Virus qu'on ne peu supprimer

sibel49 Messages postés 146 Statut Membre -  
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour,
ca fais quelle que semaines que mon pc est affecté d'un virus que je n'arrive pas a supprimer , ca serait possible de m'aider et de me dire quel logiciel telecharger pour enfin pouvoir supprimer ce virus. merci



voici ce que affiche malwarebytes:

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1034
Windows 5.1.2600 Service Pack 2

21:52:17 13/05/2009
mbam-log-5-13-2009 (21-52-17).txt

Type de recherche: Examen rapide
Eléments examinés: 51834
Temps écoulé: 10 minute(s), 41 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
A voir également:

25 réponses

  • 1
  • 2
Réponse 1 / 25
Utilisateur anonyme
 
bonsoir,
malwarebytes n'est pas à jour
xp n'est pas à jour
mettre malwarebytes à jour et refaire un scan complet
0
Réponse 2 / 25
cs-bilou Messages postés 836 Statut Membre 164
 
Essaye en mode sans-échec.

Je pense tu réussira a le virer.
Bonne chance.

Bilou.
0
Utilisateur anonyme
 
il faut d'abord mettre malwarebytes à jour
0
Réponse 3 / 25
sibel49 Messages postés 146 Statut Membre 4
 
je pensai qu'il étai a jour :S

ok je vais telecharger la derniere version alors ,

merci
0
Réponse 4 / 25
sibel49 Messages postés 146 Statut Membre 4
 
comme malwarebytes n'était pas à jour , mon pc n'était pas infecté que d 1 virus mais de 32 virus et en mettant malwarbytes à jour je pense qu'ils se sont tous supprimer.

je te remerci nathandre

bonne soirée à tous
0
Utilisateur anonyme
 
mets moi le rapport de malwarebytes
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
sibel49 Messages postés 146 Statut Membre 4
 
en faisant un examen complet je me rend compte qu'il y a plus d'elements infectés

voici le rapport :

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 1945
Windows 5.1.2600 Service Pack 2

14/05/2009 01:14:10
mbam-log-2009-05-14 (01-14-10).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 215215
Temps écoulé: 1 hour(s), 34 minute(s), 3 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 70

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP551\A0250581.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP552\A0251582.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP552\A0251603.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP558\A0253692.exe (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP534\A0240712.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP534\A0240916.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP534\A0240997.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP534\A0241053.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP563\A0254630.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP564\A0254660.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP564\A0254768.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP564\A0254771.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP564\A0254775.exe (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP564\A0254776.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP565\A0254857.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP565\A0254935.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP565\A0254938.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP566\A0255101.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP566\A0255317.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP566\A0255319.exe (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP566\A0255321.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP567\A0255379.dll (Trojan.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP567\A0255451.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP567\A0255454.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP567\A0255458.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP567\A0255514.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP567\A0255517.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0255631.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0255632.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0255633.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0256548.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0256541.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0256543.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0256549.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0256595.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0256598.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0256616.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0256617.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP569\A0256804.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP571\A0258215.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP571\A0258218.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP571\A0258222.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP571\A0258291.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP572\A0258299.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP572\A0258421.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP572\A0258424.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP572\A0258447.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP572\A0258450.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP573\A0258525.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP573\A0258733.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP573\A0258734.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\luk1ylq.com (Trojan.OnlineGames) -> Quarantined and deleted successfully.
D:\em8tqm.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
D:\upw.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP565\A0254859.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP565\A0254940.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP567\A0255456.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP567\A0255519.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0255635.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0256546.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP568\A0256600.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP572\A0258301.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP572\A0258426.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP572\A0258452.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP573\A0258527.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP563\A0254632.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP564\A0254662.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP564\A0254773.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP566\A0255103.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP571\A0258220.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
0
Réponse 6 / 25
Utilisateur anonyme
 
salut malwarebytes n est toujours pas a jour

onglet mise a jour !!!
0
Réponse 7 / 25
sibel49 Messages postés 146 Statut Membre 4
 
apés remise à jour


voici le rapport :


Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2129
Windows 5.1.2600 Service Pack 2

14/05/2009 11:37:15
mbam-log-2009-05-14 (11-37-15).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 231534
Temps écoulé: 1 hour(s), 37 minute(s), 34 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 270

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\1ogf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\ej10fkdo.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\eyt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\hkn6k.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\husyu8n.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\i.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\nu.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\uvsqfgwd.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\vwewav8.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\ymxf2.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\ysep1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\qwtb.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\boyedt.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\lc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\npee.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP540\A0242123.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP540\A0242146.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP540\A0242147.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP540\A0242148.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP540\A0242238.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP540\A0242239.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP543\A0243817.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP543\A0243949.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP543\A0243953.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP543\A0243954.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP544\A0244086.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP544\A0244090.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP545\A0244285.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP545\A0244327.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP545\A0244410.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP546\A0246799.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP548\A0247982.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP553\A0252612.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP553\A0252683.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP582\A0262506.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP582\A0262598.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP582\A0262600.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP583\A0263603.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0263850.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264133.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264055.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264089.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264092.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264130.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264141.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264171.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264172.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264173.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP585\A0264259.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP585\A0264274.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP585\A0264276.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP585\A0265271.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP585\A0265274.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP586\A0265290.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP586\A0265482.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP586\A0265483.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP587\A0265698.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP587\A0265699.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP587\A0265701.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP587\A0265883.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP587\A0265884.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0265917.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0265992.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0265999.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0266000.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0266023.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0266024.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0266025.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0265989.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP589\A0266099.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP589\A0266101.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP589\A0266112.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP589\A0266113.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266122.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266163.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266164.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266166.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266247.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266250.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266266.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266267.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP591\A0266303.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP593\A0267414.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP593\A0268421.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP595\A0268913.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP595\A0268996.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP595\A0268997.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP595\A0268999.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP596\A0269024.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP596\A0269051.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP596\A0269052.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP596\A0269070.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP597\A0269176.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP597\A0269181.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP597\A0269182.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP598\A0269387.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP598\A0269392.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP598\A0269393.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP599\A0270610.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP599\A0270615.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP599\A0270616.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP600\A0270821.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP600\A0270826.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP600\A0270827.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP600\A0270969.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP600\A0270970.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP600\A0271015.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP600\A0271018.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP601\A0271043.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP601\A0271071.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP601\A0271072.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP601\A0271088.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0271116.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0271165.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0271167.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0271194.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0272162.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0272165.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0272224.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0272225.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0272283.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0272286.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0272290.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0272291.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP603\A0272297.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP603\A0272414.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP603\A0272415.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272425.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272463.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272465.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272470.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272471.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272488.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272491.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272521.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272520.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP535\A0241147.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP536\A0241289.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP563\A0254433.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP563\A0254529.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP563\A0254534.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP563\A0254535.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP563\A0254627.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP574\A0258839.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP574\A0258954.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP574\A0258972.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP574\A0258975.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP574\A0259081.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP574\A0259082.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP575\A0259111.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP575\A0259211.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP575\A0259212.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP575\A0259214.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP576\A0259315.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP576\A0259373.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP576\A0259374.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP576\A0259403.exe (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP576\A0259404.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP576\A0259406.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP577\A0259420.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP577\A0261451.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP577\A0261452.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP577\A0261475.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP577\A0261478.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261561.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261578.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261581.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261680.exe (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261681.dll (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261682.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261695.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261698.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261699.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261703.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261715.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261760.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261763.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261767.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261768.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261825.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261828.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261876.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261878.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP580\A0261893.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP580\A0261939.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP580\A0261940.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP580\A0261941.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP580\A0262016.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP580\A0262212.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\lc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\uvsqfgwd.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\m0vnonh.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\jm3cx96.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\1ogf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\qwtb.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\husyu8n.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\ej10fkdo.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\vwewav8.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\nu.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\npee.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\eyt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\ymxf2.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\rwj0.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\boyedt.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\hkn6k.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\ysep1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP595\A0268915.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP595\A0269001.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP606\A0272906.com (Trojan.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP606\A0272907.cmd (Trojan.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP606\A0272908.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP545\A0244470.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP545\A0244474.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP587\A0265703.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP576\A0259317.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP576\A0259408.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261563.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261583.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261684.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP578\A0261701.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261717.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261765.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP579\A0261830.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP580\A0261895.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP580\A0261943.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP582\A0262508.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0263852.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264094.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264135.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP584\A0264175.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP586\A0265292.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0265919.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0265994.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP588\A0266027.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP589\A0266104.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP596\A0269026.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP601\A0271045.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0271118.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0271169.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0272167.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP602\A0272288.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP540\A0242125.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP540\A0242150.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP543\A0243819.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP543\A0243951.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP563\A0254435.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP563\A0254531.bat (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP574\A0258841.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP574\A0258956.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP574\A0258977.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP575\A0259113.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP575\A0259216.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP577\A0259422.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP577\A0261454.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP577\A0261480.cmd (Spyware.OnLineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP585\A0264278.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP585\A0265276.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266124.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266168.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP590\A0266252.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP600\A0270841.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP600\A0271020.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP603\A0272299.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272427.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272468.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP604\A0272493.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\g1ljsm.com (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\a1agmur.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\j60osk9.cmd (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\0bcobed.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
0
Utilisateur anonyme
 
bonjour,
vas dans l'onglet quarantaine et cli sur tout supprimer
il faudrai faire un diagnostic de ton pc
installes le SP3 pour Windows XP
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...


-> laisse faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum


( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )-
0
sibel49 Messages postés 146 Statut Membre 4 > Utilisateur anonyme
 
voici le rapport de log.txt :

Logfile of random's system information tool 1.06 (written by random/random)
Run by NESS at 2009-05-14 14:37:29
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 104 GB (71%) free of 146 GB
Total RAM: 958 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:37:30, on 14/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\NESS\Bureau\RSIT.exe antivirus.exe
C:\Program Files\trend micro\NESS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Amok Eggs Four Web] C:\Documents and Settings\All Users\Application Data\part dead amok eggs\BASH CREATIVE.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://www.icsvoice.com/talk.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - http://www.flatcast-data.com/data/objects/NpFv501.dll
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://www.radyodinle.com/?aspxerrorpath=/ampx_en_dl.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 8 / 25
sibel49 Messages postés 146 Statut Membre 4
 
rapport de info.txt :

info.txt logfile of random's system information tool 1.06 2009-05-14 14:33:57

======Uninstall list======

-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Akilli Menüler (Windows Live Toolbar)-->MsiExec.exe /X{0935DF3B-EA44-4C5E-9011-BD1958E88DFE}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Avira AntiVir PersonalEdition Classic-->C:\Program Files\AntiVir PersonalEdition Classic\setup.exe /REMOVE
BearShare-->C:\Program Files\BearShare Applications\BearShare\UninstallSurvey.exe C:\Program Files\BearShare Applications\BearShare\UnwiseLauncher.exe /A C:\PROGRA~1\BEARSH~1\BEARSH~1\INSTALL.LOG
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cdiscount photos -->C:\Program Files\Cdiscount photos\uninst.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Comptabilité-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93A837CB-5919-4BBA-B1AE-2E42F0E00794}\setup.exe" -l0x40c
Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB893357)-->"C:\WINDOWS\$NtUninstallKB893357$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB906569)-->"C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB912024)-->"C:\WINDOWS\$NtUninstallKB912024$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB883667-->C:\WINDOWS\$NtUninstallKB883667$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Correctif Windows XP - KB892050-->"C:\WINDOWS\$NtUninstallKB892050$\spuninst\spuninst.exe"
Correctif Windows XP - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Flatcast 4.15-->C:\WINDOWS\unins000.exe
FSX_Screensaver-->C:\Program Files\FSX_Screensaver\Uninstall.exe
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
Gestion commerciale-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52270BD3-1B06-42B6-B76A-3E6B95D3F218}\setup.exe" -l0x40c
GIMP 2.6.4-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
IEEE 802.11g Wireless LAN - USB-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{581CE7EA-A30D-0000-1211-088635773309}\setup.exe" -l0x40c
Immobilisations-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC1A0B30-023D-496F-8BD5-A47646379264}\setup.exe" -l0x40c
iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaBar 2.0-->C:\Program Files\BearShare Applications\BearShare MediaBar\Uninstall.exe
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.0 Hotfix (KB887998)-->"C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.0 Hotfix (KB930494)-->"C:\WINDOWS\$NtUninstallKB930494$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual J# .NET Redistributable Package 1.1-->MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
mIRC-->"C:\Program Files\SohbetLive Script v5.1\mIRC.EXE" -uninstall
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
NVIDIA Drivers-->C:\WINDOWS\system32\nvunrm.exe UninstallGUI
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Sage Ligne 100 Windows-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11B5CE0E-315D-4BE4-8FC6-D9C10BFC556E}\setup.exe" -l0x40c
Sage Pilote-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F428CE0D-0E60-432D-8254-F8EED9079DC0}\setup.exe" -l0x40c
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
SohbetLive Script v5.1-->C:\Program Files\SohbetLive Script v5.1\uninstall.exe
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Supercross Kings-->MsiExec.exe /I{EE5307C8-1E1E-4B5E-B241-CF109C2CEA39}
Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356$\spuninst\spuninst.exe"
Vodafone 804SS USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
Vurgu Görüntüleyicisi (Windows Live Toolbar)-->MsiExec.exe /X{C59CEB1E-097E-4603-8B43-EE0D8482897D}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
Windows Live Toolbar Uzantisi (Windows Live Toolbar)-->MsiExec.exe /X{9233A730-542C-43B5-9A16-6C9EF69281B2}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Security center information======

AV: Avira AntiVir PersonalEdition (outdated)
FW: ZoneAlarm Firewall

======System event log======

Computer Name: JIYANAMIN
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

Record Number: 22389
Source Name: Service Control Manager
Time Written: 20090419141504.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: JIYANAMIN
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Application système COM+.

Record Number: 22388
Source Name: Service Control Manager
Time Written: 20090419141504.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: JIYANAMIN
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant.

Record Number: 22387
Source Name: Service Control Manager
Time Written: 20090419141504.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: JIYANAMIN
Event Code: 7036
Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

Record Number: 22386
Source Name: Service Control Manager
Time Written: 20090419141504.000000+120
Event Type: Informations
User:

Computer Name: JIYANAMIN
Event Code: 7026
Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
KLIF

Record Number: 22385
Source Name: Service Control Manager
Time Written: 20090419141504.000000+120
Event Type: erreur
User:

=====Application event log=====

Computer Name: JIYANAMIN
Event Code: 102
Message: msnmsgr (672) \\.\C:\Documents and Settings\NESS\Local Settings\Application Data\Microsoft\Messenger\forever.49@hotmail.fr\SharingMetadata\Working\database_F608_F7A6_8F7_63D1\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 60346
Source Name: ESENT
Time Written: 20090430235157.000000+120
Event Type: Informations
User:

Computer Name: JIYANAMIN
Event Code: 100
Message: msnmsgr (672) Le moteur de base de données 5.01.2600.2780 est démarré.

Record Number: 60345
Source Name: ESENT
Time Written: 20090430235157.000000+120
Event Type: Informations
User:

Computer Name: JIYANAMIN
Event Code: 101
Message: msnmsgr (2400) Le moteur de base de données est arrêté.

Record Number: 60344
Source Name: ESENT
Time Written: 20090430231751.000000+120
Event Type: Informations
User:

Computer Name: JIYANAMIN
Event Code: 103
Message: msnmsgr (2400) \\.\C:\Documents and Settings\NESS\Local Settings\Application Data\Microsoft\Messenger\forever.49@hotmail.fr\SharingMetadata\Working\database_F608_F7A6_8F7_63D1\dfsr.db: Le moteur de base de données a arrêté une instance (0).

Record Number: 60343
Source Name: ESENT
Time Written: 20090430231751.000000+120
Event Type: Informations
User:

Computer Name: JIYANAMIN
Event Code: 20
Message:
Record Number: 60342
Source Name: Google Update
Time Written: 20090430230907.000000+120
Event Type: erreur
User: JIYANAMIN\NESS

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"tvdumpflags"=8

-----------------EOF-----------------
0
Utilisateur anonyme
 
il y a une autre infection
traces de norton

Télécharge et installe UsbFix de C_XX, Chimay8 & Chiquitine29
http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir</gras>

# Double clic sur le raccourci UsbFix présent sur ton bureau .

# Choisi l option 1 ( Recherche )

# Laisse travailler l outil.

# Ensuite post le rapport UsbFix.txt qui apparaitra.

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
sibel49 Messages postés 146 Statut Membre 4 > Utilisateur anonyme
 
voici le rapport :



############################## [ UsbFix V3.019 # Scan ]

# User : NESS (Administrateurs) # JIYANAMIN
# Update on 13/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 14:53:32 | 14/05/2009

# AMD Sempron(tm) Processor 3200+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Disabled
# AV : Avira AntiVir PersonalEdition 6.38.0.225
[ Enabled | (!) Outdated ]
# FW : ZoneAlarm Firewall[ Enabled ]7.0.483.000

# C:\ # Disque fixe local # 142,26 Go (101,07 Go free) [HP_PAVILION] # NTFS
# D:\ # Disque fixe local # 6,77 Go (773,08 Mo free) [HP_RECOVERY] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible # 495,49 Mo (238,09 Mo free) [TMM_LYRA] # FAT32

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Registre # Startup ]

HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="https://www.google.com/?gws_rd=ssl"
HKCU_Main: "Start Page"="https://www.google.com/?gws_rd=ssl"
HKCU_Main: "Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
HKCU_Main: "Start Page Redirect Cache_TIMESTAMP"=hex:0e,69,c7,68,7b,ce,c9,01
HKCU_Main: "Start Page Redirect Cache AcceptLangs"="fr"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="NESS"
HKLM_logon: "AltDefaultUserName"="NESS"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: ehTray=C:\WINDOWS\ehome\ehtray.exe
HKLM_Run: ftutil2=rundll32.exe ftutil2.dll,SetWriteCacheMode
HKLM_Run: RTHDCPL=RTHDCPL.EXE
HKLM_Run: AlwaysReady Power Message APP=ARPWRMSG.EXE
HKLM_Run: NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM_Run: nwiz=nwiz.exe /install
HKLM_Run: DMAScheduler="c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
HKLM_Run: Recguard=C:\WINDOWS\SMINST\RECGUARD.EXE
HKLM_Run: PCDrProfiler=
HKLM_Run: HPBootOp="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
HKLM_Run: Reminder="C:\Windows\Creator\Remind_XP.exe"
HKLM_Run: HP Software Update=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM_Run: LVCOMSX=C:\WINDOWS\system32\LVCOMSX.EXE
HKLM_Run: LogitechVideoRepair=C:\Program Files\Logitech\Video\ISStart.exe
HKLM_Run: LogitechVideoTray=C:\Program Files\Logitech\Video\LogiTray.exe
HKLM_Run: avgnt="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
HKLM_Run: Amok Eggs Four Web=C:\Documents and Settings\All Users\Application Data\part dead amok eggs\BASH CREATIVE.exe
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
HKLM_Run: ZoneAlarm Client="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU_Run: msnmsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
HKCU_Run: MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background

################## [ Informations ]


################## [ Fichiers # Dossiers infectieux ]

Found ! C:\WINDOWS\system32\vbsdfe0.dll
Found ! C:\WINDOWS\system32\vbsdfe1.dll
Found ! C:\0xuc.com
Found ! C:\1utbfd.bat
Found ! C:\2u.com
Found ! C:\3rl3lqbq.bat
Found ! C:\6fnlpetp.exe
Found ! C:\a2h2.com
Found ! C:\abk.bat
Found ! C:\cb.exe
Found ! C:\cqxj.exe
Found ! C:\cqxj.exe
Found ! C:\e2.cmd
Found ! C:\fbak.exe
Found ! C:\gi2ky.exe
Found ! C:\h3.bat
Found ! C:\hl80c6b1.com
Found ! C:\iqe68o.bat
Found ! C:\mt.bat
Found ! C:\o3n9k.com
Found ! C:\pook.com
Found ! C:\q0dhfjf.exe
Found ! C:\x2csvg.exe
Found ! C:\uxkl0apt.bat
Found ! C:\x2csvg.exe
Found ! C:\yh.cmd
Found ! C:\8.bat
Found ! C:\i.com
Found ! C:\u.com
D:\autorun.inf # -> fichier appelé : "D:\w.com" ( absent ! )
Found ! D:\0bcobed.exe
Found ! D:\0xuc.com
Found ! D:\1utbfd.bat
Found ! D:\2u.com
Found ! D:\3rl3lqbq.bat
Found ! D:\6fnlpetp.exe
Found ! D:\a1agmur.cmd
Found ! D:\a2h2.com
Found ! D:\abk.bat
Found ! D:\cb.exe
Found ! D:\cqxj.exe
Found ! D:\cqxj.exe
Found ! D:\dbrxubcw.com
Found ! D:\e2.cmd
Found ! D:\fbak.exe
Found ! D:\g1ljsm.com
Found ! D:\gi2ky.exe
Found ! D:\h3.bat
Found ! D:\hl80c6b1.com
Found ! D:\iqe68o.bat
Found ! D:\j60osk9.cmd
Found ! D:\minm.cmd
Found ! D:\mt.bat
Found ! D:\o3n9k.com
Found ! D:\pook.com
Found ! D:\q0dhfjf.exe
Found ! D:\x2csvg.exe
Found ! D:\uxkl0apt.bat
Found ! D:\x2csvg.exe
Found ! D:\xsia.bat
Found ! D:\yh.cmd
Found ! D:\8.bat
Found ! D:\i.com
Found ! D:\u.com
Found ! D:\o.exe
Found ! D:\autorun.inf
J:\autorun.inf # -> fichier appelé : "J:\u.com" ( présent ! )
Found ! J:\a2h2.com
Found ! J:\abk.bat
Found ! J:\hl80c6b1.com
Found ! J:\iqe68o.bat
Found ! J:\u.com
Found ! J:\autorun.inf

################## [ Registre # Clés Run infectieuses ]


################## [ Registre # Mountpoints2 ]

HKCU\Software\Microsoft\....\MountPoints2\{4137a2a3-9057-11db-9d1b-806d6172696f}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{4137a2a3-9057-11db-9d1b-806d6172696f}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{65c34c32-938d-11db-9d33-0014a5f71ff3}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{65c34c32-938d-11db-9d33-0014a5f71ff3}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{bd36245e-7419-11dc-9fca-0014a5f71ff3}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{bd36245e-7419-11dc-9fca-0014a5f71ff3}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{bd36245e-7419-11dc-9fca-0014a5f71ff3}\Shell\open\Command

################## [ ! Fin du rapport # UsbFix V3.019 ! ]
0
Utilisateur anonyme > sibel49 Messages postés 146 Statut Membre
 
j'avais raison infection

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau

# choisis l'option 2 ( Suppression )

# Ton bureau disparaitra et le pc redémarrera .

# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

# Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
Réponse 9 / 25
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut

A voir ► O4 - HKLM\..\Run: [Amok Eggs Four Web] C:\Documents and Settings\All Users\Application Data\part dead amok eggs\BASH CREATIVE.exe

++

0
Utilisateur anonyme
 
c'est du chinois
je suppose que c'est une clé infectée
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279 > Utilisateur anonyme
 
Je pense surtout a du "LOP" ;))
0
Réponse 10 / 25
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt surement une infection lop
0
Réponse 11 / 25
sibel49 Messages postés 146 Statut Membre 4
 
enfait je ne peu pas avoir le rapport

il ya ecrit ceci : impossible d'ecrire sur le disque car il est protégé en ecriture. mais je ne sais pas ou retirer la protection en ecriture du volume dans le lecteur F
0
Utilisateur anonyme
 
Télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt
0
sibel49 Messages postés 146 Statut Membre 4 > Utilisateur anonyme
 
voici rapport de usbfix :


############################## [ UsbFix V3.019 # Cleaning ]

# User : NESS (Administrateurs) # JIYANAMIN
# Update on 13/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 16:02:38 | 14/05/2009

# AMD Sempron(tm) Processor 3200+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Disabled
# AV : Avira AntiVir PersonalEdition 6.38.0.225
[ Enabled | (!) Outdated ]
# FW : ZoneAlarm Firewall[ Enabled ]7.0.483.000

# C:\ # Disque fixe local # 142,26 Go (100,95 Go free) [HP_PAVILION] # NTFS
# D:\ # Disque fixe local # 6,77 Go (772,85 Mo free) [HP_RECOVERY] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible # 495,49 Mo (237,99 Mo free) [TMM_LYRA] # FAT32

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\eHome\ehRec.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe

################## [ Fichiers # Dossiers infectieux ]

J:\autorun.inf # -> fichier appelé : "J:\w.com" ( présent ! )
Deleted ! -> J:\w.com
Deleted ! J:\a2h2.com
Deleted ! J:\abk.bat
Deleted ! J:\hl80c6b1.com
Deleted ! J:\iqe68o.bat
Deleted ! J:\u.com
Deleted ! J:\autorun.inf

################## [ Registre # Clés Run infectieuses ]

Deleted ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "cdoosoft"

################## [ Registre # Mountpoints2 ]

Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{bd36245e-7419-11dc-9fca-0014a5f71ff3}\Shell\AutoRun\command

################## [ Listing des fichiers présent ]

[24/05/2008 17:19|--a------|116] - C:\Ad-Fix.txt
[20/10/2007 23:52|--ah-----|200] - C:\AUTOEXEC.BAT
[20/12/2006 20:30|-rahs----|211] - C:\BOOT.BAK
[20/12/2006 20:36|-rahs----|291] - C:\boot.ini
[09/08/2004 23:00|-rahs----|4952] - C:\Bootfont.bin
[28/08/2008 20:14|--a------|2944] - C:\cleannavi.txt
[09/08/2004 23:00|-r-hs----|263488] - C:\cmldr
[10/10/2005 13:34|--ah-----|0] - C:\CONFIG.SYS
[06/05/2008 17:38|--a------|0] - C:\conmgr.log
[14/09/2007 19:32|--a------|46592] - C:\fiche p‚da L1.doc
[28/08/2008 20:08|--a------|2902] - C:\fixnavi.txt
[20/01/2009 22:30|-r-hs----|108869] - C:\gy.exe
[?|?|?] - C:\hiberfil.sys
[11/06/2007 23:05|--a------|16840120] - C:\IE7Setup_G_FR.exe
[10/10/2005 13:34|-rahs----|0] - C:\IO.SYS
[12/05/2007 19:16|--a------|183] - C:\LogiSetup.log
[02/08/2008 15:05|--a------|14231] - C:\lopR.txt
[10/10/2005 13:34|-rahs----|0] - C:\MSDOS.SYS
[09/08/2004 23:00|-rahs----|47564] - C:\NTDETECT.COM
[09/08/2004 23:00|-rahs----|251712] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[14/10/2008 19:38|--a------|0] - C:\Program1
[21/10/2008 18:04|--a------|0] - C:\Program10
[21/10/2008 19:41|--a------|0] - C:\Program11
[22/10/2008 16:43|--a------|0] - C:\Program12
[22/10/2008 20:34|--a------|0] - C:\Program13
[23/10/2008 15:47|--a------|0] - C:\Program14
[23/10/2008 21:25|--a------|0] - C:\Program15
[15/10/2008 16:44|--a------|0] - C:\Program2
[16/10/2008 13:56|--a------|0] - C:\Program3
[16/10/2008 17:22|--a------|0] - C:\Program4
[17/10/2008 12:58|--a------|0] - C:\Program5
[18/10/2008 21:31|--a------|0] - C:\Program6
[19/10/2008 20:26|--a------|0] - C:\Program7
[20/10/2008 14:19|--a------|0] - C:\Program8
[20/10/2008 23:01|--a------|0] - C:\Program9
[19/02/2008 00:38|--ah-----|268] - C:\sqmdata00.sqm
[03/03/2008 23:47|--ah-----|268] - C:\sqmdata01.sqm
[01/04/2008 15:32|--ah-----|136] - C:\sqmdata02.sqm
[22/04/2008 19:51|--ah-----|268] - C:\sqmdata03.sqm
[01/05/2008 10:47|--ah-----|268] - C:\sqmdata04.sqm
[06/07/2008 18:03|--ah-----|268] - C:\sqmdata05.sqm
[04/08/2008 00:19|--ah-----|232] - C:\sqmdata06.sqm
[06/09/2008 19:34|--ah-----|268] - C:\sqmdata07.sqm
[06/09/2008 19:36|--ah-----|232] - C:\sqmdata08.sqm
[01/10/2008 18:38|--ah-----|268] - C:\sqmdata09.sqm
[14/04/2007 17:05|--ah-----|268] - C:\sqmdata10.sqm
[14/04/2007 17:05|--ah-----|268] - C:\sqmdata11.sqm
[28/06/2007 19:45|--ah-----|268] - C:\sqmdata12.sqm
[28/06/2007 22:54|--ah-----|268] - C:\sqmdata13.sqm
[12/08/2007 21:20|--ah-----|268] - C:\sqmdata14.sqm
[24/09/2007 21:35|--ah-----|232] - C:\sqmdata15.sqm
[23/11/2007 11:48|--ah-----|268] - C:\sqmdata16.sqm
[26/11/2007 18:04|--ah-----|268] - C:\sqmdata17.sqm
[26/11/2007 18:04|--ah-----|232] - C:\sqmdata18.sqm
[18/02/2008 20:50|--ah-----|268] - C:\sqmdata19.sqm
[19/02/2008 00:38|--ah-----|244] - C:\sqmnoopt00.sqm
[03/03/2008 23:47|--ah-----|244] - C:\sqmnoopt01.sqm
[01/04/2008 15:32|--ah-----|136] - C:\sqmnoopt02.sqm
[22/04/2008 19:51|--ah-----|244] - C:\sqmnoopt03.sqm
[01/05/2008 10:47|--ah-----|244] - C:\sqmnoopt04.sqm
[06/07/2008 18:03|--ah-----|244] - C:\sqmnoopt05.sqm
[04/08/2008 00:19|--ah-----|244] - C:\sqmnoopt06.sqm
[06/09/2008 19:34|--ah-----|244] - C:\sqmnoopt07.sqm
[06/09/2008 19:36|--ah-----|244] - C:\sqmnoopt08.sqm
[01/10/2008 18:38|--ah-----|244] - C:\sqmnoopt09.sqm
[08/04/2007 22:43|--ah-----|244] - C:\sqmnoopt10.sqm
[14/04/2007 17:05|--ah-----|244] - C:\sqmnoopt11.sqm
[28/06/2007 19:45|--ah-----|244] - C:\sqmnoopt12.sqm
[28/06/2007 22:54|--ah-----|244] - C:\sqmnoopt13.sqm
[12/08/2007 21:20|--ah-----|244] - C:\sqmnoopt14.sqm
[24/09/2007 21:35|--ah-----|244] - C:\sqmnoopt15.sqm
[23/11/2007 11:48|--ah-----|244] - C:\sqmnoopt16.sqm
[26/11/2007 18:04|--ah-----|244] - C:\sqmnoopt17.sqm
[26/11/2007 18:04|--ah-----|244] - C:\sqmnoopt18.sqm
[18/02/2008 20:50|--ah-----|244] - C:\sqmnoopt19.sqm
[02/08/2008 21:06|--a------|1671] - C:\TCleaner.txt
[14/05/2009 16:04|--a------|6789] - C:\UsbFix.txt
[22/01/2009 21:53|-r-hs----|107882] - C:\w98.com
[13/03/2009 13:18|-r-hs----|108968] - C:\xdw.com
[27/07/2001 08:07|---hs----|0] - D:\AUTOEXEC.BAT
[09/01/2002 18:52|---hs----|244] - D:\BOOT.INI
[16/08/2001 11:26|---hs----|237728] - D:\CMLDR
[28/07/2001 06:07|---hs----|0] - D:\CONFIG.SYS
[24/05/2005 20:48|---hs----|102] - D:\Desktop.ini
[10/09/2002 02:21|---hs----|7850] - D:\Folder.htt
[17/06/2001 09:31|---hs----|0] - D:\GRAPH
[25/01/2002 02:21|---hs----|0] - D:\GRAPH16
[29/11/2004 21:01|---hs----|73728] - D:\Info.exe
[28/07/2001 06:07|---hs----|0] - D:\IO.SYS
[28/07/2001 06:07|---hs----|0] - D:\MSDOS.SYS
[25/07/2001 22:00|---hs----|45124] - D:\NTDETECT.COM
[25/07/2001 22:00|---hs----|222880] - D:\NTLDR
[09/09/2002 23:58|---hs----|181616] - D:\protect.ed
[11/09/2006 23:27|---hs----|36] - D:\SAVEFILE.DIR
[08/02/2002 01:44|---hs----|88038] - D:\Warning.bmp
[11/09/2006 23:56|---hs----|926] - D:\MASTER.LOG
[17/08/2001 00:32|---hs----|0] - D:\Ntfs
[23/05/2001 13:19|---hs----|0] - D:\Svga
[18/08/2001 00:00|---hs----|10] - D:\Win51
[21/01/2001 23:00|---hs----|11] - D:\Win51.b2
[25/07/2001 00:00|---hs----|11] - D:\Win51.rc1
[25/07/2001 05:47|---hs----|11] - D:\Win51.rc2
[18/08/2001 00:00|---hs----|10] - D:\Win51ic
[19/03/2001 23:00|---hs----|11] - D:\Win51ic.b2
[25/07/2001 00:00|---hs----|11] - D:\Win51ic.rc1
[25/07/2001 00:00|---hs----|11] - D:\Win51ic.rc2
[17/08/2001 00:00|---hs----|10] - D:\Win51ip
[21/01/2001 23:00|---hs----|11] - D:\Win51ip.b2
[25/07/2001 05:47|---hs----|11] - D:\Win51ip.rc2
[16/08/2001 22:17|---hs----|184] - D:\Winbom.ini
[11/09/2006 23:56|---hs----|6] - D:\BLOCK.RIN
[11/09/2006 23:59|---hs----|0] - D:\USER
[08/06/2008 13:25|--a------|0] - D:\testwma.raw
[19/01/2009 18:09|-r-hs----|106526] - D:\gfqgq.cmd
[20/01/2009 21:30|-r-hs----|108869] - D:\gy.exe
[22/01/2009 20:53|-r-hs----|107882] - D:\w98.com
[13/03/2009 12:18|-r-hs----|108968] - D:\xdw.com
[27/12/2002 18:44|-rahs----|324] - J:\SETTINGS.DAT
[20/06/2007 11:45|--a------|1114078] - J:\we belong together(2).mp3
[08/01/2009 14:09|--a------|5105353] - J:\Ebru Gndes )2008( - Tkenecegiz.mp3
[09/12/2008 17:46|--a------|2111237] - J:\Preview-T-3005953-Ebru Gndes )2008( - Kizil Mavi.mp3
[08/01/2009 01:54|--a------|4081760] - J:\Ebru Gndes )2008( - Sadece Sevdim.mp3
[08/12/2008 23:32|--a------|3185572] - J:\Ebru Gndes )2008( - Harika(1).mp3
[19/03/2007 20:38|--a------|4098884] - J:\Ebru Yasar - Bana Birseyler Soyle.mp3
[?|?|?] - J:\Ebru Gndes - KÕzÕl Mavi.mp3
[09/12/2008 18:09|--a------|4401416] - J:\Ebru Gndes )2008( - Evlenirmiydik.mp3
[29/06/2007 11:42|--a------|3338362] - J:\™zcan Deniz - Bir Dudaktan.mp3
[28/09/2008 19:43|--a------|3463254] - J:\Osman Yilmaz - Delale.mp3
[16/01/2008 18:42|--a------|4849498] - J:\Guclu Soydemir - Seni Cok Seviyorum.wma
[20/01/2008 16:22|--a------|1946179] - J:\oy g”resim geldi.mp3
[16/03/2008 14:16|--a------|613535] - J:\Babyface & Mariah Carey - Every Time I Close My Eyes.wma
[11/01/2009 16:14|--a------|4284507] - J:\ebru_ismail_yk(1).mp3
[06/02/2008 22:20|--a------|2545057] - J:\Ceylan fea Izzet Yildizhan-Kstm.wma
[06/04/2008 18:29|--a------|24576] - J:\CV.doc
[30/01/2009 13:45|--a------|2829043] - J:\Hadise_-_Dum_Tek_Tek.mp3
[30/01/2008 16:14|--a------|6354487] - J:\Sehribana Kurdi - Leyla Zana.mp3
[07/10/2008 12:10|--a------|2799836] - J:\Osman Yilmaz Krt‡e Halay.wma
[31/05/2008 23:39|--a------|3325745] - J:\02-Git G”r Gnn.mp3
[17/01/2009 17:23|--a------|1033240] - J:\Grup Seyran Cano 2.mp3
[13/03/2007 22:12|--a------|3972660] - J:\rojda-gulrengdarin.mp3
[13/04/2007 12:20|--a------|6846380] - J:\Hakan Altun - 05 - Sormuyorum.mp3
[20/05/2008 18:45|--a------|4148289] - J:\BU AYRILIK NEDEN OLDU.MP3
[16/03/2008 14:18|--a------|7164224] - J:\02 Crazy in Love(1).wma
[27/12/2008 21:52|--a------|1195096] - J:\1-Dil-Nikare.wma
[11/12/2007 19:38|--a------|2948955] - J:\Sami Yusuf - Supplication(1).mp3
[10/05/2008 23:18|--a------|3579865] - J:\HOZAN SERHAT in SIIRI-dino_ruha.mp3
[01/05/2007 12:32|--a------|4966276] - J:\CANSEVER - Terketmek Ne Kadar Kolay.mp3
[11/11/2008 00:10|--a------|3566117] - J:\04 - Ferhat Gocer - Asklarin En Guzeli.mp3
[01/11/2007 12:50|--a------|786734] - J:\shilan.yara-min.wma
[18/01/2008 22:46|--a------|3811336] - J:\Kck Ibo - Anacim.mp3
[05/02/2008 15:07|--a------|4435845] - J:\Delila u Arges - Welatcan.mp3
[08/03/2008 19:42|--a------|5685857] - J:\09 Nerdesin.mp3
[12/05/2008 23:32|--a------|19968] - J:\MENIS Nø1.doc
[19/03/2006 18:13|---hs----|11776] - J:\Thumbs.db
[20/01/2008 15:48|--a------|5871117] - J:\Serif Kayran - 06 - Her Biji Birati (( Det & G”nl Dilan.Murat Akgn )).mp3
[01/11/2007 13:17|--a------|4279753] - J:\KaDiR - G”tr Beni Gittigin Yere 2007 www.kadirs.at.tt.mp3
[19/05/2008 18:55|--a------|4254868] - J:\Cok Sevdim.mp3
[20/05/2007 15:20|--a------|6095468] - J:\08 Unutursun.mp3
[05/02/2008 15:13|--a------|2723465] - J:\Sipan Xelate - Yara Min.mp3
[10/04/2007 13:51|--a------|3140921] - J:\Koma Azad - Ax Kurdistan (GantlemaNN).mp3
[31/05/2007 22:10|--a------|4926315] - J:\Diyar - Ew dilemin Sewti Daye.mp3
[24/01/2008 20:55|--a------|5909465] - J:\10 Yalniz Yurumek.mp3
[10/04/2007 14:09|--a------|7998589] - J:\Wallen- Akhenaton- Algerino - Parce Qu'on Y Croit.mp3
[08/01/2009 16:14|--a------|1992758] - J:\Kurtce-kurdish Beyto Can - Lo Dilo.mp3
[17/04/2007 17:58|--a------|5404588] - J:\Ebru Gndes - Kacak 2@V@6 - 07 - Saygilarimla.mp3
[24/08/2008 21:03|--a------|4424559] - J:\ALisan )2008( - GidebiLen Hic OLmadim.mp3
[17/05/2007 16:13|--a------|3465715] - J:\Yavuz Bingol - Uzaktan Sevdim (.mp3
[16/01/2008 19:15|--a------|3700132] - J:\MAHSUN KIRMIZIGšL GUNAH.mp3
[19/03/2007 20:53|--a------|4031195] - J:\Emrah - Sabir.mp3
[31/01/2008 19:48|--a------|6613904] - J:\ankarali namik-ah babam sag olsaydi.mp3
[?|?|?] - J:\Ugur Karakus - 09 Cane.mp3
[10/04/2007 23:51|--a------|3855673] - J:\Yalin (2007) - Gle Gle.mp3
[25/02/2009 16:32|--a------|5782008] - J:\Koma Mazluman - Xetice.mp3
[26/02/2009 23:14|--a------|3520431] - J:\koma mazlum esmara mÕn.mp3
[26/02/2009 23:58|--a------|5450939] - J:\Koma MazLum - Buhuri.mp3
[?|?|?] - J:\mazlum dogan!!s.mp3
[26/02/2009 22:48|--a------|4184522] - J:\Koma MazLum - Firar.mp3
[23/05/2008 21:42|--a------|4805321] - J:\GšLE.mp3
[07/03/2009 00:44|--a------|4277019] - J:\06.wer ser tirbamin.mp3
[29/06/2007 00:22|-r-h-----|51790] - J:\winamp_cache_0001.xml
[26/02/2009 23:32|--a------|5527137] - J:\02 - KOMA ZOZAN - GULE - KO€A BARKIR.mp3
[03/03/2009 15:18|--a------|3979620] - J:\Dsman - Serdar Orta‡ & Hadise.wma
[02/03/2009 12:15|--a------|3569332] - J:\AHMET KAYA OY BENIM CANIM.mp3
[14/01/2008 14:53|--a------|3253020] - J:\™zlem Ay - Ne Olur.mp3
[14/01/2008 22:50|--a------|4195517] - J:\Nihat Dogan - O Beni ™ldrecek.mp3
[25/05/2007 23:54|--a------|3305468] - J:\Ne Kavgam Bitti Ne Sevdam.mp3
[12/05/2008 23:41|--a------|6759653] - J:\MK. EVRA 2 GULUMCAN.mp3
[22/05/2008 13:13|--a------|22016] - J:\COURRIER DU 20 05 2008.doc
[14/01/2008 15:12|--a------|4408578] - J:\Ozlem Ay Nilfer Ay feat Selcuk Sahin - Git.mp3
[13/05/2008 15:14|--a------|19968] - J:\MENIS MAIRIE.doc
[17/05/2008 13:25|--a------|20480] - J:\MENIS MAIRIE Nø2.doc
[14/08/2008 21:55|--a------|22528] - J:\PROMESSE D'EMBAUCHE EXEMP..doc
[17/08/2008 13:00|--a------|23040] - J:\PROMESSE D'EMBAUCHE Nø 1.doc
[27/08/2008 22:06|--a------|22016] - J:\COURRIER CENTRE FINANCIER LA POSTE 26 08 2008.doc
[10/09/2008 11:43|--a------|21504] - J:\COURRIER DDDT 10 09 2008.doc
[11/09/2008 14:37|--a------|1972026] - J:\constat_001.jpg
[15/01/2009 12:58|--a------|23552] - J:\COURRIER FREFECTURE DU 29 12 2008.doc
[29/12/2008 17:33|--a------|625683] - J:\PROMESSE D'EMBAUCHE.JPG
[23/01/2008 12:02|--a------|20992] - J:\COURRIER (acte) DU 23 01 2008.doc
[23/01/2008 02:25|--a------|20992] - J:\COURRIER DU 23 01 2008.doc
[30/04/2008 00:58|--a------|21504] - J:\COURRIER DU 29 04 2008.doc

################## [ Vaccination ]

# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# J:\autorun.inf -> Folder created by UsbFix.

################## [ Cracks / Keygens / Serials ]

# -> Nothing found !

################## [ ! Fin du rapport # UsbFix V3.019 ! ]
0
Utilisateur anonyme > sibel49 Messages postés 146 Statut Membre
 
bon maintenant, fait le post n°21
0
Réponse 12 / 25
sibel49 Messages postés 146 Statut Membre 4
 
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : NESS ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 6.38.0.225
(Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Activated)
C:\ (Local Disk) - NTFS - Total:142 Go (Free:100 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB) - FAT32 - Total:495 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 14/05/2009|16:12 )

--------------------\\ Listing des dossiers dans APPLIC~1

[15/11/2005|04:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[12/09/2006|06:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[12/09/2006|05:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[11/03/2007|15:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[03/03/2009|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[30/04/2009|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\10397
[22/03/2009|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1122F
[13/04/2009|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1177
[23/04/2009|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\122FD
[07/05/2009|13:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\12BF
[06/05/2009|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\13157
[28/02/2009|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\13251
[06/03/2009|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\142AF
[26/04/2009|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\15151
[06/05/2009|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\161E4
[30/03/2009|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1634B
[14/03/2009|23:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\172CE
[25/02/2009|01:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\18138
[14/12/2008|17:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\181E4
[11/05/2009|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\191D5
[26/02/2009|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\198C
[07/04/2009|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1A138
[26/02/2009|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1A7D
[16/02/2009|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B188
[25/04/2009|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B1B5
[03/05/2009|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B203
[24/01/2009|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B399
[13/05/2009|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B5D
[12/04/2009|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B7D
[15/02/2009|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1C1E3
[30/12/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1C3E
[02/05/2009|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1D186
[18/12/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1D2CE
[12/03/2009|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1DDA
[23/04/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1E29
[12/12/2008|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1E3AE
[25/01/2009|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1E7D
[05/05/2009|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1F1D4
[29/04/2009|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\20253
[27/03/2009|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2038A
[23/12/2008|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\216D
[17/01/2009|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\21C3
[10/01/2009|01:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\21FA
[12/04/2009|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\22186
[14/03/2009|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\22221
[11/01/2009|02:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\22287
[21/01/2009|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2232C
[02/04/2009|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\229C
[04/04/2009|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\231D4
[17/12/2008|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\236D
[03/04/2009|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\23DB
[04/12/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\241E4
[28/04/2009|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\26135
[13/05/2009|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\26203
[01/01/2009|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\262AF
[14/05/2009|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\262BF
[12/04/2009|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\269C
[11/03/2009|01:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\26D8
[10/05/2009|23:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2715E
[04/05/2009|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\27222
[08/05/2009|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2735B
[18/04/2009|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\27FA
[28/03/2009|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\28368
[24/03/2009|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\29167
[17/02/2009|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\293A9
[13/12/2008|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\299C
[10/12/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2A2EE
[12/05/2009|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2A31C
[31/03/2009|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2A32C
[26/01/2009|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2A8C
[27/12/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2BBB
[27/04/2009|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2BFA
[13/05/2009|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2C14F
[11/05/2009|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2C2FD
[14/04/2009|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2D232
[18/04/2009|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2D251
[12/05/2009|15:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2D399
[02/04/2009|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2D3A9
[12/02/2009|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2D4B
[28/03/2009|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2DA
[31/03/2009|00:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2F1CF
[09/01/2009|00:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2F3C8
[07/02/2009|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\30251
[16/04/2009|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\30261
[27/02/2009|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\30290
[17/04/2009|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\303B9
[17/02/2009|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\330
[03/02/2009|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\33119
[01/03/2009|15:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\331C5
[06/03/2009|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3338A
[26/03/2009|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\335D
[25/03/2009|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\33FA
[18/12/2008|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\341E7
[15/12/2008|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\34257
[28/02/2009|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\346D
[30/03/2009|00:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\351C5
[09/05/2009|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\351F4
[13/05/2009|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\353C8
[06/04/2009|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\360
[10/12/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\36167
[28/01/2009|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\36168
[03/05/2009|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\36261
[21/04/2009|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3628E
[04/01/2009|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\368C
[18/12/2008|05:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\37119
[19/02/2009|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\37138
[13/12/2008|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\37177
[04/04/2009|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\37290
[24/04/2009|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3734B
[25/01/2009|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\373E
[06/12/2008|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38153
[29/04/2009|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38290
[01/02/2009|23:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38CB
[19/12/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38DA
[26/03/2009|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38F
[17/03/2009|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3A1D4
[10/05/2009|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3A1F4
[28/12/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3A38A
[14/05/2009|10:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3A5D
[20/04/2009|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3B119
[05/05/2009|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3B167
[13/01/2009|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3B2E
[30/03/2009|13:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3B3C8
[10/03/2009|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\45D
[23/02/2009|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\47D
[08/04/2009|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4CB
[05/01/2009|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\52EE
[01/04/2009|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\536B
[15/01/2009|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\6111
[28/01/2009|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\729F
[04/12/2008|22:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\72B4
[19/04/2009|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\72FD
[10/05/2009|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\8372
[25/02/2009|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\89C
[10/05/2009|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\9128
[07/12/2008|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\A2CE
[09/04/2009|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ADA
[29/02/2008|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[25/04/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
[03/03/2009|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[03/03/2009|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[20/02/2009|13:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\B213
[22/04/2009|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\B280
[15/04/2009|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\B9C
[11/04/2009|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\C0
[06/04/2009|01:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\C36B
[31/07/2008|23:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[11/01/2009|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\D0
[20/12/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\E2DE
[02/05/2009|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\E75
[03/04/2009|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F333
[21/12/2008|01:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F395
[03/01/2009|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F8C
[12/05/2009|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[13/05/2009|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[12/09/2006|06:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[21/12/2006|02:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[12/09/2006|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[25/04/2008|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[02/08/2008|00:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[06/05/2009|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[10/01/2009|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/03/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[16/06/2007|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[06/05/2009|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
[06/06/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sage
[12/09/2006|05:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[12/09/2006|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[06/02/2009|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeakyChat
[04/08/2008|01:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[11/04/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[11/06/2007|23:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[31/03/2007|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/02/2008|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08/08/2008|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[15/11/2005|04:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/09/2006|06:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/09/2006|05:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[11/03/2007|15:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec


[27/02/2008|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[12/09/2006|05:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[03/04/2009|01:22] C:\DOCUME~1\NESS\APPLIC~1\Adobe
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\AdobeUM
[04/03/2009|15:45] C:\DOCUME~1\NESS\APPLIC~1\Apple Computer
[28/01/2009|22:33] C:\DOCUME~1\NESS\APPLIC~1\BearShare
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\Google
[01/03/2009|18:28] C:\DOCUME~1\NESS\APPLIC~1\gtk-2.0
[16/06/2007|17:41] C:\DOCUME~1\NESS\APPLIC~1\Hewlett-Packard
[10/11/2007|21:39] C:\DOCUME~1\NESS\APPLIC~1\HP
[06/05/2007|12:53] C:\DOCUME~1\NESS\APPLIC~1\HPQ
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\Identities
[19/11/2007|18:50] C:\DOCUME~1\NESS\APPLIC~1\Image Zone Express
[16/11/2007|14:51] C:\DOCUME~1\NESS\APPLIC~1\Leadertech
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\Macromedia
[02/08/2008|19:23] C:\DOCUME~1\NESS\APPLIC~1\Malwarebytes
[10/01/2009|15:02] C:\DOCUME~1\NESS\APPLIC~1\Microsoft
[21/10/2008|18:03] C:\DOCUME~1\NESS\APPLIC~1\Mozilla
[30/09/2007|20:38] C:\DOCUME~1\NESS\APPLIC~1\muvee Technologies
[18/11/2007|22:27] C:\DOCUME~1\NESS\APPLIC~1\Printer Info Cache
[05/10/2008|01:03] C:\DOCUME~1\NESS\APPLIC~1\Real
[01/08/2008|20:10] C:\DOCUME~1\NESS\APPLIC~1\StarOffice8
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\Sun
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\Symantec
[31/07/2008|18:16] C:\DOCUME~1\NESS\APPLIC~1\Talkback
[14/09/2008|17:14] C:\DOCUME~1\NESS\APPLIC~1\Template
[12/11/2007|20:12] C:\DOCUME~1\NESS\APPLIC~1\WinRAR

[20/02/2008|02:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[14/05/2009 16:00][--ah-----] C:\WINDOWS\tasks\A5BD976F918A0813.job
[14/05/2009 16:02][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[12/05/2009 19:31][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/05/2009 16:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

( A5BD976F918A0813.job )=( c:\docume~1\hp_adm~1\applic~1\storeh~1\parthtmhide.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[16/08/2008|18:20] C:\Program Files\Adobe
[22/05/2007|22:04] C:\Program Files\Alice_Triway_WiFi
[25/04/2008|20:20] C:\Program Files\AntiVir PersonalEdition Classic
[03/03/2009|22:12] C:\Program Files\Apple Software Update
[16/11/2007|23:17] C:\Program Files\Autofr
[04/12/2008|19:19] C:\Program Files\BearShare Applications
[03/03/2009|22:14] C:\Program Files\Bonjour
[08/08/2008|21:06] C:\Program Files\CCleaner
[30/09/2007|22:05] C:\Program Files\Cdiscount photos
[12/11/2005|02:09] C:\Program Files\ComPlus Applications
[03/05/2008|15:35] C:\Program Files\Creative Zone
[12/09/2006|05:47] C:\Program Files\DivX
[12/09/2006|06:01] C:\Program Files\EasyBits
[03/03/2009|22:11] C:\Program Files\Fichiers communs
[24/02/2007|14:20] C:\Program Files\FrenchOtto
[05/09/2007|18:50] C:\Program Files\FSX_Screensaver
[04/06/2007|20:30] C:\Program Files\GecoMaes
[24/02/2007|14:20] C:\Program Files\GemMasterFrench
[04/02/2007|22:23] C:\Program Files\Generic
[22/12/2006|20:56] C:\Program Files\Generic(2)
[09/02/2009|01:53] C:\Program Files\GIMP-2.0
[13/05/2009|18:36] C:\Program Files\Google
[12/09/2006|06:01] C:\Program Files\Hewlett-Packard
[31/07/2008|23:07] C:\Program Files\HP
[12/09/2006|05:40] C:\Program Files\HP DigitalMedia Archive
[05/03/2009|20:32] C:\Program Files\iMesh Applications
[04/06/2007|20:42] C:\Program Files\ImmoMaes
[01/08/2008|23:02] C:\Program Files\InstallShield Installation Information
[24/04/2009|20:57] C:\Program Files\Internet Explorer
[03/03/2009|22:14] C:\Program Files\iPod
[03/03/2009|22:14] C:\Program Files\iTunes
[01/08/2008|22:55] C:\Program Files\Java
[12/05/2007|19:21] C:\Program Files\Logitech
[29/08/2008|13:49] C:\Program Files\Lopxp
[11/01/2007|22:28] C:\Program Files\LtUcx
[06/05/2007|00:44] C:\Program Files\Macrogaming
[13/05/2009|22:12] C:\Program Files\Malwarebytes' Anti-Malware
[08/05/2007|15:43] C:\Program Files\Messenger
[18/04/2009|21:03] C:\Program Files\Messenger Plus! Live
[17/12/2008|17:02] C:\Program Files\Microsoft
[22/11/2007|14:39] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[20/03/2007|23:40] C:\Program Files\microsoft frontpage
[26/02/2007|22:16] C:\Program Files\Microsoft Office
[17/12/2008|17:05] C:\Program Files\Microsoft Silverlight
[21/11/2007|21:22] C:\Program Files\Microsoft SQL Server Compact Edition
[24/02/2007|14:20] C:\Program Files\Microsoft Works
[30/09/2007|22:05] C:\Program Files\Movie Maker
[12/05/2009|22:07] C:\Program Files\Mozilla Firefox
[10/01/2009|01:56] C:\Program Files\MSN
[15/11/2005|04:25] C:\Program Files\MSN Gaming Zone
[18/04/2009|21:03] C:\Program Files\MSN Messenger
[23/12/2006|22:22] C:\Program Files\MSXML 4.0
[20/10/2007|23:51] C:\Program Files\muvee Technologies
[29/08/2008|13:49] C:\Program Files\Navilog1
[15/11/2005|04:25] C:\Program Files\NetMeeting
[11/03/2007|15:28] C:\Program Files\Norton Save and Restore
[15/11/2005|04:25] C:\Program Files\Online Services
[13/06/2007|15:03] C:\Program Files\Outlook Express
[01/08/2008|23:02] C:\Program Files\PMSSAARI
[03/03/2009|22:13] C:\Program Files\QuickTime
[12/09/2006|05:40] C:\Program Files\Real
[04/06/2007|20:46] C:\Program Files\Sage
[08/05/2008|21:17] C:\Program Files\Samsung
[12/09/2006|06:03] C:\Program Files\Services en ligne
[14/05/2009|14:48] C:\Program Files\SohbetLive Script v5.1
[12/09/2006|05:41] C:\Program Files\Sonic
[06/05/2009|20:42] C:\Program Files\StoreHope
[01/08/2008|22:37] C:\Program Files\Sun
[25/01/2007|18:57] C:\Program Files\Supercross Kings
[14/05/2009|14:40] C:\Program Files\Trend Micro
[04/06/2007|20:46] C:\Program Files\Uninstall Information
[14/03/2007|03:12] C:\Program Files\Winamp
[10/01/2009|19:38] C:\Program Files\Windows Live
[23/10/2008|21:15] C:\Program Files\Windows Live Safety Center
[17/12/2008|17:02] C:\Program Files\Windows Live SkyDrive
[17/12/2008|17:04] C:\Program Files\Windows Live Toolbar
[24/12/2006|00:57] C:\Program Files\Windows Media Player
[15/11/2005|04:25] C:\Program Files\Windows NT
[15/11/2005|04:25] C:\Program Files\Windows Plus
[12/11/2005|02:09] C:\Program Files\WindowsUpdate
[11/11/2007|20:45] C:\Program Files\WinRAR
[15/11/2005|04:26] C:\Program Files\xerox
[08/08/2008|21:05] C:\Program Files\Yahoo!
[03/08/2008|13:53] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[29/02/2008|22:30] C:\Program Files\Fichiers communs\Adobe
[03/03/2009|22:14] C:\Program Files\Fichiers communs\Apple
[20/03/2007|23:43] C:\Program Files\Fichiers communs\Designer
[12/05/2007|19:21] C:\Program Files\Fichiers communs\FotoWire
[21/12/2006|02:10] C:\Program Files\Fichiers communs\Hewlett-Packard
[12/09/2006|05:35] C:\Program Files\Fichiers communs\HP
[12/09/2006|05:59] C:\Program Files\Fichiers communs\InstallShield
[12/09/2006|05:16] C:\Program Files\Fichiers communs\Java
[12/09/2006|05:42] C:\Program Files\Fichiers communs\LightScribe
[21/12/2006|01:51] C:\Program Files\Fichiers communs\Logitech
[12/09/2006|05:42] C:\Program Files\Fichiers communs\LS Getting Started
[17/12/2008|17:02] C:\Program Files\Fichiers communs\Microsoft Shared
[15/11/2005|04:24] C:\Program Files\Fichiers communs\MSSoap
[20/10/2007|23:30] C:\Program Files\Fichiers communs\muvee Technologies
[17/09/2007|21:01] C:\Program Files\Fichiers communs\NSV
[31/07/2008|00:36] C:\Program Files\Fichiers communs\Nullsoft
[15/11/2005|04:24] C:\Program Files\Fichiers communs\ODBC
[05/10/2008|01:04] C:\Program Files\Fichiers communs\Real
[01/08/2008|23:02] C:\Program Files\Fichiers communs\SAGE
[15/11/2005|04:24] C:\Program Files\Fichiers communs\Services
[12/09/2006|05:41] C:\Program Files\Fichiers communs\Sonic Shared
[15/11/2005|04:24] C:\Program Files\Fichiers communs\SpeechEngines
[12/09/2006|05:41] C:\Program Files\Fichiers communs\SureThing Shared
[04/08/2008|01:57] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|15:03] C:\Program Files\Fichiers communs\System
[12/09/2006|05:42] C:\Program Files\Fichiers communs\TiVo Shared
[17/12/2008|16:43] C:\Program Files\Fichiers communs\Windows Live
[21/11/2007|21:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 35 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\BASH CREATIVE.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\Iso ace.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\Show eq.dat
C:\Program Files\StoreHope
C:\Program Files\storeh~1
C:\DOCUME~1\NESS\LOCALS~1\Temp\nsb40C.tmp.exe
C:\DOCUME~1\NESS\LOCALS~1\Temp\nsi3A4.tmp.exe
C:\DOCUME~1\NESS\LOCALS~1\Temp\nsj35E.tmp.exe
C:\DOCUME~1\NESS\LOCALS~1\Temp\nsp350.tmp.exe
C:\DOCUME~1\NESS\LOCALS~1\Temp\nsq1B4.tmp.exe
C:\DOCUME~1\NESS\LOCALS~1\Temp\nsq385.tmp
C:\DOCUME~1\NESS\LOCALS~1\Temp\nsr375.tmp.exe
C:\DOCUME~1\NESS\LOCALS~1\Temp\nsw37D.tmp.exe
C:\DOCUME~1\NESS\Cookies\ness@advertising[1].txt
C:\WINDOWS\Tasks\A5BD976F918A0813.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Amok Eggs Four Web"="C:\\Documents and Settings\\All Users\\Application Data\\part dead amok eggs\\BASH CREATIVE.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-14 16:14:23
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 80

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:4749][D:52]-> C:\DOCUME~1\NESS\LOCALS~1\Temp
[F:36][D:0]-> C:\DOCUME~1\NESS\Cookies
[F:2042][D:16]-> C:\DOCUME~1\NESS\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 14/05/2009|16:15 - Option : [1]

--------------------\\ Fin du rapport a 16:15:46
0
Utilisateur anonyme
 
double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option "Suppression "
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
0
sibel49 Messages postés 146 Statut Membre 4 > Utilisateur anonyme
 
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : NESS ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 6.38.0.225
(Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Activated)
C:\ (Local Disk) - NTFS - Total:142 Go (Free:100 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB) - FAT32 - Total:495 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 14/05/2009|16:34 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\BASH CREATIVE.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\Iso ace.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs\Show eq.dat
Supprime! - C:\DOCUME~1\NESS\LOCALS~1\Temp\nsb40C.tmp.exe
Supprime! - C:\DOCUME~1\NESS\LOCALS~1\Temp\nsi3A4.tmp.exe
Supprime! - C:\DOCUME~1\NESS\LOCALS~1\Temp\nsj35E.tmp.exe
Supprime! - C:\DOCUME~1\NESS\LOCALS~1\Temp\nsp350.tmp.exe
Supprime! - C:\DOCUME~1\NESS\LOCALS~1\Temp\nsq1B4.tmp.exe
Supprime! - C:\DOCUME~1\NESS\LOCALS~1\Temp\nsq385.tmp
Supprime! - C:\DOCUME~1\NESS\LOCALS~1\Temp\nsr375.tmp.exe
Supprime! - C:\DOCUME~1\NESS\LOCALS~1\Temp\nsw37D.tmp.exe
Supprime! - C:\DOCUME~1\NESS\Cookies\ness@advertising[1].txt
Supprime! - C:\WINDOWS\Tasks\A5BD976F918A0813.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
Supprime! - C:\Program Files\StoreHope

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[15/11/2005|04:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[12/09/2006|06:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[12/09/2006|05:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[11/03/2007|15:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[03/03/2009|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[30/04/2009|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\10397
[22/03/2009|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1122F
[13/04/2009|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1177
[23/04/2009|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\122FD
[07/05/2009|13:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\12BF
[06/05/2009|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\13157
[28/02/2009|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\13251
[06/03/2009|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\142AF
[26/04/2009|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\15151
[06/05/2009|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\161E4
[30/03/2009|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1634B
[14/03/2009|23:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\172CE
[25/02/2009|01:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\18138
[14/12/2008|17:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\181E4
[11/05/2009|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\191D5
[26/02/2009|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\198C
[07/04/2009|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1A138
[26/02/2009|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1A7D
[16/02/2009|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B188
[25/04/2009|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B1B5
[03/05/2009|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B203
[24/01/2009|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B399
[13/05/2009|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B5D
[12/04/2009|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1B7D
[15/02/2009|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1C1E3
[30/12/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1C3E
[02/05/2009|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1D186
[18/12/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1D2CE
[12/03/2009|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1DDA
[23/04/2009|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1E29
[12/12/2008|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1E3AE
[25/01/2009|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1E7D
[05/05/2009|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1F1D4
[29/04/2009|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\20253
[27/03/2009|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2038A
[23/12/2008|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\216D
[17/01/2009|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\21C3
[10/01/2009|01:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\21FA
[12/04/2009|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\22186
[14/03/2009|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\22221
[11/01/2009|02:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\22287
[21/01/2009|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2232C
[02/04/2009|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\229C
[04/04/2009|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\231D4
[17/12/2008|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\236D
[03/04/2009|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\23DB
[04/12/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\241E4
[28/04/2009|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\26135
[13/05/2009|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\26203
[01/01/2009|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\262AF
[14/05/2009|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\262BF
[12/04/2009|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\269C
[11/03/2009|01:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\26D8
[10/05/2009|23:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2715E
[04/05/2009|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\27222
[08/05/2009|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2735B
[18/04/2009|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\27FA
[28/03/2009|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\28368
[24/03/2009|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\29167
[17/02/2009|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\293A9
[13/12/2008|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\299C
[10/12/2008|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2A2EE
[12/05/2009|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2A31C
[31/03/2009|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2A32C
[26/01/2009|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2A8C
[27/12/2008|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2BBB
[27/04/2009|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2BFA
[13/05/2009|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2C14F
[11/05/2009|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2C2FD
[14/04/2009|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2D232
[18/04/2009|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2D251
[12/05/2009|15:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2D399
[02/04/2009|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2D3A9
[12/02/2009|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2D4B
[28/03/2009|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2DA
[31/03/2009|00:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2F1CF
[09/01/2009|00:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2F3C8
[07/02/2009|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\30251
[16/04/2009|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\30261
[27/02/2009|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\30290
[17/04/2009|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\303B9
[17/02/2009|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\330
[03/02/2009|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\33119
[01/03/2009|15:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\331C5
[06/03/2009|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3338A
[26/03/2009|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\335D
[25/03/2009|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\33FA
[18/12/2008|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\341E7
[15/12/2008|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\34257
[28/02/2009|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\346D
[30/03/2009|00:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\351C5
[09/05/2009|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\351F4
[13/05/2009|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\353C8
[06/04/2009|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\360
[10/12/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\36167
[28/01/2009|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\36168
[03/05/2009|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\36261
[21/04/2009|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3628E
[04/01/2009|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\368C
[18/12/2008|05:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\37119
[19/02/2009|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\37138
[13/12/2008|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\37177
[04/04/2009|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\37290
[24/04/2009|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3734B
[25/01/2009|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\373E
[06/12/2008|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38153
[29/04/2009|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38290
[01/02/2009|23:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38CB
[19/12/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38DA
[26/03/2009|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\38F
[17/03/2009|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3A1D4
[10/05/2009|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3A1F4
[28/12/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3A38A
[14/05/2009|10:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3A5D
[20/04/2009|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3B119
[05/05/2009|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3B167
[13/01/2009|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3B2E
[30/03/2009|13:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\3B3C8
[10/03/2009|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\45D
[23/02/2009|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\47D
[08/04/2009|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4CB
[05/01/2009|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\52EE
[01/04/2009|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\536B
[15/01/2009|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\6111
[28/01/2009|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\729F
[04/12/2008|22:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\72B4
[19/04/2009|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\72FD
[10/05/2009|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\8372
[25/02/2009|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\89C
[10/05/2009|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\9128
[07/12/2008|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\A2CE
[09/04/2009|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ADA
[29/02/2008|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[25/04/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
[03/03/2009|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[03/03/2009|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[20/02/2009|13:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\B213
[22/04/2009|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\B280
[15/04/2009|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\B9C
[11/04/2009|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\C0
[06/04/2009|01:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\C36B
[31/07/2008|23:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[11/01/2009|15:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\D0
[20/12/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\E2DE
[02/05/2009|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\E75
[03/04/2009|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F333
[21/12/2008|01:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F395
[03/01/2009|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F8C
[12/05/2009|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[13/05/2009|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[12/09/2006|06:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[21/12/2006|02:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[12/09/2006|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[25/04/2008|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[02/08/2008|00:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[06/05/2009|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[10/01/2009|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/03/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[16/06/2007|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[06/06/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sage
[12/09/2006|05:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[12/09/2006|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[06/02/2009|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeakyChat
[04/08/2008|01:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[11/04/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[11/06/2007|23:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[31/03/2007|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/02/2008|02:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08/08/2008|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[15/11/2005|04:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/09/2006|06:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/09/2006|05:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[11/03/2007|15:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec


[27/02/2008|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[12/09/2006|05:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[03/04/2009|01:22] C:\DOCUME~1\NESS\APPLIC~1\Adobe
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\AdobeUM
[04/03/2009|15:45] C:\DOCUME~1\NESS\APPLIC~1\Apple Computer
[28/01/2009|22:33] C:\DOCUME~1\NESS\APPLIC~1\BearShare
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\Google
[01/03/2009|18:28] C:\DOCUME~1\NESS\APPLIC~1\gtk-2.0
[16/06/2007|17:41] C:\DOCUME~1\NESS\APPLIC~1\Hewlett-Packard
[10/11/2007|21:39] C:\DOCUME~1\NESS\APPLIC~1\HP
[06/05/2007|12:53] C:\DOCUME~1\NESS\APPLIC~1\HPQ
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\Identities
[19/11/2007|18:50] C:\DOCUME~1\NESS\APPLIC~1\Image Zone Express
[16/11/2007|14:51] C:\DOCUME~1\NESS\APPLIC~1\Leadertech
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\Macromedia
[02/08/2008|19:23] C:\DOCUME~1\NESS\APPLIC~1\Malwarebytes
[10/01/2009|15:02] C:\DOCUME~1\NESS\APPLIC~1\Microsoft
[21/10/2008|18:03] C:\DOCUME~1\NESS\APPLIC~1\Mozilla
[30/09/2007|20:38] C:\DOCUME~1\NESS\APPLIC~1\muvee Technologies
[18/11/2007|22:27] C:\DOCUME~1\NESS\APPLIC~1\Printer Info Cache
[05/10/2008|01:03] C:\DOCUME~1\NESS\APPLIC~1\Real
[01/08/2008|20:10] C:\DOCUME~1\NESS\APPLIC~1\StarOffice8
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\Sun
[11/03/2007|15:29] C:\DOCUME~1\NESS\APPLIC~1\Symantec
[31/07/2008|18:16] C:\DOCUME~1\NESS\APPLIC~1\Talkback
[14/09/2008|17:14] C:\DOCUME~1\NESS\APPLIC~1\Template
[12/11/2007|20:12] C:\DOCUME~1\NESS\APPLIC~1\WinRAR

[20/02/2008|02:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[14/05/2009 16:02][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[12/05/2009 19:31][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/05/2009 16:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[16/08/2008|18:20] C:\Program Files\Adobe
[22/05/2007|22:04] C:\Program Files\Alice_Triway_WiFi
[25/04/2008|20:20] C:\Program Files\AntiVir PersonalEdition Classic
[03/03/2009|22:12] C:\Program Files\Apple Software Update
[16/11/2007|23:17] C:\Program Files\Autofr
[04/12/2008|19:19] C:\Program Files\BearShare Applications
[03/03/2009|22:14] C:\Program Files\Bonjour
[08/08/2008|21:06] C:\Program Files\CCleaner
[30/09/2007|22:05] C:\Program Files\Cdiscount photos
[12/11/2005|02:09] C:\Program Files\ComPlus Applications
[03/05/2008|15:35] C:\Program Files\Creative Zone
[12/09/2006|05:47] C:\Program Files\DivX
[12/09/2006|06:01] C:\Program Files\EasyBits
[03/03/2009|22:11] C:\Program Files\Fichiers communs
[24/02/2007|14:20] C:\Program Files\FrenchOtto
[05/09/2007|18:50] C:\Program Files\FSX_Screensaver
[04/06/2007|20:30] C:\Program Files\GecoMaes
[24/02/2007|14:20] C:\Program Files\GemMasterFrench
[04/02/2007|22:23] C:\Program Files\Generic
[22/12/2006|20:56] C:\Program Files\Generic(2)
[09/02/2009|01:53] C:\Program Files\GIMP-2.0
[13/05/2009|18:36] C:\Program Files\Google
[12/09/2006|06:01] C:\Program Files\Hewlett-Packard
[31/07/2008|23:07] C:\Program Files\HP
[12/09/2006|05:40] C:\Program Files\HP DigitalMedia Archive
[05/03/2009|20:32] C:\Program Files\iMesh Applications
[04/06/2007|20:42] C:\Program Files\ImmoMaes
[01/08/2008|23:02] C:\Program Files\InstallShield Installation Information
[24/04/2009|20:57] C:\Program Files\Internet Explorer
[03/03/2009|22:14] C:\Program Files\iPod
[03/03/2009|22:14] C:\Program Files\iTunes
[01/08/2008|22:55] C:\Program Files\Java
[12/05/2007|19:21] C:\Program Files\Logitech
[29/08/2008|13:49] C:\Program Files\Lopxp
[11/01/2007|22:28] C:\Program Files\LtUcx
[06/05/2007|00:44] C:\Program Files\Macrogaming
[13/05/2009|22:12] C:\Program Files\Malwarebytes' Anti-Malware
[08/05/2007|15:43] C:\Program Files\Messenger
[18/04/2009|21:03] C:\Program Files\Messenger Plus! Live
[17/12/2008|17:02] C:\Program Files\Microsoft
[22/11/2007|14:39] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[20/03/2007|23:40] C:\Program Files\microsoft frontpage
[26/02/2007|22:16] C:\Program Files\Microsoft Office
[17/12/2008|17:05] C:\Program Files\Microsoft Silverlight
[21/11/2007|21:22] C:\Program Files\Microsoft SQL Server Compact Edition
[24/02/2007|14:20] C:\Program Files\Microsoft Works
[30/09/2007|22:05] C:\Program Files\Movie Maker
[12/05/2009|22:07] C:\Program Files\Mozilla Firefox
[10/01/2009|01:56] C:\Program Files\MSN
[15/11/2005|04:25] C:\Program Files\MSN Gaming Zone
[18/04/2009|21:03] C:\Program Files\MSN Messenger
[23/12/2006|22:22] C:\Program Files\MSXML 4.0
[20/10/2007|23:51] C:\Program Files\muvee Technologies
[29/08/2008|13:49] C:\Program Files\Navilog1
[15/11/2005|04:25] C:\Program Files\NetMeeting
[11/03/2007|15:28] C:\Program Files\Norton Save and Restore
[15/11/2005|04:25] C:\Program Files\Online Services
[13/06/2007|15:03] C:\Program Files\Outlook Express
[01/08/2008|23:02] C:\Program Files\PMSSAARI
[03/03/2009|22:13] C:\Program Files\QuickTime
[12/09/2006|05:40] C:\Program Files\Real
[04/06/2007|20:46] C:\Program Files\Sage
[08/05/2008|21:17] C:\Program Files\Samsung
[12/09/2006|06:03] C:\Program Files\Services en ligne
[14/05/2009|16:33] C:\Program Files\SohbetLive Script v5.1
[12/09/2006|05:41] C:\Program Files\Sonic
[01/08/2008|22:37] C:\Program Files\Sun
[25/01/2007|18:57] C:\Program Files\Supercross Kings
[14/05/2009|14:40] C:\Program Files\Trend Micro
[04/06/2007|20:46] C:\Program Files\Uninstall Information
[14/03/2007|03:12] C:\Program Files\Winamp
[10/01/2009|19:38] C:\Program Files\Windows Live
[23/10/2008|21:15] C:\Program Files\Windows Live Safety Center
[17/12/2008|17:02] C:\Program Files\Windows Live SkyDrive
[17/12/2008|17:04] C:\Program Files\Windows Live Toolbar
[24/12/2006|00:57] C:\Program Files\Windows Media Player
[15/11/2005|04:25] C:\Program Files\Windows NT
[15/11/2005|04:25] C:\Program Files\Windows Plus
[12/11/2005|02:09] C:\Program Files\WindowsUpdate
[11/11/2007|20:45] C:\Program Files\WinRAR
[15/11/2005|04:26] C:\Program Files\xerox
[08/08/2008|21:05] C:\Program Files\Yahoo!
[03/08/2008|13:53] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[29/02/2008|22:30] C:\Program Files\Fichiers communs\Adobe
[03/03/2009|22:14] C:\Program Files\Fichiers communs\Apple
[20/03/2007|23:43] C:\Program Files\Fichiers communs\Designer
[12/05/2007|19:21] C:\Program Files\Fichiers communs\FotoWire
[21/12/2006|02:10] C:\Program Files\Fichiers communs\Hewlett-Packard
[12/09/2006|05:35] C:\Program Files\Fichiers communs\HP
[12/09/2006|05:59] C:\Program Files\Fichiers communs\InstallShield
[12/09/2006|05:16] C:\Program Files\Fichiers communs\Java
[12/09/2006|05:42] C:\Program Files\Fichiers communs\LightScribe
[21/12/2006|01:51] C:\Program Files\Fichiers communs\Logitech
[12/09/2006|05:42] C:\Program Files\Fichiers communs\LS Getting Started
[17/12/2008|17:02] C:\Program Files\Fichiers communs\Microsoft Shared
[15/11/2005|04:24] C:\Program Files\Fichiers communs\MSSoap
[20/10/2007|23:30] C:\Program Files\Fichiers communs\muvee Technologies
[17/09/2007|21:01] C:\Program Files\Fichiers communs\NSV
[31/07/2008|00:36] C:\Program Files\Fichiers communs\Nullsoft
[15/11/2005|04:24] C:\Program Files\Fichiers communs\ODBC
[05/10/2008|01:04] C:\Program Files\Fichiers communs\Real
[01/08/2008|23:02] C:\Program Files\Fichiers communs\SAGE
[15/11/2005|04:24] C:\Program Files\Fichiers communs\Services
[12/09/2006|05:41] C:\Program Files\Fichiers communs\Sonic Shared
[15/11/2005|04:24] C:\Program Files\Fichiers communs\SpeechEngines
[12/09/2006|05:41] C:\Program Files\Fichiers communs\SureThing Shared
[04/08/2008|01:57] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|15:03] C:\Program Files\Fichiers communs\System
[12/09/2006|05:42] C:\Program Files\Fichiers communs\TiVo Shared
[17/12/2008|16:43] C:\Program Files\Fichiers communs\Windows Live
[21/11/2007|21:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 36 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-14 16:36:34
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 80

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:4745][D:52]-> C:\DOCUME~1\NESS\LOCALS~1\Temp
[F:35][D:0]-> C:\DOCUME~1\NESS\Cookies
[F:2075][D:16]-> C:\DOCUME~1\NESS\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 14/05/2009|16:15 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 14/05/2009|16:37 - Option : [2]

--------------------\\ Fin du rapport a 16:37:56
0
Utilisateur anonyme > sibel49 Messages postés 146 Statut Membre
 
evites ceci pour ne pas attraper des infections lop

● Le sponsor de Messenger Plus!
● Bittorent
● BitDownload
● BitGrabber
● NetPumper
● BitRoll
● TorrentQ
● Torrent101

il faut traiter ces infections
D:\gfqgq.cmd
http://www.prevx.com/filenames/X1098933538915319966-X1/GFQGQ.CMD.html


D:\gy.exe
C:\gy.exe
http://www.prevx.com/filenames/X24694861781570916-X1/GY.EXE.­html

C:\w98.com
D:\w98.com

http://www.prevx.com/filenames/X1369713793178515393-X1/W98.COM.html

C:\xdw.com
D:\xdw.com

http://www.prevx.com/filenames/X656645017100114273-X1/XDW.COM.html
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279 > Utilisateur anonyme
 
Tes liens ne fonctionnent pas

Redemande un log HT pour faire vérification

0
Utilisateur anonyme > ^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention  
 
je les ai réparé, ils marchent
il faut me laisser procéder dans l'ordre c'est quelqu'un d'autre qui m'a donné ce conseil
oui j'envisage de lui refaire faire un RSIT
0
Réponse 13 / 25
Utilisateur anonyme
 
télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.

double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(attention bien mettre :files)

:processes
explorer.exe
:files
D:\gfqgq.cmd
D:\gy.exe
C:\gy.exe
C:\w98.com
D:\w98.com
C:\xdw.com
D:\xdw.com
:commands
[purity]
[emptytemp]
[start explorer]

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
0
sibel49 Messages postés 146 Statut Membre 4
 
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
D:\gfqgq.cmd moved successfully.
D:\gy.exe moved successfully.
C:\gy.exe moved successfully.
C:\w98.com moved successfully.
D:\w98.com moved successfully.
C:\xdw.com moved successfully.
D:\xdw.com moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF55B4.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF6C66.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF6CBB.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF727A.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF7B86.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF7BB6.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF7F61.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF7FFB.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF80AB.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF80D1.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DFD97E.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DFE2DA.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DFED32.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~DFED74.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\NESS\LOCALS~1\Temp\~ROMFN_00000D58 scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\XW5Y3GEH\01[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\XW5Y3GEH\ADSAdClient31[3].txt scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\XW5Y3GEH\default[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\XW5Y3GEH\InboxLight[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\PM05811R\affich-12441313-virus-qu-on-ne-peu-supprimer[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\PM05811R\ToastFull[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\PM05811R\ToastMini[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\N2HIDS58\im[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\KAF6G3FJ\GY.EXE[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\KAF6G3FJ\HistoryFrame_13.3.0218.0429[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\JUHZX03V\ifr[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\JKR257QS\default[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\JKR257QS\InboxLight[3].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\FJLOXM7V\im[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\ALTI09I0\affich-12441313-virus-qu-on-ne-peu-supprimer[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\7XEESTRH\OTMoveIt3[1].exe scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\32JMNP2Q\ToastFull[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\32JMNP2Q\ToastMini[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\ZLT01c47.TMP scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT075d9.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05142009_170644

Files moved on Reboot...
C:\DOCUME~1\NESS\LOCALS~1\Temp\hpodvd09.log moved successfully.
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF55B4.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF6C66.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF6CBB.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF727A.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF7B86.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF7BB6.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF7F61.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF7FFB.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF80AB.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DF80D1.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DFD97E.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DFE2DA.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DFED32.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~DFED74.tmp not found!
File C:\DOCUME~1\NESS\LOCALS~1\Temp\~ROMFN_00000D58 not found!
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\XW5Y3GEH\01[1].htm not found!
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\XW5Y3GEH\ADSAdClient31[3].txt not found!
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\XW5Y3GEH\default[1].htm not found!
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\XW5Y3GEH\InboxLight[2].htm not found!
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\PM05811R\affich-12441313-virus-qu-on-ne-peu-supprimer[2].htm not found!
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\PM05811R\ToastFull[1].htm not found!
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\PM05811R\ToastMini[1].htm not found!
C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\N2HIDS58\im[1].htm moved successfully.
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\KAF6G3FJ\GY.EXE[1].htm not found!
C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\KAF6G3FJ\HistoryFrame_13.3.0218.0429[1].htm moved successfully.
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\JUHZX03V\ifr[1].htm not found!
C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\JKR257QS\default[1].htm moved successfully.
C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\JKR257QS\InboxLight[3].htm moved successfully.
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\FJLOXM7V\im[2].htm not found!
File C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\ALTI09I0\affich-12441313-virus-qu-on-ne-peu-supprimer[1].htm not found!
C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\7XEESTRH\OTMoveIt3[1].exe moved successfully.
C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\32JMNP2Q\ToastFull[1].htm moved successfully.
C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\Content.IE5\32JMNP2Q\ToastMini[1].htm moved successfully.
C:\Documents and Settings\NESS\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File C:\WINDOWS\temp\ZLT01c47.TMP not found!
File C:\WINDOWS\temp\ZLT075d9.TMP not found!
0
Utilisateur anonyme > sibel49 Messages postés 146 Statut Membre
 
ton pc était pas mal infecté
c'est probablement pas finit
refaits moi un RSIT
0
sibel49 Messages postés 146 Statut Membre 4 > Utilisateur anonyme
 
Logfile of random's system information tool 1.06 (written by random/random)
Run by NESS at 2009-05-14 17:32:02
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 104 GB (71%) free of 146 GB
Total RAM: 958 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:07, on 14/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Documents and Settings\NESS\Bureau\RSIT.exe antivirus.exe
C:\Program Files\trend micro\NESS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://www.icsvoice.com/talk.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - http://www.flatcast-data.com/data/objects/NpFv501.dll
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://www.radyodinle.com/?aspxerrorpath=/ampx_en_dl.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Utilisateur anonyme > sibel49 Messages postés 146 Statut Membre
 
as tu mis ton java à jour car je ne connais pas ce programme
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279 > Utilisateur anonyme
 
Faire supprimer Norton

0
Réponse 14 / 25
sibel49 Messages postés 146 Statut Membre 4
 
avec java a jour voici le rapport de rist:


Logfile of random's system information tool 1.06 (written by random/random)
Run by NESS at 2009-05-14 18:02:49
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 104 GB (71%) free of 146 GB
Total RAM: 958 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:02:50, on 14/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Java\jre6\bin\javaws.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Documents and Settings\NESS\Bureau\RSIT.exe antivirus.exe
C:\Program Files\trend micro\NESS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://www.icsvoice.com/talk.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - http://www.flatcast-data.com/data/objects/NpFv501.dll
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://www.radyodinle.com/ampx_en_dl.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Utilisateur anonyme
 
enlèves norton (post n°40)
0
Réponse 15 / 25
sibel49 Messages postés 146 Statut Membre 4
 
ok c'est fait

mais c'est toujours pas fini ?? le pc est toujours infecté ??
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Tu n'as plus d'infections mais pas mal d'inutiles

++
0
Réponse 16 / 25
Utilisateur anonyme
 
salut a tous

et bé....encore bien infecté !!!
0
Réponse 17 / 25
sibel49 Messages postés 146 Statut Membre 4
 
encore infectés?? ou des elements pas dangereux ?? sinon je peux supprimer tous les logiciels ?
0
Utilisateur anonyme
 
J'espère que personne va le contester car cela m'a été conseillé

---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
places sur le bureau, et pas ailleurs

/!\ Déconnecte-toi du net et désactives les défenses, antivirus et antispyware y compris /!\
---> Double-clique sur combo fix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt
0
sibel49 Messages postés 146 Statut Membre 4 > Utilisateur anonyme
 
si je fais ces etapes ca va pas etre dangereux pour le pc ? , et j'espere que aucun de mes fichiers ne sera supprimé ?
0
Utilisateur anonyme > sibel49 Messages postés 146 Statut Membre
 
bonjour,
si tu as peur de perdre des fichiers, je ne t'oblige pas à le faire
Purge de la restauration système


*Désactive ta restauration :
Clique droit sur poste de travail/propriétés/Restauration système/coche la case désactiver la restauration, appliquer, OK
---> Redémarre ton PC ...

*Réactive ta restauration :
Clique droit sur poste de travail/propriétés/Restauration système/décoche la case désactiver la restauration, appliquer, OK
--->Redémarre ton PC ...

( Note : tu peux aussi y accéder via panneau de configuration->" système "->" restauration système " ).
0
sibel49 Messages postés 146 Statut Membre 4 > Utilisateur anonyme
 
je n'arrive ni a faire l'étape 47 ni 49 :(

mais sinon je peu effacer tous ces logiciel installer

enfin le pc est encore bien infecté ??
0
Utilisateur anonyme > sibel49 Messages postés 146 Statut Membre
 
non ,il n'est plus infecté, mais il aurai fallu purger le pc pour supprimer les points de restauration infectés
0
Réponse 18 / 25
sibel49 Messages postés 146 Statut Membre 4
 
ok d'accordje vé essayer une derniere fois


sinon merci boucoup pour ton aide.


bonnne journée
0
Réponse 19 / 25
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Slt

4/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://www.icsvoice.com/talk.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.yayindayiz.biz/codec/nsvplayx_vp6_mp3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - http://www.flatcast-data.com/data/objects/NpFv501.dll
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://www.radyodinle.com/?aspxerrorpath=/ampx_en_dl.cab

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe



C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSRespond
démarrer------------exécuter--------------tu tapes : services.msc
double clique sur le service-------------désactiver

Le nom du Service est => Bonjour Service
L'emplacement du dossier, une fois ce Service " désactivé ", puis " arreté " , est :
C:\Program Files\Bonjour



++++++++






0
Utilisateur anonyme
 
bonjour Marie merci pour ton intervention mais je finirai
0
Réponse 20 / 25
sibel49 Messages postés 146 Statut Membre 4
 
mais je n'est pas telechargé HijackThis

ca sera possible de m'envoyer un lien svp
0

Discussions similaires

Que se passe-t-il quand on supprime un ami sur snapchat
Lilob7 -
kemani06 -

1 réponse