PC infecté par 496 virus
Résolu
pirmax
Messages postés
549
Statut
Membre
-
sherred Messages postés 8605 Statut Membre -
sherred Messages postés 8605 Statut Membre -
Bonjour,
Au secour, mon PC est infecté par +496 virus, Nod32 qui me l'a dit !
J'ai quelques infections au niveau des fichiers dans le repertoir C:\WINDOWS\$hf_mig$\ mais je viens de lire qu'il ne faut surtout pas toucher ce repertoire car il contient tous les patchs et correctifs...
Enfin bref, je voudrais bien sur ne pas garder ces bébèttes sur mon PC mais je ne voudrais pas non plus supprimer les fichiers infectés, car j'ai des fichiers infectés important, comme :
C:\WINDOWS\RTHDCPL.exe (pour le son)
C:\Programs Files\Skype\Phone\Skype.exe
Tous un tas de fichiers infectés dans le repertoire C:\WINDOWS\system32\...
Je vous remercie de m'aider au plus vite, mon PC devient incontrolable, en plus j'ai un compte paypal, je suis administreur d'un grand forum et j'aimerais pas être piraté...
Merci à vous,
Maxence
Au secour, mon PC est infecté par +496 virus, Nod32 qui me l'a dit !
J'ai quelques infections au niveau des fichiers dans le repertoir C:\WINDOWS\$hf_mig$\ mais je viens de lire qu'il ne faut surtout pas toucher ce repertoire car il contient tous les patchs et correctifs...
Enfin bref, je voudrais bien sur ne pas garder ces bébèttes sur mon PC mais je ne voudrais pas non plus supprimer les fichiers infectés, car j'ai des fichiers infectés important, comme :
C:\WINDOWS\RTHDCPL.exe (pour le son)
C:\Programs Files\Skype\Phone\Skype.exe
Tous un tas de fichiers infectés dans le repertoire C:\WINDOWS\system32\...
Je vous remercie de m'aider au plus vite, mon PC devient incontrolable, en plus j'ai un compte paypal, je suis administreur d'un grand forum et j'aimerais pas être piraté...
Merci à vous,
Maxence
A voir également:
- PC infecté par 496 virus
- Reinitialiser pc - Guide
- Pc lent - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Double ecran pc - Guide
- Forcer demarrage pc - Guide
15 réponses
oops
commence par
Télécharger random's system information tool (RSIT) http://images.malwareremoval.com/random/RSIT.exe par random/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe Clic Continue à l'écran Disclaimer.
Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste en pièce jointe log.txt qui sera affiché ..ainsi que de info.txt qui sera réduit dans la Barre des Tâches.
commence par
Télécharger random's system information tool (RSIT) http://images.malwareremoval.com/random/RSIT.exe par random/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe Clic Continue à l'écran Disclaimer.
Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste en pièce jointe log.txt qui sera affiché ..ainsi que de info.txt qui sera réduit dans la Barre des Tâches.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Merci de vos rapide réponse !
Je fais ca tout de suite !
Le rapport HisJackThis arrive ;)
Merci,
Maxence
PS: serieux, je ne sais pas si d'autre en ont eu plus que moi avec le PC encore à peu près controlable mais pas trop :P
Je fais ca tout de suite !
Le rapport HisJackThis arrive ;)
Merci,
Maxence
PS: serieux, je ne sais pas si d'autre en ont eu plus que moi avec le PC encore à peu près controlable mais pas trop :P
Voilà les deux rapports que j'ai compresser, les voilà http://www.europartage.com/index.php?p=download&data=4fa9dd9a3d3e513ae109d882f8a979a7
Merci à vous de m'aider, j'en ai marre :P
Maxence
Merci à vous de m'aider, j'en ai marre :P
Maxence
Logfile of random's system information tool 1.06 (written by random/random)
Run by Maxence at 2009-04-21 11:43:06
Microsoft Windows XP Professionnel Service Pack 3, v.5755
System drive C: has 114 GB (48%) free of 238 GB
Total RAM: 3071 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:19, on 21/04/2009
Platform: Windows XP SP3, v.5755 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21020)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VistaDriveIcon\DrvIcon.exe
C:\Program Files\Taskix\Taskix32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\WinRoll\winroll.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\EasyPHP 3.0\EasyPHP.exe
C:\PROGRA~1\EASYPH~1.0\Apache\bin\apache.exe
C:\PROGRA~1\EASYPH~1.0\Apache\bin\apache.exe
C:\PROGRA~1\EASYPH~1.0\MySql\bin\mysqld.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Famille\Bureau\RSIT.exe
C:\Program Files\trend micro\Maxence.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\VistaDriveIcon\DrvIcon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Taskix] C:\Program Files\Taskix\Taskix32.exe start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [WinRoll] C:\Program Files\WinRoll\winroll.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Fichiers communs\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|6.0"
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O8 - Extra context menu item: Download with Rapget - C:\Program Files\rapget\rapget.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1c9b576bb6b924) (gupdate1c9b576bb6b924) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
Run by Maxence at 2009-04-21 11:43:06
Microsoft Windows XP Professionnel Service Pack 3, v.5755
System drive C: has 114 GB (48%) free of 238 GB
Total RAM: 3071 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:19, on 21/04/2009
Platform: Windows XP SP3, v.5755 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21020)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VistaDriveIcon\DrvIcon.exe
C:\Program Files\Taskix\Taskix32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\WinRoll\winroll.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\EasyPHP 3.0\EasyPHP.exe
C:\PROGRA~1\EASYPH~1.0\Apache\bin\apache.exe
C:\PROGRA~1\EASYPH~1.0\Apache\bin\apache.exe
C:\PROGRA~1\EASYPH~1.0\MySql\bin\mysqld.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Famille\Bureau\RSIT.exe
C:\Program Files\trend micro\Maxence.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\VistaDriveIcon\DrvIcon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Taskix] C:\Program Files\Taskix\Taskix32.exe start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [WinRoll] C:\Program Files\WinRoll\winroll.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Fichiers communs\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|6.0"
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O8 - Extra context menu item: Download with Rapget - C:\Program Files\rapget\rapget.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1c9b576bb6b924) (gupdate1c9b576bb6b924) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
info.txt logfile of random's system information tool 1.06 2009-04-21 11:43:20
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
802.11 USB Wireless LAN Adapter-->C:\WINDOWS\system32\unwlsdrv.exe SiS163u
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Advanced Port Scanner v1.3-->C:\Program Files\Advanced Port Scanner\uninstal.exe
AIMP2-->C:\Program Files\AIMP2\Uninstall.exe
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AutoIt v3.3.0.0-->C:\Program Files\AutoIt3\Uninstall.exe
CamStudio 2.0 Fr-->"C:\Program Files\CamStudio\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy GIF Animator 4.8-->"C:\Program Files\Easy GIF Animator\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Google Earth Plugin-->MsiExec.exe /I{9491C880-1C35-11DE-97B2-005056806466}
Google Earth Pro-->MsiExec.exe /X{9578C0CD-8108-4379-9026-4601F59859A0}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
MSN Pictures Displayer 4.6-->"C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe" /U
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Opera 9.63-->MsiExec.exe /X{1BC4026B-1957-4514-9058-2B542557F143}
PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PixiePack Codec Pack-->MsiExec.exe /I{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}
PLSinWindowsMedia-->MsiExec.exe /I{AFADAD9E-40AE-4653-B70A-2B44740DDD51}
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SWAT 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Taskix-->"C:\Program Files\Taskix\Désinstaller.exe"
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VistaDriveIcon-->"C:\Program Files\VistaDriveIcon\Désinstaller.exe"
VNC Enterprise Edition E4.4.3-->"C:\Program Files\RealVNC\VNC4\unins000.exe"
VNC Mirror Driver 1.8.0-->"C:\Program Files\RealVNC\VNC4\Mirror Driver\unins000.exe"
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Resource Kit Tools-->MsiExec.exe /I{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}
Windows Trust Installer-->"C:\Program Files\WTInstaller\Désinstaller.exe"
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinRAR-->"C:\Program Files\WinRAR\uninstall.exe"
WinRoll-->"C:\Program Files\WinRoll\Désinstaller.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 localhost
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 activate.adobe.com
Securitycenter WMI appears to be broken
======System event log======
Computer Name: NASA
Event Code: 1007
Message: Votre ordinateur a automatiquement configuré l'adresse IP pour la
carte avec l'adresse réseau 00032F4EEE29. L'adresse IP utilisée est 169.254.148.128.
Record Number: 3187
Source Name: Dhcp
Time Written: 20090317031014.000000+060
Event Type: Avertissement
User:
Computer Name: NASA
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{0B67C715-B8EF-4337-B0E1-BECBE86150EA} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 3186
Source Name: Tcpip
Time Written: 20090317031013.000000+060
Event Type: Informations
User:
Computer Name: NASA
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{0B67C715-B8EF-4337-B0E1-BECBE86150EA} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 3185
Source Name: Tcpip
Time Written: 20090317030913.000000+060
Event Type: Informations
User:
Computer Name: NASA
Event Code: 8033
Message: L'explorateur a forcé une élection sur le réseau \Device\NetBT_Tcpip_{0B67C715-B8EF-4337-B0E1-BECBE86150EA} car un maître explorateur a été arrêté.
Record Number: 3184
Source Name: BROWSER
Time Written: 20090317030913.000000+060
Event Type: Informations
User:
Computer Name: NASA
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{0B67C715-B8EF-4337-B0E1-BECBE86150EA} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 3183
Source Name: Tcpip
Time Written: 20090317030714.000000+060
Event Type: Informations
User:
=====Application event log=====
Computer Name: WINDOWS-14E4219
Event Code: 1000
Message: Les compteurs de performances pour le service MSDTC (MSDTC) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 5
Source Name: LoadPerf
Time Written: 20090116225209.000000+060
Event Type: Informations
User:
Computer Name: WINDOWS-14E4219
Event Code: 1000
Message: Les compteurs de performances pour le service TermService (Services Terminal Server) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 4
Source Name: LoadPerf
Time Written: 20090116225206.000000+060
Event Type: Informations
User:
Computer Name: WINDOWS-14E4219
Event Code: 1000
Message: Les compteurs de performances pour le service RemoteAccess (Routage et accès distant) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 3
Source Name: LoadPerf
Time Written: 20090116225034.000000+060
Event Type: Informations
User:
Computer Name: WINDOWS-14E4219
Event Code: 1000
Message: Les compteurs de performances pour le service PSched (PSched) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 2
Source Name: LoadPerf
Time Written: 20090116225018.000000+060
Event Type: Informations
User:
Computer Name: WINDOWS-14E4219
Event Code: 1000
Message: Les compteurs de performances pour le service RSVP (QoS RSVP) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 1
Source Name: LoadPerf
Time Written: 20090116225010.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\Fichiers communs\ArcSoft\Bin;C:\Program Files\Windows Resource Kits\Tools\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\DivX Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 127 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=7f01
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
802.11 USB Wireless LAN Adapter-->C:\WINDOWS\system32\unwlsdrv.exe SiS163u
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Advanced Port Scanner v1.3-->C:\Program Files\Advanced Port Scanner\uninstal.exe
AIMP2-->C:\Program Files\AIMP2\Uninstall.exe
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AutoIt v3.3.0.0-->C:\Program Files\AutoIt3\Uninstall.exe
CamStudio 2.0 Fr-->"C:\Program Files\CamStudio\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy GIF Animator 4.8-->"C:\Program Files\Easy GIF Animator\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Google Earth Plugin-->MsiExec.exe /I{9491C880-1C35-11DE-97B2-005056806466}
Google Earth Pro-->MsiExec.exe /X{9578C0CD-8108-4379-9026-4601F59859A0}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
MSN Pictures Displayer 4.6-->"C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe" /U
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Opera 9.63-->MsiExec.exe /X{1BC4026B-1957-4514-9058-2B542557F143}
PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PixiePack Codec Pack-->MsiExec.exe /I{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}
PLSinWindowsMedia-->MsiExec.exe /I{AFADAD9E-40AE-4653-B70A-2B44740DDD51}
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SWAT 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Taskix-->"C:\Program Files\Taskix\Désinstaller.exe"
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VistaDriveIcon-->"C:\Program Files\VistaDriveIcon\Désinstaller.exe"
VNC Enterprise Edition E4.4.3-->"C:\Program Files\RealVNC\VNC4\unins000.exe"
VNC Mirror Driver 1.8.0-->"C:\Program Files\RealVNC\VNC4\Mirror Driver\unins000.exe"
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Resource Kit Tools-->MsiExec.exe /I{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}
Windows Trust Installer-->"C:\Program Files\WTInstaller\Désinstaller.exe"
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinRAR-->"C:\Program Files\WinRAR\uninstall.exe"
WinRoll-->"C:\Program Files\WinRoll\Désinstaller.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 localhost
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 activate.adobe.com
Securitycenter WMI appears to be broken
======System event log======
Computer Name: NASA
Event Code: 1007
Message: Votre ordinateur a automatiquement configuré l'adresse IP pour la
carte avec l'adresse réseau 00032F4EEE29. L'adresse IP utilisée est 169.254.148.128.
Record Number: 3187
Source Name: Dhcp
Time Written: 20090317031014.000000+060
Event Type: Avertissement
User:
Computer Name: NASA
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{0B67C715-B8EF-4337-B0E1-BECBE86150EA} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 3186
Source Name: Tcpip
Time Written: 20090317031013.000000+060
Event Type: Informations
User:
Computer Name: NASA
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{0B67C715-B8EF-4337-B0E1-BECBE86150EA} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 3185
Source Name: Tcpip
Time Written: 20090317030913.000000+060
Event Type: Informations
User:
Computer Name: NASA
Event Code: 8033
Message: L'explorateur a forcé une élection sur le réseau \Device\NetBT_Tcpip_{0B67C715-B8EF-4337-B0E1-BECBE86150EA} car un maître explorateur a été arrêté.
Record Number: 3184
Source Name: BROWSER
Time Written: 20090317030913.000000+060
Event Type: Informations
User:
Computer Name: NASA
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{0B67C715-B8EF-4337-B0E1-BECBE86150EA} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 3183
Source Name: Tcpip
Time Written: 20090317030714.000000+060
Event Type: Informations
User:
=====Application event log=====
Computer Name: WINDOWS-14E4219
Event Code: 1000
Message: Les compteurs de performances pour le service MSDTC (MSDTC) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 5
Source Name: LoadPerf
Time Written: 20090116225209.000000+060
Event Type: Informations
User:
Computer Name: WINDOWS-14E4219
Event Code: 1000
Message: Les compteurs de performances pour le service TermService (Services Terminal Server) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 4
Source Name: LoadPerf
Time Written: 20090116225206.000000+060
Event Type: Informations
User:
Computer Name: WINDOWS-14E4219
Event Code: 1000
Message: Les compteurs de performances pour le service RemoteAccess (Routage et accès distant) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 3
Source Name: LoadPerf
Time Written: 20090116225034.000000+060
Event Type: Informations
User:
Computer Name: WINDOWS-14E4219
Event Code: 1000
Message: Les compteurs de performances pour le service PSched (PSched) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 2
Source Name: LoadPerf
Time Written: 20090116225018.000000+060
Event Type: Informations
User:
Computer Name: WINDOWS-14E4219
Event Code: 1000
Message: Les compteurs de performances pour le service RSVP (QoS RSVP) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.
Record Number: 1
Source Name: LoadPerf
Time Written: 20090116225010.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\Fichiers communs\ArcSoft\Bin;C:\Program Files\Windows Resource Kits\Tools\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\DivX Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 127 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=7f01
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
télecharge Malwarebyte's ici http://www.malwarebytes.org/mbam/program/mbam-setup.exe
le programme va se mettre automatiquement a jour.
S'il manque le fichier COMCTL32.OCX, vous pourrez le télécharger ici
https://www.malekal.com/tutorial-aboutbuster/
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
le programme va se mettre automatiquement a jour.
S'il manque le fichier COMCTL32.OCX, vous pourrez le télécharger ici
https://www.malekal.com/tutorial-aboutbuster/
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Re!
J'en ai 71, si je supprime la sélection, il se passe quoi ? il me supprimer les fichiers ?? (il y en a des importants)
pour le moment je ne peux pas aller dans Rapports/Logs (bloqué, il faut que je fasse un choix)...
Merci,
Maxence
EDIT: ce ne sont que des fichiers temporaires .... Donc je les supprime !
J'en ai 71, si je supprime la sélection, il se passe quoi ? il me supprimer les fichiers ?? (il y en a des importants)
pour le moment je ne peux pas aller dans Rapports/Logs (bloqué, il faut que je fasse un choix)...
Merci,
Maxence
EDIT: ce ne sont que des fichiers temporaires .... Donc je les supprime !
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2019
Windows 5.1.2600 Service Pack 3, v.5755
21/04/2009 12:05:23
mbam-log-2009-04-21 (12-05-23).txt
Type de recherche: Examen rapide
Eléments examinés: 66519
Temps écoulé: 2 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 68
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5y99ae78-58tt-11dw-be53-y67078979y} (Backdoor.ProRat) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system\sservice.exe (Backdoor.ProRat) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\bah5371.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\bie4EB1.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\cvf4EDF.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\die4EB2.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\ggi552A.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\gxe4EB7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\iie4EB0.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\jff4FEE.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\jof4EF6.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\kaf4F07.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\kof4EF7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\mof4EE6.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\rah52D7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\txh52C7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\uaf4F04.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\uxj5640.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\wdf4FED.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\wqj563B.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\yqj563A.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\zah5370.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\lid1986.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\aay47BA.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\adzC921.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ahz47DC.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\akq412A.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\apa2AA4.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\awy1AE7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\coj157E.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\cor2E1A.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\cqx49C3.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\dsn1B1F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\eus27A6.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\evp1A7F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ezk1FE5.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ilj2B0F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ill3732.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\jby1849.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\jnd1D7B.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\jzq16B0.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\kan48ED.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\kvi1550.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\lgy47BC.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ljj3561.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\nch151F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\NOD1B3C.tmp (Worm.Parite) -> Delete on reboot.
C:\WINDOWS\Temp\ocr412C.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\opk2B11.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\opy2FB7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ozq16B1.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pfd1979.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pya2AA5.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\qesC8EA.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\qrt4872.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\rej480F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\sbh1B03.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\tje4D54.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\uge198F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\vfo1B20.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\vwa2FC9.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\xqu1BEB.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\xtd48AD.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\xzn2D1E.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ydr486C.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\yip2E16.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ytr16E9.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\zcf1D7C.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\zsg1A16.tmp (Worm.Parite) -> Quarantined and deleted successfully.
Version de la base de données: 2019
Windows 5.1.2600 Service Pack 3, v.5755
21/04/2009 12:05:23
mbam-log-2009-04-21 (12-05-23).txt
Type de recherche: Examen rapide
Eléments examinés: 66519
Temps écoulé: 2 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 68
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5y99ae78-58tt-11dw-be53-y67078979y} (Backdoor.ProRat) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system\sservice.exe (Backdoor.ProRat) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\bah5371.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\bie4EB1.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\cvf4EDF.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\die4EB2.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\ggi552A.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\gxe4EB7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\iie4EB0.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\jff4FEE.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\jof4EF6.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\kaf4F07.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\kof4EF7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\mof4EE6.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\rah52D7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\txh52C7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\uaf4F04.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\uxj5640.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\wdf4FED.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\wqj563B.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\yqj563A.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\Documents and Settings\Famille\Local Settings\Temp\zah5370.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\lid1986.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\aay47BA.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\adzC921.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ahz47DC.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\akq412A.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\apa2AA4.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\awy1AE7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\coj157E.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\cor2E1A.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\cqx49C3.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\dsn1B1F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\eus27A6.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\evp1A7F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ezk1FE5.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ilj2B0F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ill3732.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\jby1849.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\jnd1D7B.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\jzq16B0.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\kan48ED.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\kvi1550.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\lgy47BC.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ljj3561.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\nch151F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\NOD1B3C.tmp (Worm.Parite) -> Delete on reboot.
C:\WINDOWS\Temp\ocr412C.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\opk2B11.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\opy2FB7.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ozq16B1.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pfd1979.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pya2AA5.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\qesC8EA.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\qrt4872.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\rej480F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\sbh1B03.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\tje4D54.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\uge198F.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\vfo1B20.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\vwa2FC9.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\xqu1BEB.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\xtd48AD.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\xzn2D1E.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ydr486C.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\yip2E16.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ytr16E9.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\zcf1D7C.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\zsg1A16.tmp (Worm.Parite) -> Quarantined and deleted successfully.
C'est bon, j'ai redémarré mon PC, Nod32 m'affiche toujours plein d'erreurs avec ce virus Win32/Parite.B.vius :(
Merci encore de m'aider :P
Maxence
Merci encore de m'aider :P
Maxence
Re!
J'ai était en magasin pour m'acheter un antivirus, ils m'ont dit de formater car il n'est pas possible de réparer des fichiers infectés. Et comme ce sont des fichiers systèmes infecté, il faut que je formate mon disque dur et faire le nottoyage avant de formater !
C'est quoi le but d'un vers, enfin que fait-il ?!?
Merci,
Maxence
J'ai était en magasin pour m'acheter un antivirus, ils m'ont dit de formater car il n'est pas possible de réparer des fichiers infectés. Et comme ce sont des fichiers systèmes infecté, il faut que je formate mon disque dur et faire le nottoyage avant de formater !
C'est quoi le but d'un vers, enfin que fait-il ?!?
Merci,
Maxence
