoRun\command

--------------- [ Nettoyage des disques ] ----------------

C:\autorun.inf ~> fichier appelé : "C:\n1deiect.com" ( absent ! )
D:\autorun.inf ~> fichier appelé : "D:\n1deiect.com" ( absent ! )
Supprimé ! - [02/01/2009 02:32][-r-hs----] C:\autorun.inf
Supprimé ! - [02/01/2009 02:32][-r-hs----] D:\autorun.inf
Supprimé ! - [26/07/2008 06:13][--ahs----] D:\THUMBS.DB

--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[12/04/2007 09:07][---hs----] C:\AUTOEXEC.BAT
[03/08/2004 22:38][-rahs----] C:\NTDETECT.COM
[22/10/2007 02:11][-rahs----] C:\boot.ini

--------------- ! Fin du rapport ! ----------------

Réponse 26 / 51

Utilisateur anonyme

Re,

Refait un log avec RSIT tu le poste en trois fois STP,

très important.

le log txt.

titihani Messages postés 29 Statut Membre 2

Logfile of random's system information tool 1.05 (written by random/random)
Run by client at 2009-01-03 02:53:20
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 5 GB (19%) free of 25 GB
Total RAM: 479 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:53:51, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\client\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Telecom Factory\MANA ADSL by telecom factory\dslmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Documents and Settings\client\Bureau\remove wga\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\client\Bureau\remove wga\client.exe

Réponse 27 / 51

Utilisateur anonyme

Re,

▶ Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte

▶ Mets le à jour

▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.

▶ Sélectionne Exécuter un examen complet si ce n'est pas déjà fait

▶ clique sur Rechercher

▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

▶ Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

▶ Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

▶ Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

Tutoriel pour MalwareByte's

titihani Messages postés 29 Statut Membre 2

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1602
Windows 5.1.2600 Service Pack 2

03/01/2009 14:05:23
mbam-log-2009-01-03 (14-05-12).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 129742
Temps écoulé: 1 hour(s), 19 minute(s), 53 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 56
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 14
Fichier(s) infecté(s): 172

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\browsingtool.browserwatcher (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\browsingtool.browserwatcher.1 (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\browsingtool.pornpro_bho (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\browsingtool.pornpro_bho.1 (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\browsingtool.precachebrowserhost (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\browsingtool.precachebrowserhost.1 (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{50a1aa3b-80e3-15cf-0f1a-83a98ad98fe9} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7f68785e-4894-7bb2-5fde-cc3eee2ebc82} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e698e657-649e-5d40-752d-9a3b78ea832a} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0daee015-a728-c212-9b8f-298391b8328e} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{aaf21892-e4d8-e8ed-e36a-3a91e3b2db29} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d0661233-42d4-f7f1-80e1-8a9e0e99e71d} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{fe3af205-54df-b146-1f0e-c9262829ed18} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{84d39d08-a551-a4e5-c8d1-3327573d4640} (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d0661233-42d4-f7f1-80e1-8a9e0e99e71d} (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\BrowsingTool (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BrowsingTool.DLL (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowsingTool (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FOPF (Rogue.AVSystemShield) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\AntiVirus (Rogue.Multiple) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZangoSA (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\Zango@Zango.com (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\zango 10.3.36.0 (Adware.Zango) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\ZangoSA (Adware.Zango) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Data (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\client\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> No action taken.
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> No action taken.
C:\Program Files\MSN Messenger\msimg32.dll (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> No action taken.
C:\System Volume Information\_restore{A4A4818F-142B-400D-9523-2F986F95970E}\RP437\A0359006.dll (Trojan.FBrowsingAdvisor) -> No action taken.
C:\System Volume Information\_restore{A4A4818F-142B-400D-9523-2F986F95970E}\RP437\A0359007.dll (Adware.Shopper) -> No action taken.
C:\System Volume Information\_restore{A4A4818F-142B-400D-9523-2F986F95970E}\RP437\A0359009.dll (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{A4A4818F-142B-400D-9523-2F986F95970E}\RP437\A0359010.dll (Adware.MyWeb.FunWeb) -> No action taken.
C:\System Volume Information\_restore{A4A4818F-142B-400D-9523-2F986F95970E}\RP437\A0359045.dll (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{A4A4818F-142B-400D-9523-2F986F95970E}\RP437\A0359053.dll (Adware.MyWeb.FunWeb) -> No action taken.
C:\ToolBar SD\Backup-TB\Program Files\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> No action taken.
C:\ToolBar SD\Backup-TB\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> No action taken.
C:\ToolBar SD\Backup-TB\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> No action taken.
D:\Documents and Settings\client\Mes documents\Mes trucs à moi\Mes raccourcis\Setup.exe (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAau.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht (Adware.Zango) -> No action taken.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Application Data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> No action taken.
C:\Documents and Settings\client\Menu Démarrer\NoCreditCard.lnk (Dialer) -> No action taken.

Réponse 28 / 51

Utilisateur anonyme

Re,

▶ Ouvre Malwarebyte,

▶ Clic sur l'onglet Quarantaine,

▶ Supprime tout ce que la quarantaine contient,

▶ Si il te propose de redémarrer ton PC =>Accepte

▶ Si il ne te le propose pas =>Redémarre normalement ton PC

▶ Poste le rapport suite à la suppression sur le forum.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Refait un log RSIT

Réponse 29 / 51

titihani Messages postés 29 Statut Membre 2

Logfile of random's system information tool 1.05 (written by random/random)
Run by client at 2009-01-04 02:20:31
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 5 GB (18%) free of 25 GB
Total RAM: 479 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:21:59, on 04/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\client\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Telecom Factory\MANA ADSL by telecom factory\dslmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Documents and Settings\client\Bureau\remove wga\RSIT.exe
C:\Documents and Settings\client\Bureau\remove wga\client.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [9xadiras] 9xadiras.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.36.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.36.0\ZangoSA.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.36.0\Weather.exe" -auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\client\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?00b0b9cfbd2140dea8a7995ca5d833d9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?00b0b9cfbd2140dea8a7995ca5d833d9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-e1f2b12e8955e4f0.spaces.live.com/PhotoUpload/MsnPUpld.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Réponse 30 / 51

titihani Messages postés 29 Statut Membre 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFind"=0
"NoRun"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"hx-1"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\RavMonE.exe"="G:\RavMonE.exe:*:Enabled:RavMonE"
"C:\WINDOWS\RavMonE.exe"="C:\WINDOWS\RavMonE.exe:*:Enabled:RavMonE"
"C:\Program Files\Grisoft\AVG Free\avgemc.exe"="C:\Program Files\Grisoft\AVG Free\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\Grisoft\AVG Free\avginet.exe"="C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Documents and Settings\client\Bureau\Motorola USB Modem\BlueSoleil.exe"="C:\Documents and Settings\client\Bureau\Motorola USB Modem\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Documents and Settings\client\Bureau\Nouveau dossier (2)\eMule\emule.exe"="C:\Documents and Settings\client\Bureau\Nouveau dossier (2)\eMule\emule.exe:*:Enabled:eMule"
"C:\Documents and Settings\client\Bureau\eMule\emule.exe"="C:\Documents and Settings\client\Bureau\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe"="C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe:*:Enabled:TViXNetShare"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Films\Documents and Settings\client\Mes documents\TOUS LES DOSSIERS BUREAU\eMule\emule.exe"="D:\Films\Documents and Settings\client\Mes documents\TOUS LES DOSSIERS BUREAU\eMule\emule.exe:*:Enabled:eMule"
"D:\Documents and Settings\client\Mes documents\TOUS LES DOSSIERS BUREAU\eMule\emule.exe"="D:\Documents and Settings\client\Mes documents\TOUS LES DOSSIERS BUREAU\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2009-01-03 03:06:15 ----D---- C:\Documents and Settings\client\Application Data\Malwarebytes
2009-01-03 03:06:04 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-03 03:06:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-03 02:40:18 ----A---- C:\UsbFix.txt
2009-01-03 02:35:05 ----D---- C:\Program Files\UsbFix
2009-01-03 02:16:59 ----D---- C:\rsit
2009-01-03 01:58:17 ----A---- C:\cleannavi.txt
2009-01-03 01:35:39 ----A---- C:\fixnavi.txt
2009-01-03 01:26:44 ----D---- C:\Program Files\Navilog1
2009-01-02 11:26:45 ----A---- C:\TB.txt
2009-01-02 11:25:48 ----D---- C:\ToolBar SD
2009-01-02 02:31:04 ----HD---- C:\$AVG8.VAULT$
2009-01-02 02:30:25 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-01-02 02:30:11 ----D---- C:\Documents and Settings\client\Application Data\AVGTOOLBAR
2009-01-02 02:29:58 ----D---- C:\Program Files\AVG
2009-01-02 02:29:58 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-12-18 14:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2008-12-18 14:27:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2008-12-17 11:08:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-17 11:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-17 11:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-17 11:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-17 11:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-17 11:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-17 11:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$

======List of files/folders modified in the last 1 months======

2009-01-04 02:22:06 ----D---- C:\WINDOWS\Temp
2009-01-04 02:21:13 ----D---- C:\WINDOWS\Prefetch
2009-01-04 02:18:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-04 02:13:44 ----D---- C:\Program Files\Mozilla Firefox
2009-01-03 15:13:39 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-03 14:10:03 ----D---- C:\WINDOWS\system32\drivers
2009-01-03 11:28:00 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-03 11:11:08 ----SHD---- C:\WINDOWS\Installer
2009-01-03 11:09:13 ----HD---- C:\Config.Msi
2009-01-03 03:06:03 ----D---- C:\Program Files
2009-01-03 02:06:59 ----D---- C:\WINDOWS\system32
2009-01-03 02:04:51 ----D---- C:\WINDOWS
2009-01-03 01:10:20 ----D---- C:\Program Files\MSN Messenger
2009-01-03 01:10:19 ----D---- C:\Program Files\Internet Explorer
2009-01-02 13:36:25 ----D---- C:\Program Files\Incomplete
2009-01-02 09:47:11 ----D---- C:\Documents and Settings\client\Application Data\PlayFirst
2009-01-02 02:29:44 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-01-02 02:29:43 ----D---- C:\WINDOWS\WinSxS
2009-01-01 10:31:20 ----D---- C:\Program Files\eMule
2008-12-30 19:25:49 ----A---- C:\WINDOWS\IE4 Error Log.txt
2008-12-30 09:38:12 ----D---- C:\WINDOWS\Help
2008-12-30 09:36:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-30 09:35:46 ----HD---- C:\WINDOWS\inf
2008-12-30 09:35:46 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-24 17:32:16 ----D---- C:\Temp
2008-12-21 10:34:58 ----D---- C:\Program Files\StuffPlug3
2008-12-18 23:53:34 ----A---- C:\WINDOWS\win.ini
2008-12-18 14:35:47 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-12-18 14:29:04 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-18 14:27:55 ----A---- C:\WINDOWS\imsins.BAK
2008-12-17 21:54:09 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-16 20:51:20 ----D---- C:\Documents and Settings\client\Application Data\Adobe
2008-12-12 07:35:12 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-09 15:24:38 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-01-02 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-01-02 26824]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 sdcplh;sdcplh; C:\WINDOWS\System32\drivers\sdcplh.sys [2005-10-02 55168]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2004-08-04 12416]
R1 sonypvf2;sonypvf2; C:\WINDOWS\system32\drivers\sonypvf2.sys [2003-08-20 635012]
R1 sonypvt2;sonypvt2; C:\WINDOWS\system32\drivers\sonypvt2.sys [2003-08-20 431236]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-06 12032]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-01-02 76040]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-23 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-08-29 853258]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2006-09-19 15664]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-02-06 25632]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-06 5888]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2004-08-04 220672]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007]
S3 adiusbaw;MANA ADSL by telecom factory USB MODEM WAN ADAPTER; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2004-03-02 127065]
S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2005-08-29 428269]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-08-29 30363]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2005-08-29 30221]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-08-29 64344]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 Lvckap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]
S3 lvmvdrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]
S3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2004-08-03 163584]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-02-03 490784]
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SQTECH905C;DaulCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2004-12-08 32123]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 STV680;USB Dual-mode Camera; C:\WINDOWS\system32\drivers\STV680.sys [2002-02-11 119536]
S3 STV680m;USB Dual-mode Cameram; C:\WINDOWS\system32\drivers\STV680m.sys [2002-02-11 9024]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-10-31 30464]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\client\LOCALS~1\Temp\mc21.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-01-02 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-01-02 231704]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2005-11-28 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [2005-08-29 266295]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe [2007-02-06 109344]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-12-11 504104]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]
S2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-26 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 KodakCCS;Kodak Camera Connection Software; C:\WINDOWS\system32\drivers\KodakCCS.exe []
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------

Réponse 31 / 51

Utilisateur anonyme

Re,

Reposte le log txt de rsit stp

Réponse 32 / 51

titihani Messages postés 29 Statut Membre 2

Logfile of random's system information tool 1.05 (written by random/random)
Run by client at 2009-01-04 02:20:31
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 5 GB (18%) free of 25 GB
Total RAM: 479 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:21:59, on 04/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\client\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Telecom Factory\MANA ADSL by telecom factory\dslmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Documents and Settings\client\Bureau\remove wga\RSIT.exe
C:\Documents and Settings\client\Bureau\remove wga\client.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [9xadiras] 9xadiras.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.36.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.36.0\ZangoSA.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Zango\bin\10.3.36.0\Weather.exe" -auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\client\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?00b0b9cfbd2140dea8a7995ca5d833d9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?00b0b9cfbd2140dea8a7995ca5d833d9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-e1f2b12e8955e4f0.spaces.live.com/PhotoUpload/MsnPUpld.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Réponse 33 / 51

Utilisateur anonyme

Re,

Tu as vider la quarantaine de malwarebyte ?

Réponse 34 / 51

titihani Messages postés 29 Statut Membre 2

oui j'ai fait tout supprimer et j'ai redémarré mon pc

Réponse 35 / 51

Utilisateur anonyme

Re,

Combofix. Attention, ce logiciel est très puissant, une mauvaise utilisation peut faire des dégâts...

Fais exactement ce qui suit :

Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :
Fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix, choisis le bureau comme destination et valide :

--------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
!! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation (si jamais tu en as et que je ne les ai pas vu sur le rapport hijackthis....)

---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

--->Je te conseil d'installer la console de récupération.(Voir le tutoriel).

Tuto ici : TUTO
---------------------------------------------------------------------------------------------------------------------------------

Ensuite :

Double-clique sur C-Fix.exe (= combofix.exe ) .

Appuie sur une touche pour démarrer le scan .

Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi ---> si un message d'erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

Réponse 36 / 51

titihani Messages postés 29 Statut Membre 2

c'est quoi la console de récupération??

Réponse 37 / 51

Utilisateur anonyme

Re,

C'est en cas de problème avec le passage de combofix pour prévenir d'éventuel problème suite a sont passage.

Tu peut le faire sans installer la console .

Seul chose que tu doit faire et de respecter les consignes donner.

Tout ira bien ......

Réponse 38 / 51

titihani Messages postés 29 Statut Membre 2

ComboFix 09-01-02.01 - client 2009-01-04 3:02:27.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.479.159 [GMT -10:00]
Lancé depuis: c:\documents and settings\client\Bureau\C-Fix.exe
* Un nouveau point de restauration a été créé

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.
[color=purple]Les fichiers ci-dessous ont été désactivés pendant l'exécution:[/color]
c:\program files\SuperCopier2\SC2Hook.dll

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll
c:\windows\IE4 Error Log.txt

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-04 au 2009-01-04 ))))))))))))))))))))))))))))))))))))
.

2009-01-03 03:06 . 2009-01-03 03:06 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-03 03:06 . 2009-01-03 03:06 <REP> d-------- c:\documents and settings\client\Application Data\Malwarebytes
2009-01-03 03:06 . 2009-01-03 03:06 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-03 03:06 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-03 03:06 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-03 02:35 . 2009-01-03 02:42 <REP> d-------- c:\program files\UsbFix
2009-01-03 02:16 . 2009-01-03 02:17 <REP> d-------- C:\rsit
2009-01-03 01:26 . 2009-01-03 02:06 <REP> d-------- c:\program files\Navilog1
2009-01-02 11:25 . 2009-01-03 01:12 <REP> d-------- C:\ToolBar SD
2009-01-02 02:31 . 2009-01-02 14:27 <REP> d--h----- C:\$AVG8.VAULT$
2009-01-02 02:30 . 2009-01-03 08:24 <REP> d-------- c:\windows\system32\drivers\Avg
2009-01-02 02:30 . 2009-01-03 08:36 <REP> d-------- c:\documents and settings\client\Application Data\AVGTOOLBAR
2009-01-02 02:30 . 2009-01-02 02:30 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-01-02 02:30 . 2009-01-02 02:30 76,040 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-01-02 02:30 . 2009-01-02 02:30 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-01-02 02:29 . 2009-01-02 02:29 <REP> d-------- c:\program files\AVG
2009-01-02 02:29 . 2009-01-02 02:29 <REP> d-------- c:\documents and settings\All Users\Application Data\avg8
2008-12-17 02:06 . 2008-10-24 01:10 453,632 -----c--- c:\windows\system32\dllcache\mrxsmb.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-04 13:00 --------- d-----w c:\documents and settings\client\Application Data\Skype
2009-01-04 12:59 --------- d-----w c:\program files\SuperCopier2
2009-01-03 11:10 --------- d-----w c:\program files\MSN Messenger
2009-01-02 23:36 --------- d-----w c:\program files\Incomplete
2009-01-02 19:47 --------- d-----w c:\documents and settings\client\Application Data\PlayFirst
2009-01-01 20:31 --------- d-----w c:\program files\eMule
2008-12-31 21:30 6,656 --sha-w c:\program files\Thumbs.db
2008-12-21 20:34 --------- d-----w c:\program files\StuffPlug3
2008-10-23 13:00 283,648 ----a-w c:\windows\system32\gdi32.dll
2008-10-17 00:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-17 00:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-17 00:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-17 00:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-17 00:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-17 00:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-17 00:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-17 00:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-17 00:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-17 00:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-16 10:38 663,552 ----a-w c:\windows\system32\wininet.dll
2004-08-04 11:07 7,038 ----a-w c:\program files\lvback.gif
2005-05-14 03:12 217,073 --sha-r c:\windows\meta4.exe
2005-10-24 21:13 66,560 --sha-r c:\windows\MOTA113.exe
2006-05-13 00:01 56 --sh--r c:\windows\system32\6C454D298C.sys
2005-07-14 22:31 27,648 --sha-r c:\windows\system32\AVSredirect.dll
2005-06-27 01:32 616,448 --sha-r c:\windows\system32\cygwin1.dll
2005-06-22 08:37 45,568 --sha-r c:\windows\system32\cygz.dll
2004-01-25 10:00 70,656 --sha-r c:\windows\system32\i420vfw.dll
2006-05-13 00:01 1,890 --sha-w c:\windows\system32\KGyGaAvL.sys
2004-08-04 10:54 1,392,671 --sh--r c:\windows\system32\msvbvm60.dll
2005-02-28 23:16 240,128 --sha-r c:\windows\system32\x.264.exe
2004-01-25 10:00 70,656 --sha-r c:\windows\system32\yv12vfw.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-01-05 67128]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-01 68856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-06-08 23233576]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-11-19 5724184]
"AnumanLive"="c:\documents and settings\client\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe" [2008-09-08 347648]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2003-12-12 33792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-12-11 267048]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 488984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 774168]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-02 1261336]
"SoundMan"="SOUNDMAN.EXE" [2004-07-26 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-05-23 110592]
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-08-23 1183744]
BTTray.lnk - c:\program files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2005-10-09 610365]
DSLMON.lnk - c:\program files\Telecom Factory\MANA ADSL by telecom factory\dslmon.exe [2007-06-25 946264]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Logiciel Kodak EasyShare.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-09-19 282624]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-01-05 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msvideo7"= STV680tg.dll
"VIDC.X264"= x264vfw.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SuperCopier2.exe"=c:\program files\SuperCopier2\SuperCopier2.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RavAV"=c:\windows\RavMonE.exe
"wcmdmgr"=c:\windows\wt\updater\wcmdmgrl.exe -launch
"SoundMam"=c:\windows\system32\SVOHOST.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Documents and Settings\\client\\Mes documents\\TOUS LES DOSSIERS BUREAU\\eMule\\emule.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16184:TCP"= 16184:TCP:NortonAV
"17178:TCP"= 17178:TCP:NortonAV
"15667:TCP"= 15667:TCP:NortonAV
"15049:TCP"= 15049:TCP:NortonAV
"14222:TCP"= 14222:TCP:NortonAV
"14820:TCP"= 14820:TCP:NortonAV
"15414:TCP"= 15414:TCP:NortonAV
"16466:TCP"= 16466:TCP:NortonAV
"15615:TCP"= 15615:TCP:NortonAV
"15569:TCP"= 15569:TCP:NortonAV
"13751:TCP"= 13751:TCP:NortonAV
"17998:TCP"= 17998:TCP:NortonAV
"14616:TCP"= 14616:TCP:NortonAV
"14143:TCP"= 14143:TCP:NortonAV
"15433:TCP"= 15433:TCP:NortonAV
"18311:TCP"= 18311:TCP:NortonAV
"13913:TCP"= 13913:TCP:NortonAV
"14357:TCP"= 14357:TCP:NortonAV
"13149:TCP"= 13149:TCP:NortonAV
"17117:TCP"= 17117:TCP:NortonAV
"12686:TCP"= 12686:TCP:NortonAV
"12039:TCP"= 12039:TCP:NortonAV
"12767:TCP"= 12767:TCP:NortonAV
"15520:TCP"= 15520:TCP:NortonAV
"13799:TCP"= 13799:TCP:NortonAV
"12859:TCP"= 12859:TCP:NortonAV
"15316:TCP"= 15316:TCP:NortonAV
"18912:TCP"= 18912:TCP:NortonAV
"14333:TCP"= 14333:TCP:NortonAV

R0 sonypvl2;sonypvl2;c:\windows\system32\drivers\sonypvl2.sys [2007-07-05 19478]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-02 97928]
R1 sonypvf2;sonypvf2;c:\windows\system32\drivers\sonypvf2.sys [2007-07-05 635012]
R1 sonypvt2;sonypvt2;c:\windows\system32\drivers\sonypvt2.sys [2007-07-05 431236]
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-02 875288]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-02 231704]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-02 76040]

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'

2008-12-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]

2009-01-03 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe []

2009-01-04 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Uniblue RegistryBooster 2 - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
HKLM-Run-9xadiras - 9xadiras.exe

.
------- Examen supplémentaire -------
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: c:\program files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?00b0b9cfbd2140dea8a7995ca5d833d9
IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?00b0b9cfbd2140dea8a7995ca5d833d9
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\client\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?hl=fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nppopcaploader.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-04 03:04:24
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\mchInjDrv]
"ImagePath"="\??\c:\docume~1\client\LOCALS~1\Temp\mc21.tmp"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(604)
c:\windows\system32\avgrsstx.dll

- - - - - - - > 'lsass.exe'(712)
c:\windows\system32\avgrsstx.dll
.
Heure de fin: 2009-01-04 3:07:40
ComboFix-quarantined-files.txt 2009-01-04 13:07:38

Avant-CF: 4 597 084 160 octets libres
Après-CF: 4,580,167,680 octets libres

244 --- E O F --- 2009-01-03 21:11:11

Réponse 39 / 51

Utilisateur anonyme

Re,

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :

:processes
explorer.exe

:files
c:\program files\mozilla firefox\plugins\npclntax_zangosa.dll

:commands
[purity]
[start explorer]
[emptytemp]

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Réponse 40 / 51

titihani Messages postés 29 Statut Membre 2

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder c:\program files\mozilla firefox\plugins\npclntax_zangosa.dll not found.
========== COMMANDS ==========
Explorer started successfully
File delete failed. C:\DOCUME~1\client\LOCALS~1\Temp\etilqs_4wqqEuNPc4OjaKkthD8P scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01042009_032204

Files moved on Reboot...
File C:\DOCUME~1\client\LOCALS~1\Temp\etilqs_4wqqEuNPc4OjaKkthD8P not found!
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat moved successfully.
C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\client\Local Settings\Application Data\Mozilla\Firefox\Profiles\a34s3wsj.default\XUL.mfl moved successfully.

Avg scan

51 réponses

Votre réponse

Discussions similaires

Newsletters