Cheval de troie detecté par Avast

Merci de ta réponse mais je l'ai fait et ça revient à chaque fois;)
Bonne soirée
ln

Bonsoir moment de grasse !!! merci de ta reponse rapide

Tour d'abord, ce logiciel consiste à quoi ?
J'ai essayé: je l'ai telechargé sur le bureau, accepter la licence et apres une fenetre s'est ouverte "log-bloc notes" et apres je suis coincée !!! que dois je faire
Merci d'avance
ln

2eme Partie enfin, je pense car je ne sais pas si c le debut de la 2eme partie

End of file - 14243 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{2753D303-C128-4667-BC0A-A054B0C21931}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO.dll [2007-02-04 390720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7605CC7C-00FD-4A5F-BAFD-828342DE6279}]
IEAux Class - C:\PROGRA~1\OCINS\ieaux.dll [2009-05-13 172032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-03 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-05-03 458752]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-22 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-22 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-22 118784]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-06-02 61952]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-06-17 794713]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2006-07-19 102400]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-06-19 163840]
"Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2006-06-19 40960]
"RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840]
"Reminder"=C:\Windows\CREATOR\Remind_XP.exe [2006-02-09 643072]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ieup"=C:\Program Files\ieup\inetsvr.exe [2007-09-29 109752]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-22 116040]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"CamWizard"=C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\CamWizrd.exe []
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-12-20 2656528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-29 68856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2005-08-18 307200]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe silent []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Démarrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Wireless Configuration Utility.lnk - C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe

C:\Documents and Settings\Hélène\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-22 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0f63fd25-1ac7-11de-bfcc-0018de0b4bf9}]
shell\AutoRun\command - F:\p1y2.cmd
shell\explore\command - F:\p1y2.cmd
shell\open\command - F:\p1y2.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a195d6e-9fc0-11db-bcc4-0018de0b4bf9}]
shell\Auto\command - F:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b4070e2-4a19-11de-bff5-0018de0b4bf9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b4070e3-4a19-11de-bff5-a28d62656c39}]
shell\AutoRun\command - WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64bb932d-60cb-11dd-bef3-0018de0b4bf9}]
shell\Auto\command - F:\AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{772ae9dd-e244-11dd-bf70-9ee269450d8e}]
shell\AutoRun\command - wdsync.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94b815fe-c519-11dc-be07-0018de0b4bf9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1fc5a10-b3d8-11dc-bdee-0018de0b4bf9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c87e318a-2df8-11dc-bda7-0018de0b4bf9}]
shell\Auto\command - H:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c9aa9798-299a-11dc-bda4-0018de0b4bf9}]
shell\Auto\command - F:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{daa874c6-5d3f-11dd-beed-0018de0b4bf9}]
shell\AutoRun\command - F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e15ffc96-5638-11dc-bdbb-0018de0b4bf9}]
shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6a2f8ab-71a7-11dc-bdcb-0018de0b4bf9}]
shell\Auto\command - F:\RavMonE.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e


======List of files/folders created in the last 1 months======

2009-12-08 22:19:14 ----D---- C:\rsit
2009-12-08 22:19:14 ----D---- C:\Program Files\trend micro
2009-12-08 17:17:38 ----D---- C:\WINDOWS\Prefetch
2009-12-08 17:15:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-12-08 17:15:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-12-08 17:14:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-12-08 17:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-08 17:14:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-12-08 17:14:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-12-08 17:14:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-08 17:14:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-12-08 17:13:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-12-08 17:13:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-08 17:13:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-08 17:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-12-08 17:13:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-12-08 17:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-08 17:12:40 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-08 17:12:27 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-12-08 17:12:17 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-12-08 17:12:04 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-12-08 17:11:53 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-12-08 17:11:41 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-12-08 17:11:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-08 17:11:21 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-12-08 17:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-12-08 17:10:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-12-08 17:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-08 17:10:30 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-08 17:10:19 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-08 17:10:08 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-08 17:09:55 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-12-08 17:09:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-08 17:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-08 17:09:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-08 17:09:15 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-12-08 17:09:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-08 17:08:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-08 17:08:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-08 17:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-08 17:08:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2009-12-08 17:08:03 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-08 17:07:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$
2009-12-08 17:07:42 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-12-08 17:07:29 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-12-08 17:07:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-08 17:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-08 17:06:55 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-08 17:06:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-08 17:06:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-12-08 17:06:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-08 17:06:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2009-12-08 17:06:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-12-08 17:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-08 17:05:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-08 17:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-08 17:05:23 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-12-08 17:05:11 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-08 16:59:23 ----D---- C:\WINDOWS\l2schemas
2009-12-08 16:59:22 ----D---- C:\WINDOWS\system32\fr
2009-12-08 16:59:22 ----D---- C:\WINDOWS\system32\bits
2009-12-08 16:53:20 ----D---- C:\WINDOWS\network diagnostic
2009-12-08 16:48:31 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-06 22:53:46 ----D---- C:\Program Files\Fichiers communs\Skype
2009-12-05 17:44:56 ----A---- C:\WINDOWS\system32\LVUI2RC.dll
2009-12-05 17:44:56 ----A---- C:\WINDOWS\system32\LVUI2.dll
2009-12-05 17:44:56 ----A---- C:\WINDOWS\system32\lvcoinst.ini
2009-12-05 17:44:56 ----A---- C:\WINDOWS\system32\lvcodec2.dll
2009-12-05 17:44:56 ----A---- C:\WINDOWS\system32\lvci11901262.dll
2009-12-05 17:44:08 ----D---- C:\Program Files\Fichiers communs\LogiShrd
2009-12-05 17:44:08 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2009-12-05 17:35:00 ----D---- C:\Program Files\ma-config.com
2009-12-05 17:35:00 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-12-05 17:15:49 ----RA---- C:\WINDOWS\system32\InstMed.exe
2009-12-05 17:15:22 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-12-05 17:15:11 ----A---- C:\WINDOWS\system32\Lvkrn12n.dll
2009-12-05 17:15:11 ----A---- C:\WINDOWS\system32\LCamCpl.dll
2009-12-05 17:14:54 ----A---- C:\WINDOWS\system32\QCUI2.dll
2009-12-05 17:14:52 ----A---- C:\WINDOWS\system32\Ltwvc12n.dll
2009-12-05 17:14:51 ----A---- C:\WINDOWS\system32\ltkrn12n.dll
2009-12-05 17:14:51 ----A---- C:\WINDOWS\system32\ltimg12n.dll
2009-12-05 17:14:51 ----A---- C:\WINDOWS\system32\ltfil12n.DLL
2009-12-05 17:14:51 ----A---- C:\WINDOWS\system32\ltefx12n.dll
2009-12-05 17:14:50 ----A---- C:\WINDOWS\system32\LTDIS12n.dll
2009-12-05 17:14:49 ----A---- C:\WINDOWS\system32\lftif12n.dll
2009-12-05 17:14:49 ----A---- C:\WINDOWS\system32\lffax12n.dll
2009-12-05 17:14:49 ----A---- C:\WINDOWS\system32\LFCMP12n.DLL
2009-12-05 17:14:49 ----A---- C:\WINDOWS\system32\lfbmp12n.dll
2009-12-05 17:14:45 ----A---- C:\WINDOWS\system32\LQCUI2.dll
2009-12-05 17:14:03 ----D---- C:\Program Files\Logitech
2009-11-28 14:10:30 ----D---- C:\Program Files\Pro Imaging Powertoys
2009-11-28 14:10:30 ----D---- C:\Program Files\Fichiers communs\Nikon
2009-11-28 13:43:57 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-11-28 13:43:46 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-11-28 13:28:33 ----D---- C:\WINDOWS\system32\IOSUBSYS
2009-11-26 01:41:17 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-26 01:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2009-11-25 10:46:31 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-25 10:46:31 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-25 10:46:31 ----A---- C:\WINDOWS\system32\java.exe
2009-11-12 08:26:25 ----D---- C:\WINDOWS\ie8updates
2009-11-12 08:24:55 ----HDC---- C:\WINDOWS\ie8
2009-11-12 03:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$
2009-11-11 19:18:10 ----D---- C:\Program Files\DivX

======List of files/folders modified in the last 1 months======

2009-12-09 18:20:52 ----A---- C:\WINDOWS\RTacDbg.txt
2009-12-09 18:09:11 ----D---- C:\Program Files\Mozilla Firefox
2009-12-09 17:57:21 ----D---- C:\WINDOWS\Temp
2009-12-09 17:57:20 ----D---- C:\Documents and Settings\Hélène\Application Data\OpenOffice.org2
2009-12-09 17:57:13 ----D---- C:\WINDOWS
2009-12-09 17:56:36 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-12-09 17:56:30 ----A---- C:\hpqp.ini
2009-12-09 17:56:28 ----A---- C:\XP_TV.ini
2009-12-09 17:56:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-09 17:55:54 ----D---- C:\WINDOWS\Registration
2009-12-09 17:27:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-09 12:58:33 ----HD---- C:\WINDOWS\inf
2009-12-09 12:58:19 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-09 01:15:35 ----D---- C:\Documents and Settings\Hélène\Application Data\Skype
2009-12-09 01:00:09 ----D---- C:\Documents and Settings\Hélène\Application Data\skypePM
2009-12-08 22:30:06 ----SHD---- C:\WINDOWS\Installer
2009-12-08 22:19:14 ----RD---- C:\Program Files
2009-12-08 17:23:06 ----D---- C:\WINDOWS\system32
2009-12-08 17:19:26 ----A---- C:\WINDOWS\OEWABLog.txt
2009-12-08 17:17:46 ----A---- C:\WINDOWS\setuplog.txt
2009-12-08 17:17:07 ----D---- C:\WINDOWS\system32\Setup
2009-12-08 17:17:07 ----D---- C:\WINDOWS\AppPatch
2009-12-08 17:17:06 ----RSD---- C:\WINDOWS\Fonts
2009-12-08 17:17:06 ----D---- C:\WINDOWS\system32\wbem
2009-12-08 17:17:02 ----D---- C:\WINDOWS\system32\drivers
2009-12-08 17:16:27 ----D---- C:\WINDOWS\security
2009-12-08 17:15:19 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-12-08 17:15:19 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-08 17:13:54 ----D---- C:\Program Files\Outlook Express
2009-12-08 17:05:33 ----D---- C:\Program Files\Messenger
2009-12-08 17:03:05 ----RSD---- C:\WINDOWS\assembly
2009-12-08 16:59:58 ----D---- C:\WINDOWS\WinSxS
2009-12-08 16:59:48 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-08 16:59:48 ----D---- C:\WINDOWS\Help
2009-12-08 16:59:47 ----D---- C:\WINDOWS\ime
2009-12-08 16:59:29 ----D---- C:\WINDOWS\system32\usmt
2009-12-08 16:59:29 ----D---- C:\WINDOWS\system32\fr-fr
2009-12-08 16:59:22 ----D---- C:\WINDOWS\PeerNet
2009-12-08 16:59:21 ----D---- C:\Program Files\Movie Maker
2009-12-08 16:55:25 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-08 16:55:15 ----D---- C:\WINDOWS\system32\Restore
2009-12-08 16:55:15 ----D---- C:\WINDOWS\system32\npp
2009-12-08 16:55:14 ----D---- C:\WINDOWS\msagent
2009-12-08 16:55:12 ----D---- C:\WINDOWS\srchasst
2009-12-08 16:55:10 ----D---- C:\Program Files\NetMeeting
2009-12-08 16:55:09 ----D---- C:\WINDOWS\system32\Com
2009-12-08 16:55:07 ----D---- C:\Program Files\Windows NT
2009-12-08 16:55:07 ----D---- C:\Program Files\Windows Media Player
2009-12-08 16:55:04 ----D---- C:\Program Files\Fichiers communs\System
2009-12-08 16:54:48 ----D---- C:\WINDOWS\system32\oobe
2009-12-08 16:54:46 ----D---- C:\WINDOWS\system
2009-12-08 16:51:11 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-08 16:48:29 ----D---- C:\WINDOWS\ehome
2009-12-08 03:10:52 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-06 22:54:00 ----RD---- C:\Program Files\Skype
2009-12-06 22:53:46 ----D---- C:\Program Files\Fichiers communs
2009-12-06 22:53:41 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-12-05 17:45:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-05 17:16:12 ----D---- C:\WINDOWS\twain_32
2009-12-05 17:14:44 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-01 15:23:43 ----D---- C:\Downloads
2009-11-29 08:06:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-28 14:07:34 ----D---- C:\WINDOWS\Downloaded Installations
2009-11-28 14:06:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-28 13:28:17 ----D---- C:\Program Files\Google
2009-11-25 10:45:59 ----D---- C:\Program Files\Java
2009-11-22 12:56:30 ----SD---- C:\WINDOWS\Tasks
2009-11-12 21:42:36 ----D---- C:\WINDOWS\Media
2009-11-12 21:42:36 ----D---- C:\Program Files\Internet Explorer
2009-11-12 21:05:34 ----D---- C:\Documents and Settings\Hélène\Application Data\Google
2009-11-12 03:06:24 ----A---- C:\WINDOWS\win.ini
2009-11-11 19:18:32 ----D---- C:\Program Files\Fichiers communs\DivX Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-14 28520]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-05-28 21035]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-10-01 55656]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-15 12672]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2006-03-25 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2006-03-25 55936]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-04-11 163328]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-06-02 572928]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-04-20 995712]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-04-20 208000]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-22 1166972]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-12-16 25624]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 NETw3x32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-09-28 1709696]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-06-17 193120]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-04-20 727296]
S2 idnaux;idnaux; C:\WINDOWS\system32\drivers\idnaux.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-12-17 41752]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2008-12-17 495640]
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle; C:\WINDOWS\system32\DRIVERS\RTL8187B.sys [2007-07-18 264576]
S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-07-22 32000]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-14 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-10-01 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-12-16 150040]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2009-06-22 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2009-06-22 117248]
R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
S2 gupdate1ca63d067212528;Service Google Update (gupdate1ca63d067212528); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-12 133104]
S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-12 126976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-03 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Je crois que vous vous embetez vraiment.
Quand Avast detect un cheval de troie, un symbole nucléarie apparait avec une alarme et il te propose directement de supprimer... IL le met en quarantaine automatiquement si tu decide de ne rien faire mais en allant dans le menu Avast tu peux le retrouver et le supprimer...

En faite la 1ere partie est après la 2eme ;) desolée je ne savais pas comment ça faisait !!!!

et ca fini bien par EOF

Bon courage
ln

voici la suite ;)


############################## | UsbFix V6.060 |

User : Hélène (Administrateurs) # LN
Update on 09/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 20:02:14 | 09/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

C:\ -> Disque fixe local # 102,6 Go (59,84 Go free) # NTFS
D:\ -> Disque fixe local # 8,17 Go (1,41 Go free) [PRESARIO_RP] # FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque fixe local # 298,01 Go (174,91 Go free) [DD LN] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 852
C:\WINDOWS\system32\csrss.exe 916
C:\WINDOWS\system32\winlogon.exe 940
C:\WINDOWS\system32\services.exe 988
C:\WINDOWS\system32\lsass.exe 1000
C:\WINDOWS\system32\svchost.exe 1180
C:\WINDOWS\system32\svchost.exe 1248
C:\WINDOWS\System32\svchost.exe 1288
C:\WINDOWS\system32\svchost.exe 1492
C:\WINDOWS\system32\svchost.exe 1524
C:\WINDOWS\system32\spoolsv.exe 1748
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1800
C:\WINDOWS\system32\svchost.exe 1852
C:\WINDOWS\system32\msdtc.exe 500
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 564
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 576
C:\Program Files\Bonjour\mDNSResponder.exe 588
C:\WINDOWS\eHome\ehRecvr.exe 628
C:\WINDOWS\eHome\ehSched.exe 648
C:\Program Files\ICQ6Toolbar\ICQ Service.exe 480
C:\Program Files\Java\jre6\bin\jqs.exe 956
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 1196
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe 1368
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1964
C:\WINDOWS\system32\svchost.exe 268
C:\WINDOWS\system32\mqsvc.exe 424
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 884
C:\WINDOWS\system32\mqtgsvc.exe 2188
C:\WINDOWS\system32\dllhost.exe 2292
C:\WINDOWS\System32\alg.exe 2496
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3308
C:\WINDOWS\Explorer.EXE 3476
C:\WINDOWS\system32\wbem\wmiprvse.exe 3544
C:\WINDOWS\ehome\ehtray.exe 3944
C:\WINDOWS\eHome\ehmsas.exe 4004
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe 160
C:\WINDOWS\system32\igfxpers.exe 724
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2304
C:\Program Files\HP\QuickPlay\QPService.exe 2348
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe 2356
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe 2364
C:\Program Files\iTunes\iTunesHelper.exe 2908
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 2920
C:\Program Files\Java\jre6\bin\jusched.exe 2992
C:\WINDOWS\system32\LVCOMSX.EXE 3084
C:\Program Files\Logitech\Video\LogiTray.exe 3156
C:\Program Files\Logitech\QuickCam\Quickcam.exe 3396
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3484
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 3200
C:\WINDOWS\system32\ctfmon.exe 1328
C:\Program Files\Windows Media Player\WMPNSCFG.exe 4040
C:\Program Files\iPod\bin\iPodService.exe 2392
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe 2440
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe 2932
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe 3592
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe 1424
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN 2396
C:\Program Files\Logitech\Video\FxSvr2.exe 2540
C:\WINDOWS\system32\wuauclt.exe 2208
C:\Program Files\Windows Live\Contacts\wlcomm.exe 216
C:\Program Files\Mozilla Firefox\firefox.exe 5004
C:\WINDOWS\system32\wbem\wmiprvse.exe 6108

################## | Fichiers # Dossiers infectieux |

D:\autorun.inf
G:\autorun.inf

################## | Spyware.OnlineGames |


################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{0f63fd25-1ac7-11de-bfcc-0018de0b4bf9}
Shell\AutoRun\command =F:\p1y2.cmd
Shell\explore\Command =F:\p1y2.cmd
Shell\open\Command =F:\p1y2.cmd

HKCU\..\..\Explorer\MountPoints2\{1a195d6e-9fc0-11db-bcc4-0018de0b4bf9}
Shell\Auto\command =F:\RavMonE.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

HKCU\..\..\Explorer\MountPoints2\{5b4070e2-4a19-11de-bff5-0018de0b4bf9}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe

HKCU\..\..\Explorer\MountPoints2\{5b4070e3-4a19-11de-bff5-a28d62656c39}
Shell\AutoRun\command =WDSetup.exe

HKCU\..\..\Explorer\MountPoints2\{64bb932d-60cb-11dd-bef3-0018de0b4bf9}
Shell\Auto\command =F:\AdobeR.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

HKCU\..\..\Explorer\MountPoints2\{772ae9dd-e244-11dd-bf70-9ee269450d8e}
Shell\AutoRun\command =wdsync.exe

HKCU\..\..\Explorer\MountPoints2\{94b815fe-c519-11dc-be07-0018de0b4bf9}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

HKCU\..\..\Explorer\MountPoints2\{a1fc5a10-b3d8-11dc-bdee-0018de0b4bf9}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

HKCU\..\..\Explorer\MountPoints2\{c87e318a-2df8-11dc-bda7-0018de0b4bf9}
Shell\Auto\command =H:\RavMonE.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

HKCU\..\..\Explorer\MountPoints2\{c9aa9798-299a-11dc-bda4-0018de0b4bf9}
Shell\Auto\command =F:\RavMonE.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

HKCU\..\..\Explorer\MountPoints2\{daa874c6-5d3f-11dd-beed-0018de0b4bf9}
Shell\AutoRun\command =F:\LaunchU3.exe

HKCU\..\..\Explorer\MountPoints2\{e15ffc96-5638-11dc-bdbb-0018de0b4bf9}
Shell\AutoRun\command =G:\LaunchU3.exe -a

HKCU\..\..\Explorer\MountPoints2\{f6a2f8ab-71a7-11dc-bdcb-0018de0b4bf9}
Shell\Auto\command =F:\RavMonE.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.060 ! |

Alors j'ai ete un peu longue car j'ai refait 2 fois l"operation !!!

LA FENETRE Usbfix n'a pas donnée blog note juste une inscription disant d'envoyer le fichier suivant
c:\docume 1 \HLNE 1`\Bureau\Usbfix_Upload_Me_LN.zip

quoi faire maintenant ?
merci d"avance

ok j'ai trouvé a la source mais je ne sais le quel choisir entre: fiche, quarantine, reg , tools, bypass et usbfix

et en plus ce sont des dossiers alors il faut choisir à l'intérieur !!!

desolée je ne trouve pas !!!

voila

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_E | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 06.12.2009 à 17:18
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 22:34:04, 09/12/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: LN | Utilisateur actuel: H‚lŠne
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Poker 770
C:\Poker\Poker 770
C:\DOCUME~1\HLNE~1\Cookies\h‚lŠne@partypoker[1].txt
.
HKCU\software\Poker 770
HKLM\Software\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
HKLM\Software\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
HKLM\software\microsoft\windows\currentversion\uninstall\Poker 770
HKLM\software\Poker 770
HKU\s-1-5-21-221359706-2720879958-1995664387-1005\software\Poker 770
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.15 [fr] *
.
Nom du profil: svg6rxqz.default (H‚lŠne)
.
.
(HLNE~1, prefs.js) Browser.download.lastDir, C:\Documents and Settings\Hélène\Bureau
(HLNE~1, prefs.js) Browser.search.defaultenginename, ICQ Search
(HLNE~1, prefs.js) Browser.search.selectedEngine, Google
(HLNE~1, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/
.
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search Page: hxxp://www.google.com
Enable Browser Extensions: yes
Search Bar: hxxp://www.google.com/ie
Use Custom Search URL: 1 (0x1)
Use Search Asst: no
Default_Search_URL: hxxp://www.google.com/ie
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search Bar: hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
2511 Octet(s) - C:\Ad-Report-SCAN[1].log
.
8277 Fichier(s) - C:\DOCUME~1\HLNE~1\LOCALS~1\Temp
141 Fichier(s) - C:\WINDOWS\Temp
.
4 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 22:40:02 | 09/12/2009 - SCAN[1]
.
============== E.O.F ==============
.

meme outil ca veut dire quoi? je refais usbfix en mode echec ?

en mode sans echec ;)

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_E | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 06.12.2009 à 17:18
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 23:40:59, 09/12/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: LN | Utilisateur actuel: H‚lŠne
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Poker 770
C:\Poker\Poker 770
C:\DOCUME~1\HLNE~1\Cookies\h‚lŠne@partypoker[1].txt

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\Poker 770
HKLM\Software\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
HKLM\Software\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
HKLM\software\microsoft\windows\currentversion\uninstall\Poker 770
HKLM\software\Poker 770
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.15 [fr] *
.
Nom du profil: svg6rxqz.default (H‚lŠne)
.
.
(HLNE~1, prefs.js) Browser.download.lastDir, C:\Documents and Settings\Hélène\Bureau
(HLNE~1, prefs.js) Browser.search.defaultenginename, ICQ Search
(HLNE~1, prefs.js) Browser.search.selectedEngine, Google
(HLNE~1, prefs.js) Browser.startup.homepage, hxxp://www.google.fr/
.
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Enable Browser Extensions: yes
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Use Custom Search URL: 1 (0x1)
Use Search Asst: no
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search Bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]


Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
2569 Octet(s) - C:\Ad-Report-CLEAN[1].log
2841 Octet(s) - C:\Ad-Report-SCAN[1].log
.
1 Fichier(s) - C:\DOCUME~1\HLNE~1\LOCALS~1\Temp
2 Fichier(s) - C:\WINDOWS\Temp
.
21 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
1088 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 23:49:51 | 09/12/2009 - CLEAN[1]
.
============== E.O.F ==============
.

ok c partie !

apres runthis, j'ai ecrit Y et apres c ecrit support impossible IPX/SPXVDM

dc je ne peux pas aller plus loin koi faire ?

je vais me coucher, merci pour le tps passé pr m'aider !!!
j'espere demain on pourra regler ça

@+

voila,


List'em by g3n-h@ckm@n 1.1.4.1

Thx to Chiquitine29.....& CCM team

User : Hélène (Administrateurs) # LN
Update on 09/12/2009 by g3n-h@ckm@n ::::: 17:00
Start at: 17:21:31 | 10/12/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]

C:\ -> Disque fixe local | 102,6 Go (58,22 Go free) | NTFS
D:\ -> Disque fixe local | 8,17 Go (1,41 Go free) [PRESARIO_RP] | FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque fixe local | 298,01 Go (174,94 Go free) [DD LN] | FAT32
H:\ -> Disque amovible | 488,84 Mo (34,56 Mo free) [LN] | FAT

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe 856
C:\WINDOWS\system32\csrss.exe 920
C:\WINDOWS\system32\winlogon.exe 948
C:\WINDOWS\system32\services.exe 992
C:\WINDOWS\system32\lsass.exe 1004
C:\WINDOWS\system32\svchost.exe 1192
C:\WINDOWS\system32\svchost.exe 1260
C:\WINDOWS\System32\svchost.exe 1300
C:\WINDOWS\system32\svchost.exe 1504
C:\WINDOWS\system32\svchost.exe 1532
C:\WINDOWS\system32\spoolsv.exe 1752
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1808
C:\WINDOWS\system32\svchost.exe 1860
C:\WINDOWS\Explorer.EXE 664
C:\WINDOWS\ehome\ehtray.exe 1052
C:\WINDOWS\system32\msdtc.exe 1212
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe 1224
C:\WINDOWS\system32\hkcmd.exe 1328
C:\WINDOWS\system32\igfxpers.exe 1332
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 1560
C:\Program Files\HP\QuickPlay\QPService.exe 1608
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe 1628
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe 1648
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1932
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1976
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 2020
C:\Program Files\Java\jre6\bin\jusched.exe 2036
C:\WINDOWS\system32\LVCOMSX.EXE 148
C:\Program Files\Logitech\Video\LogiTray.exe 192
C:\Program Files\Bonjour\mDNSResponder.exe 208
C:\WINDOWS\eHome\ehRecvr.exe 236
C:\Program Files\Logitech\QuickCam\Quickcam.exe 252
C:\WINDOWS\eHome\ehSched.exe 552
C:\WINDOWS\System32\svchost.exe 812
C:\Program Files\ICQ6Toolbar\ICQ Service.exe 912
C:\Program Files\Java\jre6\bin\jqs.exe 1588
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 1788
C:\Program Files\Logitech\Video\FxSvr2.exe 1996
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe 2064
C:\Program Files\iTunes\iTunesHelper.exe 2164
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2280
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2360
C:\WINDOWS\system32\svchost.exe 2440
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2508
C:\WINDOWS\system32\svchost.exe 2516
C:\WINDOWS\system32\ctfmon.exe 2524
C:\WINDOWS\system32\mqsvc.exe 2652
C:\Program Files\Windows Media Player\WMPNSCFG.exe 2676
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 2972
C:\WINDOWS\ehome\mcrdsvc.exe 3116
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe 3256
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe 3300
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe 3472
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN 3664
C:\WINDOWS\system32\mqtgsvc.exe 3680
C:\Program Files\Windows Media Player\WMPNetwk.exe 3896
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe 284
C:\WINDOWS\eHome\ehmsas.exe 2800
C:\WINDOWS\system32\dllhost.exe 3440
C:\WINDOWS\system32\wbem\wmiprvse.exe 3916
C:\WINDOWS\System32\alg.exe 2836
C:\Program Files\iPod\bin\iPodService.exe 4692
C:\Program Files\Windows Live\Contacts\wlcomm.exe 6004
C:\Program Files\Mozilla Firefox\firefox.exe 5192
c:\program files\avira\antivir desktop\avcenter.exe 2056
C:\WINDOWS\system32\wscntfy.exe 4544
C:\DOCUME~1\HLNE~1\LOCALS~1\Temp\Répertoire temporaire 2 pour List_Killem.zip\List_Kill'em.exe 604
C:\WINDOWS\system32\cmd.exe 436
C:\WINDOWS\system32\wbem\wmiprvse.exe 1488
C:\Documents and Settings\Hélène\Local Settings\Temp\C.tmp\pv.exe 4460

======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
updateMgr REG_SZ C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
ICQ REG_SZ "C:\Program Files\ICQ6.5\ICQ.exe" silent
WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe
LogitechSoftwareUpdate REG_SZ "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
ehTray REG_SZ C:\WINDOWS\ehome\ehtray.exe
hpWirelessAssistant REG_SZ C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
igfxtray REG_SZ C:\WINDOWS\system32\igfxtray.exe
igfxhkcmd REG_SZ C:\WINDOWS\system32\hkcmd.exe
igfxpers REG_SZ C:\WINDOWS\system32\igfxpers.exe
MsmqIntCert REG_SZ regsvr32 /s mqrt.dll
High Definition Audio Property Page Shortcut REG_SZ CHDAudPropShortcut.exe
SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
QPService REG_SZ "C:\Program Files\HP\QuickPlay\QPService.exe"
HP Software Update REG_SZ C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
QlbCtrl REG_EXPAND_SZ %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
Cpqset REG_SZ C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
RecGuard REG_SZ C:\Windows\SMINST\RecGuard.exe
Reminder REG_SZ C:\Windows\CREATOR\Remind_XP.exe
NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
ieup REG_SZ C:\Program Files\ieup\inetsvr.exe
avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
LVCOMSX REG_SZ C:\WINDOWS\system32\LVCOMSX.EXE
LogitechVideoRepair REG_SZ C:\Program Files\Logitech\Video\ISStart.exe
LogitechVideoTray REG_SZ C:\Program Files\Logitech\Video\LogiTray.exe
CamWizard REG_SZ C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\CamWizrd.exe
LogitechQuickCamRibbon REG_SZ "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
AppleSyncNotifier REG_SZ C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
InstallVisualStyle REG_EXPAND_SZ C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
InstallTheme REG_EXPAND_SZ C:\WINDOWS\Resources\Themes\Royale.theme

===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 145 (0x91)
NoDriveAutoRun REG_DWORD 145 (0x91)
HonorAutoRunSetting REG_DWORD 0 (0x0)

===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
HonorAutoRunSetting REG_DWORD 0 (0x0)
NoDriveAutoRun REG_DWORD 145 (0x91)
NoDriveTypeAutoRun REG_DWORD 145 (0x91)

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ

===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ

===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\WINDOWS\system32\mqsvc.exe REG_SZ C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing
C:\Program Files\AOL 9.0\waol.exe REG_SZ C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France
C:\Program Files\BitComet\BitComet.exe REG_SZ C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\Program Files\Bonjour\mDNSResponder.exe REG_SZ C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
C:\Program Files\ma-config.com\maconfservice.exe REG_SZ C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice
C:\Program Files\Skype\Plugin Manager\skypePM.exe REG_SZ C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Skype\Phone\Skype.exe REG_SZ C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\WINDOWS\system32\mqsvc.exe REG_SZ C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

===============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7605CC7C-00FD-4A5F-BAFD-828342DE6279}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr

========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3
EapHost : 0x3
SharedAccess : 0x2
wuauserv : 0x2

=========

=======
Drive :
=======

D‚fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

Rapport d'analyse
103 Go total, 58,22 Go libre (56%), 11% fragment‚ (fragmentation du fichier 23%)

Vous devriez d‚fragmenter ce volume.

==========
Programs
==========

Ad-Remover
Adobe
ADSL Drivers
Ahead
Alwil Software
Apple Software Update
ArcSoft
Avira
BitComet
Bonjour
ComPlus Applications
CONEXANT
DivX
DVD Shrink
Fichiers communs
FrenchOtto
GemMasterFrench
Google
Hewlett-Packard
HP
HPQ
ICQ6Toolbar
ieup
InstallShield Installation Information
Internet Explorer
iPod
iTunes
Java
Lavalys
Logitech
ma-config.com
Messenger
Microsoft
Microsoft CAPICOM 2.1.0.2
microsoft frontpage
Microsoft Office
Microsoft Office Outlook Connector
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Sync Framework
Microsoft Works
Microsoft.NET
Movie Maker
Mozilla Firefox
MSBuild
MSN
MSN Gaming Zone
MSXML 4.0
MSXML 6.0
NetMeeting
NetWaiting
OCINS
Online Services
OpenOffice.org 2.3
Outlook Express
Pro Imaging Powertoys
QuickTime
Reference Assemblies
RegCleaner
Safari
Services en ligne
SFR
Skype
Sonic
Synaptics
trend micro
TRENDnet
Uninstall Information
Virtual Look
Windows Live
Windows Live SkyDrive
Windows Media Connect 2
Windows Media Player
Windows NT
Windows Plus
WindowsUpdate
xerox
XviD

¤¤¤¤¤¤¤¤¤¤ Files/folders :

C:\WINDOWS\kb913800.exe
C:\WINDOWS\System32\drivers\etc\hosts.msn
C:\WINDOWS\System32\SETD58.tmp
C:\WINDOWS\System32\SETD59.tmp
C:\WINDOWS\System32\SETD8D.tmp
C:\WINDOWS\System32\SETD8F.tmp
C:\WINDOWS\System32\SETD9B.tmp
C:\WINDOWS\System32\SETDA8.tmp
C:\WINDOWS\TEMP\scs18.tmp
C:\WINDOWS\TEMP\scs19.tmp
C:\Documents and Settings\H‚lŠne\Application Data\wklnhst.dat

¤¤¤¤¤¤¤¤¤¤ Keys :

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988}

=========
Rootkits
=========

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-10 17:23:58
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR
kernel: MBR read successfully




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

je remets mon antiv virus et pare feu maitenant

Kill'em by g3n-h@ckm@n 1.1.4.1

User : Hélène () # LN
Update on 09/12/2009 by g3n-h@ckm@n ::::: 17:00
Start at: 17:50:13 | 10/12/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

C:\ -> Disque fixe local | 102,6 Go (59,28 Go free) | NTFS
D:\ -> Disque fixe local | 8,17 Go (1,41 Go free) [PRESARIO_RP] | FAT32
E:\ -> Disque CD-ROM
G:\ -> Disque fixe local | 298,01 Go (174,94 Go free) [DD LN] | FAT32
H:\ -> Disque amovible | 488,84 Mo (34,56 Mo free) [LN] | FAT


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe 208
C:\WINDOWS\system32\csrss.exe 256
C:\WINDOWS\system32\winlogon.exe 280
C:\WINDOWS\system32\services.exe 324
C:\WINDOWS\system32\lsass.exe 336
C:\WINDOWS\system32\svchost.exe 484
C:\WINDOWS\system32\svchost.exe 544
C:\WINDOWS\system32\svchost.exe 596
C:\WINDOWS\Explorer.EXE 840
C:\DOCUME~1\HLNE~1\LOCALS~1\Temp\Répertoire temporaire 1 pour List_Killem.zip\List_Kill'em.exe 956
C:\WINDOWS\system32\cmd.exe 968
C:\WINDOWS\system32\wbem\wmiprvse.exe 1084
C:\Documents and Settings\Hélène\Local Settings\Temp\1.tmp\pv.exe 1136

Detections :
==========


¤¤¤¤¤¤¤¤¤¤ Files/folders :

"C:\WINDOWS\kb913800.exe"
"C:\WINDOWS\System32\drivers\etc\hosts.msn"
C:\WINDOWS\System32\SETD58.tmp
C:\WINDOWS\System32\SETD59.tmp
C:\WINDOWS\System32\SETD8D.tmp
C:\WINDOWS\System32\SETD8F.tmp
C:\WINDOWS\System32\SETD9B.tmp
C:\WINDOWS\System32\SETDA8.tmp
C:\WINDOWS\TEMP\scs18.tmp
C:\WINDOWS\TEMP\scs19.tmp


¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :

Quarantine :

hosts.msn.Kill'em
kb913800.exe.Kill'em
scs18.tmp.Kill'em
scs19.tmp.Kill'em
SETD58.tmp.Kill'em
SETD59.tmp.Kill'em
SETD8D.tmp.Kill'em
SETD8F.tmp.Kill'em
SETD9B.tmp.Kill'em
SETDA8.tmp.Kill'em

==============
host file OK !
==============

========
Registry
========
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988}

============
Disk Cleaned
============

================
Prefetch cleaned :
================

Layout.ini
NTOSBOOT-B00DFAAD.pf



¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3339
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/12/2009 20:16:06
mbam-log-2009-12-10 (20-16-06).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 270705
Temps écoulé: 2 hour(s), 1 minute(s), 12 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\SDFix\dummy.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\SDFix\apps\dummy.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP470\A0159790.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP470\A0159791.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

je refais le log de : Malwarebytes' Anti-Malware
avec tous les logiciels je ne sais plus le quel c'est

j'ai pas RSIT un autre nom ? c'etait à quelle etape???

dsl je l'ai maintenant :)

voila:


Logfile of random's system information tool 1.06 (written by random/random)
Run by Hélène at 2009-12-10 20:55:35
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 60 GB (57%) free of 105 GB
Total RAM: 1014 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:44, on 10/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Documents and Settings\Hélène\Bureau\RSIT.exe
C:\Program Files\trend micro\Hélène.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://register.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: IEAux Class - {7605CC7C-00FD-4A5F-BAFD-828342DE6279} - C:\PROGRA~1\OCINS\ieaux.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ieup] C:\Program Files\ieup\inetsvr.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [CamWizard] C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\CamWizrd.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Access Internet Keyword - C:\Program Files\OCINS\cnrbtn.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca63d067212528) (gupdate1ca63d067212528) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

ieaux.dll c:\program files\ocins Adware.Cdn.origin Irréparable.Supprimé.
AD-R.exe\data016 C:\Documents and Settings\Hélène\Bureau\AD-R.exe Tool.Prockill
AD-R.exe C:\Documents and Settings\Hélène\Bureau L'archive contient des éléments infectés Quarantaine.
SDFix.exe\SDFix\apps\Process.exe C:\Documents and Settings\Hélène\Bureau\SDFix.exe Tool.Prockill
SDFix.exe C:\Documents and Settings\Hélène\Bureau L'archive contient des éléments infectés Quarantaine.
UsbFix.exe\Tools\Kill_P.exe C:\Documents and Settings\Hélène\Bureau\UsbFix.exe Tool.Prockill
UsbFix.exe C:\Documents and Settings\Hélène\Bureau L'archive contient des éléments infectés Quarantaine.
Process.com C:\Program Files\Ad-Remover Tool.Prockill Irréparable.Supprimé.
AD-R.exe\data016 C:\Program Files\Ad-Remover\BACKUP\AD-R.exe Tool.Prockill
AD-R.exe C:\Program Files\Ad-Remover\BACKUP L'archive contient des éléments infectés Quarantaine.
_SetupCasino.exe.vir\data001 C:\Program Files\Ad-Remover\QUARANTINE\Poker\POKER7~1\_SetupCasino.exe.vir Adware.Casino
_SetupCasino.exe.vir C:\Program Files\Ad-Remover\QUARANTINE\Poker\POKER7~1 Conteneur comporte des objets infectés Quarantaine.
austr.dll C:\Program Files\ieup Adware.Cdn Irréparable.Supprimé.
idnsvr.dll C:\Program Files\OCINS Adware.Cdn Irréparable.Supprimé.
ieaux.dll C:\Program Files\OCINS Adware.Cdn.origin Chemin invalide pour le fichier
uninstall.exe C:\Program Files\OCINS Adware.Cdn Irréparable.Supprimé.
Process.exe C:\SDFix\apps Tool.Prockill Irréparable.Supprimé.
A0158573.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP470 Tool.Prockill Irréparable.Supprimé.
A0158639.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP470 Tool.Prockill Irréparable.Supprimé.
A0158674.com C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP470 Tool.Prockill Irréparable.Supprimé.
A0158687.exe\data016 C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP470\A0158687.exe Tool.Prockill
A0158687.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP470 L'archive contient des éléments infectés Quarantaine.
A0158699.exe\data001 C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP470\A0158699.exe Adware.Casino
A0158699.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP470 Conteneur comporte des objets infectés Quarantaine.
A0159772.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP470 Tool.Prockill Irréparable.Supprimé.
A0162059.exe\data016 C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP472\A0162059.exe Tool.Prockill
A0162059.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP472 L'archive contient des éléments infectés Quarantaine.
A0162060.exe\SDFix\apps\Process.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP472\A0162060.exe Tool.Prockill
A0162060.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP472 L'archive contient des éléments infectés Quarantaine.
A0162061.exe\Tools\Kill_P.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP472\A0162061.exe Tool.Prockill
A0162061.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP472 L'archive contient des éléments infectés Quarantaine.
A0162062.exe\data016 C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP472\A0162062.exe Tool.Prockill
A0162062.exe C:\System Volume Information\_restore{206D5C9A-566B-437B-A762-213EF381532E}\RP472 L'archive contient des éléments infectés Quarantaine.
Kill_P.exe C:\UsbFix\Tools Tool.Prockill Irréparable.Supprimé.

voici le lien par Cijoint.fr ;)


http://www.cijoint.fr/cjlink.php?file=cj200912/cijhlclTe4.doc