Sujet Précédent Sujet Suivant

Virus, explorer et internet en croix

djodjo1712 Messages postés 6 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
je suis infecté par plusieurs virus dont TR/Crypt.U.gen, TR/crypt.Xpack.gen mais en plus au démarage, explorer ne se lance plus et impossible de me connecter sur le net (j'envois ce post depuis un autre pc). Le gestionnaire de périphérique indique des points d'exclamation au niveau de ma carte réseau. Je ne sais plus quoi faire.
J'utilise Antivir qui est en train de scaner mon disque et j'en suis à 92 détections.
Quelqu'un a-t-il une solution?
A voir également:

9 réponses

Réponse 1 / 9
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt il faudrait le rapport d'antivir pour voir les infections

et passe y aussi et mets nous le rapport malwarebyte et rsit

scan avec malwarebyte , fais un scan minutieux et colle le rapport obtenu et vire ce qui est trouvé:

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/­

______________________

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
djodjo1712 Messages postés 6 Statut Membre
 
voila les fichiers log et info demandés
log:
Logfile of random's system information tool 1.05 (written by random/random)
Run by HP_Propriétaire at 2009-03-06 21:52:49
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 55 GB (37%) free of 145 GB
Total RAM: 503 MB (37% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00addf8e-6b97-78f2-295d-460e1fc19e88}]
adssite - C:\WINDOWS\system32\nsx5E.dll [2009-02-24 624128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8EB99B-DD08-1532-3A43-B1E0FA947E35}]
mysidesearch search enhancer - C:\WINDOWS\system32\pyccsploryqcitmkz.dll [2009-03-04 608256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{606E4B50-4518-B874-D426-56E6730F20A4}]
snappyads browser enhancer - C:\WINDOWS\system32\bmvqguifurrroijmy.dll [2009-03-03 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-06-14 509592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
MSNToolBandBHO - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]
- []
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PS2"=C:\WINDOWS\system32\ps2.exe [2004-10-25 110592]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-06-05 190024]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 434176]
"reader_s"=C:\WINDOWS\System32\reader_s.exe [2009-03-06 33280]
"mafleilnrakyuoe"=C:\WINDOWS\System32\regsvr32.exe [2008-04-14 29696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"services"=C:\WINDOWS\services.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1712640]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2006-12-07 204843]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 32768]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-06-05 190024]
"Neuf Media Center"=C:\Program Files\SFR\Media Center\MediaCenter.exe [2008-10-10 726336]
"reader_s"=C:\Documents and Settings\HP_Propriétaire\reader_s.exe [2009-03-06 33280]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-02-21 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
C:\WINDOWS\ALCWZRD.EXE [2005-02-18 2774528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AltnetPointsManager]
C:\Program Files\Altnet\Points Manager\Points Manager.exe -s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX3200]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-07-01 92160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Home Theater SchSvr]
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe [2004-11-05 126976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2004-11-02 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
C:\WINDOWS\system32\hphmon06.exe [2004-06-07 679936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [2004-06-07 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe [1998-05-07 70144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe [2003-07-24 1155122]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2005-08-11 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-08-11 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-08-15 271672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE [2003-02-11 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2006-01-15 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 237568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe [2007-10-09 475180]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 176128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-01-05 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 79360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 253952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
C:\Windows\Creator\Remind_XP.exe [2004-12-14 684032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SemanticInsight]
C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-02-21 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-06-14 132760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINREMOTE]
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe [2004-11-05 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2000-08-24 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-11-05 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-06-04 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2006-01-15 471040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-08-17 413696]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Moniteur WiFi OLITEC.exe.lnk - C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-11-02 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Kazaa Lite\kpp.exe"="C:\Program Files\Kazaa Lite\kpp.exe:*:Disabled:kpp"
"C:\Program Files\Kazaa Lite\ksharedfolder.exe"="C:\Program Files\Kazaa Lite\ksharedfolder.exe:*:Disabled:My Shared Folder"
"C:\WINDOWS\system32\P2P Networking\P2P Networking.exe"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe:*:Enabled:P2P Networking"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes fichiers reçus\magentic_install.exe"="C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes fichiers reçus\magentic_install.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Disabled:AOL France"
"C:\Program Files\Kazaa Lite\klrun.exe"="C:\Program Files\Kazaa Lite\klrun.exe:*:Disabled:Kazaa Lite"
"C:\Program Files\Kazaa\kazaa.exe"="C:\Program Files\Kazaa\kazaa.exe:*:Disabled:Kazaa Media Desktop"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\SFR\Media Center\httpd\httpd.exe"="C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32612dee-c5a8-11db-a3e0-0011d8c28a70}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e


======List of files/folders created in the last 1 months======

2009-03-06 21:52:51 ----D---- C:\Program Files\trend micro
2009-03-06 21:52:49 ----D---- C:\rsit
2009-03-06 20:40:10 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-06 17:08:44 ----A---- C:\WINDOWS\adobe.bat
2009-03-06 17:08:22 ----A---- C:\WINDOWS\system32\reader_s.exe
2009-03-06 17:08:20 ----A---- C:\WINDOWS\xccdf32_090305a.dll
2009-03-06 17:08:20 ----A---- C:\WINDOWS\system32\281.tmp
2009-03-06 17:08:16 ----D---- C:\WINDOWS\system32\inf
2009-03-06 17:08:16 ----A---- C:\WINDOWS\xccwinsys.ini
2009-03-06 17:08:06 ----A---- C:\WINDOWS\system32\27C.tmp
2009-03-06 16:35:54 ----A---- C:\WINDOWS\kdiue732.txt
2009-03-06 16:23:36 ----D---- C:\Program Files\Microsoft Works
2009-03-06 16:22:54 ----D---- C:\Program Files\Microsoft.NET
2009-03-06 16:19:47 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-06 16:19:05 ----RHD---- C:\MSOCache
2009-03-06 15:58:01 ----D---- C:\Program Files\Snappyads Games Collection
2009-03-06 15:57:56 ----A---- C:\WINDOWS\system32\pyccsploryqcitmkz.dll-uninst.exe
2009-03-06 15:57:52 ----A---- C:\WINDOWS\system32\rglevjefdov.exe
2009-03-06 15:38:00 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\gtk-2.0
2009-03-06 15:34:23 ----HD---- C:\Program Files\Zero G Registry
2009-03-06 15:34:23 ----D---- C:\Program Files\IHMC CmapTools
2009-03-06 15:32:20 ----D---- C:\Program Files\Dia
2009-03-05 14:42:13 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\WinRAR
2009-03-05 14:40:42 ----D---- C:\Program Files\WinRAR
2009-03-05 14:26:49 ----A---- C:\WINDOWS\system32\307d0759-4d8c-6529-3d02-25fe25731808.exe
2009-03-04 14:22:00 ----A---- C:\WINDOWS\system32\pyccsploryqcitmkz.dll
2009-03-03 01:42:40 ----A---- C:\WINDOWS\system32\bmvqguifurrroijmy.dll
2009-02-27 16:50:06 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Sibelius Software
2009-02-27 16:49:30 ----D---- C:\Program Files\Sibelius Software
2009-02-25 22:27:37 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-24 10:43:42 ----A---- C:\WINDOWS\system32\nsx5E.dll
2009-02-11 18:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

======List of files/folders modified in the last 1 months======

2009-03-06 21:52:51 ----AD---- C:\Program Files
2009-03-06 21:49:49 ----D---- C:\WINDOWS\Prefetch
2009-03-06 21:49:34 ----AD---- C:\WINDOWS\Temp
2009-03-06 21:34:29 ----D---- C:\WINDOWS\system
2009-03-06 21:17:01 ----D---- C:\Program Files\Windows Media Player
2009-03-06 21:16:50 ----D---- C:\Program Files\Windows Media Connect 2
2009-03-06 21:09:38 ----D---- C:\Program Files\IrfanView
2009-03-06 20:46:35 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-06 20:41:07 ----D---- C:\Documents and Settings
2009-03-06 20:40:10 ----D---- C:\WINDOWS
2009-03-06 20:36:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-06 19:53:01 ----D---- C:\WINDOWS\network diagnostic
2009-03-06 18:16:08 ----SHD---- C:\WINDOWS\Installer
2009-03-06 18:16:08 ----HD---- C:\Config.Msi
2009-03-06 18:08:00 ----A---- C:\WINDOWS\vbaddin.ini
2009-03-06 18:07:08 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-06 18:06:29 ----D---- C:\WINDOWS\WinSxS
2009-03-06 18:05:46 ----AD---- C:\WINDOWS\system32
2009-03-06 17:41:50 ----D---- C:\WINDOWS\system32\drivers
2009-03-06 17:41:25 ----D---- C:\WINDOWS\system32\dllcache
2009-03-06 17:29:33 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-03-06 17:29:30 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-03-06 17:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-03-06 17:29:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2009-03-06 17:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2009-03-06 17:29:14 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2009-03-06 17:28:34 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-03-06 16:27:11 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft
2009-03-06 16:23:53 ----D---- C:\WINDOWS\system32\config
2009-03-06 16:23:27 ----D---- C:\Program Files\Microsoft Office
2009-03-06 16:23:01 ----RSD---- C:\WINDOWS\Fonts
2009-03-06 16:22:54 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-06 16:22:12 ----A---- C:\WINDOWS\ODBC.INI
2009-03-06 16:19:50 ----HD---- C:\WINDOWS\inf
2009-03-06 15:54:16 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org2
2009-03-06 09:26:15 ----A---- C:\WINDOWS\BRWMARK.INI
2009-03-05 14:26:35 ----D---- C:\Program Files\Mozilla Firefox
2009-02-25 18:26:52 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-21 16:39:33 ----D---- C:\Program Files\Windows Live Safety Center
2009-02-12 13:17:17 ----D---- C:\WINDOWS\Debug
2009-02-11 18:01:12 ----D---- C:\Program Files\Internet Explorer
2009-02-11 18:01:02 ----D---- C:\WINDOWS\ie7updates
2009-02-10 09:43:02 ----D---- C:\WINDOWS\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-28 75072]
R1 InCDPass;InCdPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-07-24 28432]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-12-30 271360]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-12-30 18048]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-11-02 773565]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-02-23 2522560]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-01-31 7104]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-07-24 86752]
S1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2005-04-05 267192]
S1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 Cap7134;ASUS TV7134 WDM Video Capture; C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2004-10-27 335360]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-04 607452]
S3 MRVW225;802.11g/b Wireless LAN Dirver for Windows XP; C:\WINDOWS\system32\DRIVERS\MRVW225.sys [2006-09-29 299904]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PhTVTune;ASUS WDM TV Tuner; C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2004-10-24 24544]
S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2005-04-05 11512]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2005-04-05 173208]
S3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2005-04-05 36984]
S3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2005-04-05 47192]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2005-04-05 17976]
S3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-31 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-31 151297]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
R2 InCDsrv;InCD File System Service; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-07-24 786484]
S2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-06-28 126976]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 53248]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 286208]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 90112]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-08-15 501048]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SNDSrvc;Symantec Network Drivers Service; c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe [2005-04-05 206552]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 283648]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 935424]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------
info:
info.txt logfile of random's system information tool 1.05 2009-03-06 21:52:55

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{1A91D1FA-B9B3-4556-9878-5C61059A19B2}\setup.exe" REMOVEALL
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11E83B33-972B-4512-A447-FF0FD0246EE9}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BFBC62A-3353-443D-93BE-7AC641D9F342}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{89AD2814-AFA2-46AF-AE53-C27196D9FBE6}\setup.exe" REMOVEALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAA4CCCE-78DB-47B0-A651-68270D838BD4}\setup.exe" REMOVEALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B100B05B-E290-41EF-9366-8BC4C76D7769}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3568156-59C3-42DF-A520-2C25B6706C91}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 7.0.9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Agere Systems PCI Soft Modem-->agrsmdel
Ahead InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Ahead Nero Burning ROM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Ahead NeroMediaPlayer-->C:\WINDOWS\UNNMP.exe /UNINSTALL
Apple Mobile Device Support-->MsiExec.exe /I{763E8D6C-0098-4FF4-801A-3F311D2D9D80}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoImpression-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\setup.exe" -l0x40c -uninst
AtomixMP3 v2.3 Trial-->C:\PROGRA~1\ATOMIX~1\UNWISE.EXE C:\PROGRA~1\ATOMIX~1\INSTALL.LOG
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Barre d'outils MSN-->C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\mtbs.exe c
Brother HL-2030-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAA900B5-BC08-4070-805F-57F60A4EF8FC}\SETUP.exe" -l0x40c -removeonly /uninst
Browser Optimizer Adssite-->C:\WINDOWS\system32\adssite-remove.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Centre de Documentation et de Pédagogie-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0424A100-F6FC-46DB-BCFA-8690D5B795C3}\setup.exe"
Contextual Tool Adssite-->C:\WINDOWS\system32\307d0759-4d8c-6529-3d02-25fe25731808.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Dia (supprimer uniquement)-->C:\Program Files\Dia\dia-0.96.1-7-uninstall.exe
EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\setup.exe" uninst
EPSON Copy Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B69CC1A5-0404-11D6-ABCB-005004C21D30}\setup.exe" -l0x40c ADDREMOVEDLG
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}\setup.exe" -l0x40c MyUninstall
EPSON PhotoQuicker3.2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B2EFE303-A594-11D5-95EB-005004BC1C65}\setup.exe" uninst
EPSON PhotoStarter3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5983C895-DDA4-45D9-A8D1-877D5DE7693E}\setup.exe" uninst
EPSON Smart Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\setup.exe" -l0x40c Uninstall
EPSON TWAIN 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\setup.exe" -l0x40c UNINSTALL
fonXL Call Display Screen Saver-->C:\PROGRA~1\fonxl\UNWISE.EXE C:\PROGRA~1\fonxl\INSTALL.LOG
Help and Support Additions-->C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Appareils photos Photosmart 4.0-->C:\Program Files\HP\Digital Imaging\{4C04DF1B-6A39-4299-9DD1-1FA60000266E}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Image Zone 4.5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Plus 4.5.3-->C:\Program Files\HP\Digital Imaging\{D0420D64-8D33-4374-A2B2-9225C7925CA6}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP PSC & OfficeJet 4.0-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1}
HPIZplus450-->MsiExec.exe /X{7B98685A-4E21-4A4F-A2D6-DC557042BADA}
IHMC CmapTools v4.18-->"C:\Program Files\IHMC CmapTools\UninstallerData\Uninstall CmapTools.exe"
IncrediMail Xe-->C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo DiscLabel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3F058C0-A21C-452D-8D99-95B1A45F417D}\setup.exe" REMOVEALL
InterVideo Home Theater-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7514465-E5F3-48E9-A952-327DAEF33DE6}\setup.exe" REMOVEALL
InterVideo WinDVD Creator-->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iPod for Windows 2006-03-23-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB} /l1036
iTunes-->MsiExec.exe /I{974C05A0-C76C-4724-A9A2-11D5D1355729}
J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Language pack for Ad-Aware SE-->C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.12.11-->"C:\Program Files\LimeWire\uninstall.exe"
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Magentic-->C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic
Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Micro Application - Aménagez Votre Intérieur 3D-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Aménagez Votre Intérieur 3D\446227.isu"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 CD-ROM 2-->MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0054-040C-0000-0000000FF1CE} /uninstall {FA47AC65-8DFE-4FB5-8E26-7CD1807FB7E9}
Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {91120000-0051-0000-0000-0000000FF1CE} /uninstall {AA4F2610-5FF1-4DCD-A6FB-BCA2D09A6443}
Microsoft Office Visio MUI (French) 2007-->MsiExec.exe /X{90120000-0054-040C-0000-0000000FF1CE}
Microsoft Office Visio Professional 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPROR /dll OSETUP.DLL
Microsoft Office Visio Professional 2007-->MsiExec.exe /X{91120000-0051-0000-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Moniteur WiFi OLITEC-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE06F9AA-6C9D-4D64-A028-41B6340200AF}\setup.exe" -l0x40c -removeonly
Mozilla Firefox (2.0.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
OpenOffice.org 2.3-->MsiExec.exe /I{FADB55D0-403F-4413-A268-CF0A6F1185C2}
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
PC-Doctor for Windows-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0C66761E-497A-4BE3-AE0D-8EC30FC9A9AA} /l1036
Performance Dashboard Snappyads-->C:\WINDOWS\system32\rglevjefdov.exe
Photosmart 320,370,7400,8100,8400 Series (fra)-->C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\setup\hpzscr01.exe -datfile hphscr01.dat
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
Search Assistant Adssite-->C:\WINDOWS\system32\adssite_sidebar_uninstall.exe
Search Assistant Mysidesearch-->C:\WINDOWS\system32\pyccsploryqcitmkz.dll-uninst.exe
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0051-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0051-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0051-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
SFR - Media Center-->C:\Program Files\SFR\Media Center\uninstall.exe
Sibelius Scorch (ActiveX Only)-->MsiExec.exe /I{15CCBC5D-66A7-4131-8D36-E05F27B0E68F}
SimCity 4 Deluxe-->C:\Program Files\Maxis\SimCity 4 Deluxe\EAUninstall.exe
Snappyads Games Collection-->C:\Program Files\Snappyads Games Collection\uninstall.exe
Socialnetworking Helper Adssite-->C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Starware 4.2.1.0-->C:\Program Files\Starware\StarwareUninstall.exe
SweetIM For Internet Explorer 3.0b-->MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-0051-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
VideoLAN VLC media player 0.8.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Extras-->C:\PROGRA~1\Yahoo!\Common\unyext.exe
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Hosts File======

127.0.0.1 jL.chura.pl

======Security center information======

AV: Avira AntiVir PersonalEdition

System event log

Computer Name: NOM-EB85C523610
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Record Number: 24657
Source Name: Cdrom
Time Written: 20081128143914.000000+060
Event Type: erreur
User:

Computer Name: NOM-EB85C523610
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Record Number: 24656
Source Name: Cdrom
Time Written: 20081128143914.000000+060
Event Type: erreur
User:

Computer Name: NOM-EB85C523610
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Record Number: 24655
Source Name: Cdrom
Time Written: 20081128143913.000000+060
Event Type: erreur
User:

Computer Name: NOM-EB85C523610
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Record Number: 24654
Source Name: Cdrom
Time Written: 20081128143913.000000+060
Event Type: erreur
User:

Computer Name: NOM-EB85C523610
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Record Number: 24653
Source Name: Cdrom
Time Written: 20081128143912.000000+060
Event Type: erreur
User:

Application event log

Computer Name: NOM-EB85C523610
Event Code: 101
Message:
Record Number: 14391
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20080131122900.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 101
Message:
Record Number: 14390
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20080131122400.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 101
Message:
Record Number: 14389
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20080131121900.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 101
Message:
Record Number: 14388
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20080131121400.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: NOM-EB85C523610
Event Code: 101
Message:
Record Number: 14387
Source Name: Automatic LiveUpdate Scheduler
0
Réponse 2 / 9
djodjo1712 Messages postés 6 Statut Membre
 
voici le rapport antivir. Pour le reste je n'arrive plus à aller sur le net depuis le pc infecté....

Avira AntiVir Personal
Report file date: vendredi 6 mars 2009 20:51

Scanning for 1288153 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: NOM-EB85C523610

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 28/11/2008 07:30:31
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:10:20
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 14:01:19
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 17:26:52
ANTIVIR3.VDF : 7.1.2.134 157696 Bytes 06/03/2009 17:31:38
Engineversion : 8.2.0.105
AEVDF.DLL : 8.1.1.0 106868 Bytes 31/01/2009 16:16:12
AESCRIPT.DLL : 8.1.1.57 356729 Bytes 06/03/2009 17:31:43
AESCN.DLL : 8.1.1.8 127346 Bytes 06/03/2009 17:31:42
AERDL.DLL : 8.1.1.3 438645 Bytes 28/11/2008 07:30:32
AEPACK.DLL : 8.1.3.10 397686 Bytes 05/03/2009 17:29:52
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 27/02/2009 18:36:51
AEHEUR.DLL : 8.1.0.104 1634679 Bytes 06/03/2009 17:31:41
AEHELP.DLL : 8.1.2.2 119158 Bytes 27/02/2009 18:36:45
AEGEN.DLL : 8.1.1.25 336243 Bytes 06/03/2009 17:31:39
AEEMU.DLL : 8.1.0.9 393588 Bytes 31/10/2008 10:10:29
AECORE.DLL : 8.1.6.6 176501 Bytes 18/02/2009 17:45:42
AEBB.DLL : 8.1.0.3 53618 Bytes 31/10/2008 10:10:24
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 05/09/2008 09:27:02
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 6 mars 2009 20:51

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'taskmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'incdsrv.exe' - '1' Module(s) have been scanned
Scan process 'SAgent2.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'eEBSvc.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
19 processes with 19 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '60' files ).

Starting the file scan:

Begin scan in 'C:\' <Jordan>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hp\support\HPSysInfo.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '4a048146.qua'!
C:\Program Files\Fichiers communs\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_03.b07\launcher.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4a268224.qua'!
C:\Program Files\IHMC CmapTools\UninstallerData\Uninstall CmapTools.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '4a1a831e.qua'!
C:\Program Files\IrfanView\iv_uninstall.exe
[DETECTION] Is the TR/Crypt.ASPM.Gen Trojan
[NOTE] The file was moved to '4a108378.qua'!
C:\Program Files\OpenOffice.org 2.3\program\odbcconfig.exe
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '4a138478.qua'!
C:\Program Files\Windows Media Connect 2\wmccds.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a148519.qua'!
C:\Program Files\Windows Media Connect 2\WMCCFG.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49f484ff.qua'!
C:\Program Files\Windows Media Player\wmdbexport.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4a158522.qua'!
C:\Program Files\Windows Media Player\wmlaunch.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4a1d8527.qua'!
C:\Program Files\Windows Media Player\wmpenc.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4a21852a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP444\A0039700.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1850d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP444\A0039703.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1850f.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP444\A0039722.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18513.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP444\A0039748.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18516.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP464\A0040399.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18537.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP464\A0040426.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e1853a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041115.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18566.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041116.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18568.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041118.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1856a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041119.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1856c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041122.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1856f.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041124.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18571.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041125.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18573.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041126.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18577.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041127.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1857b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041128.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1857d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041129.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1857f.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041131.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18581.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041132.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18583.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041133.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18584.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041134.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18586.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041136.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18588.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041144.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e1858a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041149.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e1858e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041152.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18591.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041156.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18593.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041159.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185dc.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041163.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa10d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041166.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185dd.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041169.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa10e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041177.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185de.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041181.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa10f.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041183.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185df.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041185.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa130.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041224.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e185e2.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041226.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa133.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041232.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e185e3.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041233.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa134.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041256.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185e5.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041259.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa136.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041262.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185e6.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041265.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa137.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041268.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185e7.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041271.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa138.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041274.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185e8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041277.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa139.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041280.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185ea.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041283.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185e9.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041286.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa13a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041289.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa13b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041291.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185ec.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041295.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa13d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041297.exe
[DETECTION] Is the TR/Crypt.CFI.Gen Trojan
[NOTE] The file was moved to '49e185eb.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041301.exe
[DETECTION] Is the TR/Crypt.CFI.Gen Trojan
[NOTE] The file was moved to '4abaa13c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041355.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e185ef.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041359.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e185f0.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041360.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa121.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041589.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e185fb.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041689.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18600.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041711.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18601.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041730.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18602.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041861.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18608.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041867.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa2d9.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041869.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e18609.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041877.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa2da.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041929.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e1860b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041936.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1860c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0042234.dll
[DETECTION] Is the TR/Vapsup.lsp Trojan
[NOTE] The file was moved to '49e18620.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043090.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e1862c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043091.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e1862d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043114.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e18630.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043127.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e18631.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043146.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18633.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043314.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e18643.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043355.exe
[DETECTION] Is the TR/Crypt.ASPM.Gen Trojan
[NOTE] The file was moved to '49e18646.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043435.exe
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '49e1864c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043507.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18655.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043508.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa286.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043511.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18657.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043512.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18656.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043513.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa287.qua'!
C:\WINDOWS\system\xccef090305.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a148938.qua'!
C:\WINDOWS\system32\inf\xccefb090305.scr
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a1489a5.qua'!
Begin scan in 'D:\' <HP_RECOVERY>
D:\I386\Apps\APP02430\dodont\PCIFINDX.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8a58.qua'!
D:\I386\Apps\APP19661\SUPPORT\TOOLS\SETUP.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4a058a8a.qua'!
D:\I386\Drv\APP18952\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aa1.qua'!
D:\I386\Drv\APP18952\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4aa6a6d2.qua'!
D:\I386\Drv\APP28754\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aa4.qua'!
D:\I386\Drv\APP28754\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4aa6a6d5.qua'!
D:\I386\Drv\APP14752\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aa7.qua'!
D:\I386\Drv\APP14752\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aa8.qua'!
D:\I386\Drv\APP08232\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4aa1ae79.qua'!
D:\I386\Drv\APP08232\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aa9.qua'!
D:\I386\Drv\APP32117\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4aa1ae7a.qua'!
D:\I386\Drv\APP32117\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aaa.qua'!
D:\I386\Drv\APP03900\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4aa1ae7b.qua'!
D:\I386\Drv\APP03900\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aab.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043597.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18aaa.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043644.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18aaf.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043656.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab0.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043659.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaae61.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043666.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab1.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043669.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaae62.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043680.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab2.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043683.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab3.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043684.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaae64.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043687.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab5.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043688.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab4.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043691.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaae65.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043692.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab6.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043695.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaae66.qua'!

End of the scan: vendredi 6 mars 2009 21:41
Used time: 50:02 Minute(s)

The scan has been done completely.

9229 Scanning directories
592586 Files were scanned
121 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
121 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
592463 Files not concerned
16523 Archives were scanned
6 Warnings
121 Notes
0
Réponse 3 / 9
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
si tu étais en Ethernet et qu'il y a une point d'exclamation: réinstalle via ton cd d'installation le pilote de l'Ethernet

sinon connecte toi en usb ou wifi pour voir

sinon transféré ce qui a été donné depuis une clé usb et transmets les rapports
0
Réponse 4 / 9
djodjo1712 Messages postés 6 Statut Membre
 
oui voila les rapports:
antivir:

Avira AntiVir Personal
Report file date: vendredi 6 mars 2009 20:51

Scanning for 1288153 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: NOM-EB85C523610

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 28/11/2008 07:30:31
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:10:20
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 14:01:19
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 17:26:52
ANTIVIR3.VDF : 7.1.2.134 157696 Bytes 06/03/2009 17:31:38
Engineversion : 8.2.0.105
AEVDF.DLL : 8.1.1.0 106868 Bytes 31/01/2009 16:16:12
AESCRIPT.DLL : 8.1.1.57 356729 Bytes 06/03/2009 17:31:43
AESCN.DLL : 8.1.1.8 127346 Bytes 06/03/2009 17:31:42
AERDL.DLL : 8.1.1.3 438645 Bytes 28/11/2008 07:30:32
AEPACK.DLL : 8.1.3.10 397686 Bytes 05/03/2009 17:29:52
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 27/02/2009 18:36:51
AEHEUR.DLL : 8.1.0.104 1634679 Bytes 06/03/2009 17:31:41
AEHELP.DLL : 8.1.2.2 119158 Bytes 27/02/2009 18:36:45
AEGEN.DLL : 8.1.1.25 336243 Bytes 06/03/2009 17:31:39
AEEMU.DLL : 8.1.0.9 393588 Bytes 31/10/2008 10:10:29
AECORE.DLL : 8.1.6.6 176501 Bytes 18/02/2009 17:45:42
AEBB.DLL : 8.1.0.3 53618 Bytes 31/10/2008 10:10:24
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 05/09/2008 09:27:02
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 6 mars 2009 20:51

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'taskmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'incdsrv.exe' - '1' Module(s) have been scanned
Scan process 'SAgent2.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'eEBSvc.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
19 processes with 19 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '60' files ).

Starting the file scan:

Begin scan in 'C:\' <Jordan>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hp\support\HPSysInfo.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '4a048146.qua'!
C:\Program Files\Fichiers communs\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_03.b07\launcher.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4a268224.qua'!
C:\Program Files\IHMC CmapTools\UninstallerData\Uninstall CmapTools.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '4a1a831e.qua'!
C:\Program Files\IrfanView\iv_uninstall.exe
[DETECTION] Is the TR/Crypt.ASPM.Gen Trojan
[NOTE] The file was moved to '4a108378.qua'!
C:\Program Files\OpenOffice.org 2.3\program\odbcconfig.exe
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '4a138478.qua'!
C:\Program Files\Windows Media Connect 2\wmccds.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a148519.qua'!
C:\Program Files\Windows Media Connect 2\WMCCFG.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49f484ff.qua'!
C:\Program Files\Windows Media Player\wmdbexport.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4a158522.qua'!
C:\Program Files\Windows Media Player\wmlaunch.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4a1d8527.qua'!
C:\Program Files\Windows Media Player\wmpenc.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4a21852a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP444\A0039700.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1850d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP444\A0039703.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1850f.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP444\A0039722.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18513.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP444\A0039748.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18516.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP464\A0040399.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18537.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP464\A0040426.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e1853a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041115.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18566.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041116.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18568.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041118.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1856a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041119.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1856c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041122.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1856f.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041124.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18571.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041125.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18573.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041126.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18577.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041127.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1857b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041128.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1857d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041129.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1857f.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041131.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18581.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041132.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18583.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041133.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18584.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041134.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18586.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041136.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18588.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041144.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e1858a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041149.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e1858e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041152.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18591.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041156.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18593.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041159.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185dc.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041163.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa10d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041166.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185dd.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041169.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa10e.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041177.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185de.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041181.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa10f.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041183.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185df.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041185.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa130.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041224.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e185e2.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041226.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa133.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041232.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e185e3.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041233.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa134.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041256.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185e5.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041259.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa136.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041262.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185e6.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041265.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa137.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041268.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185e7.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041271.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa138.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041274.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185e8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041277.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa139.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041280.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185ea.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041283.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185e9.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041286.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa13a.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041289.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa13b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041291.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e185ec.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041295.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa13d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041297.exe
[DETECTION] Is the TR/Crypt.CFI.Gen Trojan
[NOTE] The file was moved to '49e185eb.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041301.exe
[DETECTION] Is the TR/Crypt.CFI.Gen Trojan
[NOTE] The file was moved to '4abaa13c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041355.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e185ef.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041359.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e185f0.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041360.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa121.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041589.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e185fb.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041689.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18600.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041711.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18601.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041730.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18602.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041861.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18608.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041867.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa2d9.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041869.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e18609.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041877.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa2da.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041929.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e1860b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP482\A0041936.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e1860c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0042234.dll
[DETECTION] Is the TR/Vapsup.lsp Trojan
[NOTE] The file was moved to '49e18620.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043090.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e1862c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043091.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e1862d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043114.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e18630.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043127.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e18631.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043146.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18633.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043314.exe
[DETECTION] Is the TR/Crypt.U.Gen Trojan
[NOTE] The file was moved to '49e18643.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043355.exe
[DETECTION] Is the TR/Crypt.ASPM.Gen Trojan
[NOTE] The file was moved to '49e18646.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043435.exe
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '49e1864c.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043507.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '49e18655.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043508.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4abaa286.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043511.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18657.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043512.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18656.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043513.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaa287.qua'!
C:\WINDOWS\system\xccef090305.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a148938.qua'!
C:\WINDOWS\system32\inf\xccefb090305.scr
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a1489a5.qua'!
Begin scan in 'D:\' <HP_RECOVERY>
D:\I386\Apps\APP02430\dodont\PCIFINDX.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8a58.qua'!
D:\I386\Apps\APP19661\SUPPORT\TOOLS\SETUP.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4a058a8a.qua'!
D:\I386\Drv\APP18952\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aa1.qua'!
D:\I386\Drv\APP18952\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4aa6a6d2.qua'!
D:\I386\Drv\APP28754\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aa4.qua'!
D:\I386\Drv\APP28754\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4aa6a6d5.qua'!
D:\I386\Drv\APP14752\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aa7.qua'!
D:\I386\Drv\APP14752\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aa8.qua'!
D:\I386\Drv\APP08232\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4aa1ae79.qua'!
D:\I386\Drv\APP08232\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aa9.qua'!
D:\I386\Drv\APP32117\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4aa1ae7a.qua'!
D:\I386\Drv\APP32117\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aaa.qua'!
D:\I386\Drv\APP03900\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4aa1ae7b.qua'!
D:\I386\Drv\APP03900\executable\PCIFINDX.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49fa8aab.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043597.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18aaa.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043644.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18aaf.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043656.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab0.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043659.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaae61.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043666.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab1.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043669.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaae62.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043680.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab2.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043683.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab3.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043684.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaae64.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043687.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab5.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043688.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab4.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043691.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaae65.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043692.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49e18ab6.qua'!
D:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP483\A0043695.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4abaae66.qua'!

End of the scan: vendredi 6 mars 2009 21:41
Used time: 50:02 Minute(s)

The scan has been done completely.

9229 Scanning directories
592586 Files were scanned
121 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
121 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
592463 Files not concerned
16523 Archives were scanned
6 Warnings
121 Notes

log:
Logfile of random's system information tool 1.05 (written by random/random)
Run by HP_Propriétaire at 2009-03-06 21:52:49
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 55 GB (37%) free of 145 GB
Total RAM: 503 MB (37% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00addf8e-6b97-78f2-295d-460e1fc19e88}]
adssite - C:\WINDOWS\system32\nsx5E.dll [2009-02-24 624128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8EB99B-DD08-1532-3A43-B1E0FA947E35}]
mysidesearch search enhancer - C:\WINDOWS\system32\pyccsploryqcitmkz.dll [2009-03-04 608256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{606E4B50-4518-B874-D426-56E6730F20A4}]
snappyads browser enhancer - C:\WINDOWS\system32\bmvqguifurrroijmy.dll [2009-03-03 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-06-14 509592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
MSNToolBandBHO - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]
- []
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PS2"=C:\WINDOWS\system32\ps2.exe [2004-10-25 110592]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-06-05 190024]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 434176]
"reader_s"=C:\WINDOWS\System32\reader_s.exe [2009-03-06 33280]
"mafleilnrakyuoe"=C:\WINDOWS\System32\regsvr32.exe [2008-04-14 29696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"services"=C:\WINDOWS\services.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1712640]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2006-12-07 204843]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 32768]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-06-05 190024]
"Neuf Media Center"=C:\Program Files\SFR\Media Center\MediaCenter.exe [2008-10-10 726336]
"reader_s"=C:\Documents and Settings\HP_Propriétaire\reader_s.exe [2009-03-06 33280]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-02-21 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
C:\WINDOWS\ALCWZRD.EXE [2005-02-18 2774528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AltnetPointsManager]
C:\Program Files\Altnet\Points Manager\Points Manager.exe -s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX3200]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-07-01 92160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Home Theater SchSvr]
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe [2004-11-05 126976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2004-11-02 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
C:\WINDOWS\system32\hphmon06.exe [2004-06-07 679936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [2004-06-07 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe [1998-05-07 70144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe [2003-07-24 1155122]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2005-08-11 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-08-11 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-08-15 271672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE [2003-02-11 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2006-01-15 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 237568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe [2007-10-09 475180]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 176128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-01-05 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 79360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 253952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
C:\Windows\Creator\Remind_XP.exe [2004-12-14 684032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SemanticInsight]
C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-02-21 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-06-14 132760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINREMOTE]
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe [2004-11-05 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2000-08-24 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-11-05 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-06-04 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2006-01-15 471040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-08-17 413696]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Moniteur WiFi OLITEC.exe.lnk - C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-11-02 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Kazaa Lite\kpp.exe"="C:\Program Files\Kazaa Lite\kpp.exe:*:Disabled:kpp"
"C:\Program Files\Kazaa Lite\ksharedfolder.exe"="C:\Program Files\Kazaa Lite\ksharedfolder.exe:*:Disabled:My Shared Folder"
"C:\WINDOWS\system32\P2P Networking\P2P Networking.exe"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe:*:Enabled:P2P Networking"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes fichiers reçus\magentic_install.exe"="C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes fichiers reçus\magentic_install.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Disabled:AOL France"
"C:\Program Files\Kazaa Lite\klrun.exe"="C:\Program Files\Kazaa Lite\klrun.exe:*:Disabled:Kazaa Lite"
"C:\Program Files\Kazaa\kazaa.exe"="C:\Program Files\Kazaa\kazaa.exe:*:Disabled:Kazaa Media Desktop"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\SFR\Media Center\httpd\httpd.exe"="C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32612dee-c5a8-11db-a3e0-0011d8c28a70}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

======List of files/folders created in the last 1 months======

2009-03-06 21:52:51 ----D---- C:\Program Files\trend micro
2009-03-06 21:52:49 ----D---- C:\rsit
2009-03-06 20:40:10 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-06 17:08:44 ----A---- C:\WINDOWS\adobe.bat
2009-03-06 17:08:22 ----A---- C:\WINDOWS\system32\reader_s.exe
2009-03-06 17:08:20 ----A---- C:\WINDOWS\xccdf32_090305a.dll
2009-03-06 17:08:20 ----A---- C:\WINDOWS\system32\281.tmp
2009-03-06 17:08:16 ----D---- C:\WINDOWS\system32\inf
2009-03-06 17:08:16 ----A---- C:\WINDOWS\xccwinsys.ini
2009-03-06 17:08:06 ----A---- C:\WINDOWS\system32\27C.tmp
2009-03-06 16:35:54 ----A---- C:\WINDOWS\kdiue732.txt
2009-03-06 16:23:36 ----D---- C:\Program Files\Microsoft Works
2009-03-06 16:22:54 ----D---- C:\Program Files\Microsoft.NET
2009-03-06 16:19:47 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-06 16:19:05 ----RHD---- C:\MSOCache
2009-03-06 15:58:01 ----D---- C:\Program Files\Snappyads Games Collection
2009-03-06 15:57:56 ----A---- C:\WINDOWS\system32\pyccsploryqcitmkz.dll-uninst.exe
2009-03-06 15:57:52 ----A---- C:\WINDOWS\system32\rglevjefdov.exe
2009-03-06 15:38:00 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\gtk-2.0
2009-03-06 15:34:23 ----HD---- C:\Program Files\Zero G Registry
2009-03-06 15:34:23 ----D---- C:\Program Files\IHMC CmapTools
2009-03-06 15:32:20 ----D---- C:\Program Files\Dia
2009-03-05 14:42:13 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\WinRAR
2009-03-05 14:40:42 ----D---- C:\Program Files\WinRAR
2009-03-05 14:26:49 ----A---- C:\WINDOWS\system32\307d0759-4d8c-6529-3d02-25fe25731808.exe
2009-03-04 14:22:00 ----A---- C:\WINDOWS\system32\pyccsploryqcitmkz.dll
2009-03-03 01:42:40 ----A---- C:\WINDOWS\system32\bmvqguifurrroijmy.dll
2009-02-27 16:50:06 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Sibelius Software
2009-02-27 16:49:30 ----D---- C:\Program Files\Sibelius Software
2009-02-25 22:27:37 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-24 10:43:42 ----A---- C:\WINDOWS\system32\nsx5E.dll
2009-02-11 18:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

======List of files/folders modified in the last 1 months======

2009-03-06 21:52:51 ----AD---- C:\Program Files
2009-03-06 21:49:49 ----D---- C:\WINDOWS\Prefetch
2009-03-06 21:49:34 ----AD---- C:\WINDOWS\Temp
2009-03-06 21:34:29 ----D---- C:\WINDOWS\system
2009-03-06 21:17:01 ----D---- C:\Program Files\Windows Media Player
2009-03-06 21:16:50 ----D---- C:\Program Files\Windows Media Connect 2
2009-03-06 21:09:38 ----D---- C:\Program Files\IrfanView
2009-03-06 20:46:35 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-06 20:41:07 ----D---- C:\Documents and Settings
2009-03-06 20:40:10 ----D---- C:\WINDOWS
2009-03-06 20:36:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-06 19:53:01 ----D---- C:\WINDOWS\network diagnostic
2009-03-06 18:16:08 ----SHD---- C:\WINDOWS\Installer
2009-03-06 18:16:08 ----HD---- C:\Config.Msi
2009-03-06 18:08:00 ----A---- C:\WINDOWS\vbaddin.ini
2009-03-06 18:07:08 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-06 18:06:29 ----D---- C:\WINDOWS\WinSxS
2009-03-06 18:05:46 ----AD---- C:\WINDOWS\system32
2009-03-06 17:41:50 ----D---- C:\WINDOWS\system32\drivers
2009-03-06 17:41:25 ----D---- C:\WINDOWS\system32\dllcache
2009-03-06 17:29:33 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-03-06 17:29:30 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-03-06 17:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-03-06 17:29:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2009-03-06 17:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2009-03-06 17:29:14 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2009-03-06 17:28:34 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-03-06 16:27:11 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft
2009-03-06 16:23:53 ----D---- C:\WINDOWS\system32\config
2009-03-06 16:23:27 ----D---- C:\Program Files\Microsoft Office
2009-03-06 16:23:01 ----RSD---- C:\WINDOWS\Fonts
2009-03-06 16:22:54 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-06 16:22:12 ----A---- C:\WINDOWS\ODBC.INI
2009-03-06 16:19:50 ----HD---- C:\WINDOWS\inf
2009-03-06 15:54:16 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org2
2009-03-06 09:26:15 ----A---- C:\WINDOWS\BRWMARK.INI
2009-03-05 14:26:35 ----D---- C:\Program Files\Mozilla Firefox
2009-02-25 18:26:52 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-21 16:39:33 ----D---- C:\Program Files\Windows Live Safety Center
2009-02-12 13:17:17 ----D---- C:\WINDOWS\Debug
2009-02-11 18:01:12 ----D---- C:\Program Files\Internet Explorer
2009-02-11 18:01:02 ----D---- C:\WINDOWS\ie7updates
2009-02-10 09:43:02 ----D---- C:\WINDOWS\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-28 75072]
R1 InCDPass;InCdPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-07-24 28432]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-12-30 271360]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-12-30 18048]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-11-02 773565]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-02-23 2522560]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-01-31 7104]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-07-24 86752]
S1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2005-04-05 267192]
S1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 Cap7134;ASUS TV7134 WDM Video Capture; C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2004-10-27 335360]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-04 607452]
S3 MRVW225;802.11g/b Wireless LAN Dirver for Windows XP; C:\WINDOWS\system32\DRIVERS\MRVW225.sys [2006-09-29 299904]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PhTVTune;ASUS WDM TV Tuner; C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2004-10-24 24544]
S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2005-04-05 11512]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2005-04-05 173208]
S3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2005-04-05 36984]
S3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2005-04-05 47192]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2005-04-05 17976]
S3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-31 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-31 151297]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
R2 InCDsrv;InCD File System Service; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-07-24 786484]
S2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-06-28 126976]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 53248]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 286208]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 90112]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-08-15 501048]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SNDSrvc;Symantec Network Drivers Service; c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe [2005-04-05 206552]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 283648]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
scan avec malwarebyte , fais un scan minutieux et colle le rapport obtenu et vire ce qui est trouvé:

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/­­

______________________

Télécharge RavAntivirus d'Evosla :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus

# Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
# Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
# Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
# Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
# Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
# Retire tes disques amovibles et redémarrez votre ordinateur.
# Poste le rapport, si infection!

2/ Télécharge sur le bureau Flash Disinfector (de SUBS) à cette adresse : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe

Double-clique sur l’icône.
Les icônes vont disparaître. C’est normal.
Si un rapport est généré en cas d'infection, sauvegarde-le sur le bureau, et poste le ensuite
Redémarre ensuite le PC.

___________________________

smit fraud fix (colle le rapport)

1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php

2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes.

a demain!
0
Réponse 6 / 9
djodjo1712 Messages postés 6 Statut Membre
 
voici les rapports

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1749
Windows 5.1.2600 Service Pack 3

06/03/2009 23:32:20
mbam-log-2009-03-06 (23-32-20).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 177491
Temps écoulé: 1 hour(s), 21 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 21
Fichier(s) infecté(s): 82

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{48dc6ffb-64d7-42e8-949d-8ef2641eb73a} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c1a6d8b8-93c3-4186-9dd1-13983f9f1d9b} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{b4094603-dda9-4caf-9b13-0ad1034c9c53} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3160f356-e8c3-4de2-a698-92eeeb3d3400} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9c8a568e-4201-478a-8536-526cf371d2e2} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{36a91cec-6c71-4758-b492-397bfc8e96a2} (Adware.Rightonadz) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssite (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssitesearchassistant (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\starware (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00addf8e-6b97-78f2-295d-460e1fc19e88} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00addf8e-6b97-78f2-295d-460e1fc19e88} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0e8eb99b-dd08-1532-3a43-b1e0fa947e35} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e8eb99b-dd08-1532-3a43-b1e0fa947e35} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{606e4b50-4518-b874-d426-56e6730f20a4} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{606e4b50-4518-b874-d426-56e6730f20a4} (Adware.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reader_s (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reader_s (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mafleilnrakyuoe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\searchassistant (Adware.Starware) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Starware (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware\bin (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware\icons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\PopupBlocker (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Recipes (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Reference (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\SearchMatch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\SearchMatch\searchMatchPages (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire\reader_s.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\WINDOWS\system32\reader_s.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\nsaC4.tmp\InstallOptions.dll (Adware.MilehighAds) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\nsaC4.tmp\wansis.dll (Adware.MilehighAds) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\nsaC4.tmp\downloads\68.ex_ (Adware.SnappyAds) -> Quarantined and deleted successfully.
C:\Program Files\Starware\brand.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware\StarwareConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware\StarwareUninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\Tem110.tmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\U000243E5.exe (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\416_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\416_button_1b_def.pinkcorners.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\416_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\416_button_1b_over.pinkcorners.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\416_button_8b_def.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\416_button_8b_over.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\417_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\417_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\417_button_8b_def.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\417_button_8b_over.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\blocker.cur (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\brand.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\Highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\HighlightHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\logo.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\logoxp.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\PopupBlocker.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\PopupBlockerHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\popupblockerhotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\buttons\popupblockerxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\contexts\travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Layouts\PreferencesLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Layouts\PreferencesLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Recipes\RecipesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Recipes\RecipesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\SearchMatch\SearchMatchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\SearchMatch\SearchMatchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\adssite-remove.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bmvqguifurrroijmy.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\adssite_sidebar_uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rightonadz-uninst.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\urlredir.cfg (Adware.RightOnAds) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32a.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nsx5E.dll (Adware.BHO) -> Delete on reboot.
C:\WINDOWS\system32\pyccsploryqcitmkz.dll (Adware.BHO) -> Delete on reboot.

SmitFraudFix v2.400

Rapport fait à 23:53:22,17, 06/03/2009
Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

C:\autorun.inf PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{197740F7-5F33-4B0C-9A8C-672936FAEBBA}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{F28EC6EB-5CEE-4DF0-B106-692BAA35A613}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{197740F7-5F33-4B0C-9A8C-672936FAEBBA}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{F28EC6EB-5CEE-4DF0-B106-692BAA35A613}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{197740F7-5F33-4B0C-9A8C-672936FAEBBA}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{F28EC6EB-5CEE-4DF0-B106-692BAA35A613}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

bonne nuit à demain
0
Réponse 7 / 9
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
remets un r&apport RSIT et dis tes soucis et vire ce qui est en quarantaine dans malwarebyte et antivir
0
Réponse 8 / 9
djodjo1712 Messages postés 6 Statut Membre
 
Bonjour à toi
voici le nouveau rapport RSIT.
J'ai viré ce qui'l y avait en quarantaine puis j'ai lancé ccleaner.
Voila mes soucis:
*Mis à part en mose sans échec, au démarrage explorer.exe ne se lance plus. Même avec la commande executer, windows me dit que par sécurité il refuse l'ouverture du programme. Idem avec Regedit ou tout autre commande.
* Ma carte réseau n'est plus détéctée. D'autres péripéhriques montrent un point d'exclamation jaune. Donc plus de connexion.
* Au démarrage, winows me demande un code adminstrateur alors que je n'ai jamais demandé qu'il propose plusieur session. j'ai trouvé des astuces par rapport aux clé de registre qui m'on partiellement reglé le problème.
*Enfin, lorsque je tente d'acceder au HP restore, une erreur fatale se produit et plante tout le système.
RAPPORT RSIT:
Logfile of random's system information tool 1.05 (written by random/random)
Run by HP_Propriétaire at 2009-03-07 14:02:20
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 55 GB (38%) free of 145 GB
Total RAM: 503 MB (72% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-06-14 509592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
ST - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
MSNToolBandBHO - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]
- []
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PS2"=C:\WINDOWS\system32\ps2.exe [2004-10-25 110592]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-06-05 190024]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 434176]
"SDFix"=C:\DOCUME~1\ADMINI~1\Bureau\SDFix\RunThis.bat [2008-11-06 964661]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1712640]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2006-12-07 204843]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 32768]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-06-05 190024]
"Neuf Media Center"=C:\Program Files\SFR\Media Center\MediaCenter.exe [2008-10-10 726336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-02-21 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
C:\WINDOWS\ALCWZRD.EXE [2005-02-18 2774528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AltnetPointsManager]
C:\Program Files\Altnet\Points Manager\Points Manager.exe -s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX3200]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-07-01 92160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Home Theater SchSvr]
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe [2004-11-05 126976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2004-11-02 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
C:\WINDOWS\system32\hphmon06.exe [2004-06-07 679936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [2004-06-07 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe [1998-05-07 70144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe [2003-07-24 1155122]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2005-08-11 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-08-11 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-08-15 271672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE [2003-02-11 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2006-01-15 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 237568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 274432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe [2007-10-09 475180]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 176128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-01-05 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 79360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 253952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
C:\Windows\Creator\Remind_XP.exe [2004-12-14 684032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SemanticInsight]
C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-02-21 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-06-14 132760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINREMOTE]
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe [2004-11-05 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2000-08-24 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-11-05 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-06-04 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [2005-09-23 47616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2006-01-15 471040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-08-17 413696]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Moniteur WiFi OLITEC.exe.lnk - C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-11-02 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NofolderOptions"=0
"NoFind"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveTypeAutoRun"=
"NoFolderOptions"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Kazaa Lite\kpp.exe"="C:\Program Files\Kazaa Lite\kpp.exe:*:Disabled:kpp"
"C:\Program Files\Kazaa Lite\ksharedfolder.exe"="C:\Program Files\Kazaa Lite\ksharedfolder.exe:*:Disabled:My Shared Folder"
"C:\WINDOWS\system32\P2P Networking\P2P Networking.exe"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe:*:Enabled:P2P Networking"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes fichiers reçus\magentic_install.exe"="C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes fichiers reçus\magentic_install.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Disabled:AOL France"
"C:\Program Files\Kazaa Lite\klrun.exe"="C:\Program Files\Kazaa Lite\klrun.exe:*:Disabled:Kazaa Lite"
"C:\Program Files\Kazaa\kazaa.exe"="C:\Program Files\Kazaa\kazaa.exe:*:Disabled:Kazaa Media Desktop"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\SFR\Media Center\httpd\httpd.exe"="C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32612dee-c5a8-11db-a3e0-0011d8c28a70}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

======List of files/folders created in the last 1 months======

2009-03-07 01:12:34 ----D---- C:\SDFix
2009-03-07 01:01:03 ----AD---- C:\autorun.inf
2009-03-07 01:00:01 ----D---- C:\Program Files\trend micro
2009-03-06 23:51:01 ----A---- C:\WINDOWS\system32\tmp.txt
2009-03-06 23:50:39 ----A---- C:\rapport.txt
2009-03-06 23:50:24 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2009-03-06 23:50:24 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2009-03-06 23:50:24 ----A---- C:\WINDOWS\system32\Process.exe
2009-03-06 23:50:24 ----A---- C:\WINDOWS\system32\dumphive.exe
2009-03-06 23:42:55 ----D---- C:\WINDOWS\ERUNT
2009-03-06 22:09:41 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes
2009-03-06 22:09:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-06 22:09:34 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-06 21:52:49 ----D---- C:\rsit
2009-03-06 20:40:10 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-06 17:08:44 ----A---- C:\WINDOWS\adobe.bat
2009-03-06 17:08:20 ----A---- C:\WINDOWS\xccdf32_090305a.dll
2009-03-06 17:08:16 ----D---- C:\WINDOWS\system32\inf
2009-03-06 17:08:16 ----A---- C:\WINDOWS\xccwinsys.ini
2009-03-06 16:35:54 ----A---- C:\WINDOWS\kdiue732.txt
2009-03-06 16:23:36 ----D---- C:\Program Files\Microsoft Works
2009-03-06 16:22:54 ----D---- C:\Program Files\Microsoft.NET
2009-03-06 16:19:47 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-06 16:19:05 ----RHD---- C:\MSOCache
2009-03-06 15:58:01 ----D---- C:\Program Files\Snappyads Games Collection
2009-03-06 15:57:56 ----A---- C:\WINDOWS\system32\pyccsploryqcitmkz.dll-uninst.exe
2009-03-06 15:57:52 ----A---- C:\WINDOWS\system32\rglevjefdov.exe
2009-03-06 15:38:00 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\gtk-2.0
2009-03-06 15:34:23 ----HD---- C:\Program Files\Zero G Registry
2009-03-06 15:34:23 ----D---- C:\Program Files\IHMC CmapTools
2009-03-06 15:32:20 ----D---- C:\Program Files\Dia
2009-03-05 14:42:13 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\WinRAR
2009-03-05 14:40:42 ----D---- C:\Program Files\WinRAR
2009-03-05 14:26:49 ----A---- C:\WINDOWS\system32\307d0759-4d8c-6529-3d02-25fe25731808.exe
2009-02-27 16:50:06 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Sibelius Software
2009-02-27 16:49:30 ----D---- C:\Program Files\Sibelius Software
2009-02-25 22:27:37 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-11 18:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

======List of files/folders modified in the last 1 months======

2009-03-07 14:02:13 ----D---- C:\WINDOWS
2009-03-07 13:58:28 ----AD---- C:\WINDOWS\Temp
2009-03-07 02:06:51 ----D---- C:\WINDOWS\Prefetch
2009-03-07 01:49:36 ----AD---- C:\WINDOWS\system32
2009-03-07 01:47:51 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-07 01:14:38 ----D---- C:\WINDOWS\system32\dllcache
2009-03-07 01:01:08 ----D---- C:\Program Files\Google
2009-03-07 00:58:08 ----RSD---- C:\WINDOWS\Fonts
2009-03-06 23:41:44 ----SHD---- C:\RECYCLER
2009-03-06 23:34:04 ----D---- C:\WINDOWS\system32\drivers
2009-03-06 23:32:20 ----AD---- C:\Program Files
2009-03-06 21:34:29 ----D---- C:\WINDOWS\system
2009-03-06 21:17:01 ----D---- C:\Program Files\Windows Media Player
2009-03-06 21:16:50 ----D---- C:\Program Files\Windows Media Connect 2
2009-03-06 21:09:38 ----D---- C:\Program Files\IrfanView
2009-03-06 20:41:07 ----D---- C:\Documents and Settings
2009-03-06 19:53:01 ----D---- C:\WINDOWS\network diagnostic
2009-03-06 18:16:08 ----SHD---- C:\WINDOWS\Installer
2009-03-06 18:16:08 ----HD---- C:\Config.Msi
2009-03-06 18:08:00 ----A---- C:\WINDOWS\vbaddin.ini
2009-03-06 18:07:08 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-06 18:06:29 ----D---- C:\WINDOWS\WinSxS
2009-03-06 17:29:33 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-03-06 17:29:30 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-03-06 17:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-03-06 17:29:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2009-03-06 17:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2009-03-06 17:29:14 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2009-03-06 17:28:34 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-03-06 16:27:11 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft
2009-03-06 16:23:53 ----D---- C:\WINDOWS\system32\config
2009-03-06 16:23:27 ----D---- C:\Program Files\Microsoft Office
2009-03-06 16:22:54 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-06 16:22:12 ----A---- C:\WINDOWS\ODBC.INI
2009-03-06 16:19:50 ----HD---- C:\WINDOWS\inf
2009-03-06 15:54:16 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\OpenOffice.org2
2009-03-06 09:26:15 ----A---- C:\WINDOWS\BRWMARK.INI
2009-03-05 14:26:35 ----D---- C:\Program Files\Mozilla Firefox
2009-02-25 18:26:52 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-21 16:39:33 ----D---- C:\Program Files\Windows Live Safety Center
2009-02-12 13:17:17 ----D---- C:\WINDOWS\Debug
2009-02-11 18:01:12 ----D---- C:\Program Files\Internet Explorer
2009-02-11 18:01:02 ----D---- C:\WINDOWS\ie7updates
2009-02-10 09:43:02 ----D---- C:\WINDOWS\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 InCDPass;InCdPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-07-24 28432]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-28 75072]
S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
S1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2005-04-05 267192]
S1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
S2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-12-30 271360]
S2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
S2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-12-30 18048]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
S3 Cap7134;ASUS TV7134 WDM Video Capture; C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2004-10-27 335360]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-11-02 773565]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-02-23 2522560]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-04 607452]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 MRVW225;802.11g/b Wireless LAN Dirver for Windows XP; C:\WINDOWS\system32\DRIVERS\MRVW225.sys [2006-09-29 299904]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-01-31 7104]
S3 PhTVTune;ASUS WDM TV Tuner; C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2004-10-24 24544]
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]
S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2005-04-05 11512]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2005-04-05 173208]
S3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2005-04-05 36984]
S3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2005-04-05 47192]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2005-04-05 17976]
S3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-07-24 86752]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-31 68865]
S2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-31 151297]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-06-28 126976]
S2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
S2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
S2 InCDsrv;InCD File System Service; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-07-24 786484]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 53248]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 286208]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 90112]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-08-15 501048]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SNDSrvc;Symantec Network Drivers Service; c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe [2005-04-05 206552]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 283648]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 935424]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------
0
Réponse 9 / 9
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
on va tenter une chose mais vu le nombre de problèmes que tu as c'est pas gagné

Pour fusionner:

http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

_______________

telecharge combofix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

_________________

Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

File::
C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\WINDOWS\system32\P2P Networking
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SemanticInsight]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32612dee-c5a8-11db-a3e0-0011d8c28a70}]

Enregistre ce fichier sous le nom CFscript

Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

________________________

colle un rapport hijackthis

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
0

Discussions similaires

A quoi correspond cette croix sur snapchat
Sbnet -
Doucesensible -

8 réponses
App explorer Sa sert a quoi ?
Mada_alpha -
SATS_fr -

1 réponse
Savoir si je suis bloqué par une personne sur snap chat
Jkl33 -
Vii -

10 réponses