Sujet Précédent Sujet Suivant

Virus virus!

Fermé
amaterasu - 21 sept. 2011 à 12:34
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 - 26 sept. 2011 à 21:11
Bonjour,

Mon antivirus a bloqué et refuse de scanner mon ordi, même en mode sans échec. J'ai voulu lancer Malwarebytes, même punition, même motif. L'application se lance une fois, elle entame le scan environ 15 secondes puis crashe sans relance possible. Mon pare-feu Windows me bombarde d'alertes de sécurité et bloque tous les programmes, y compris Avira ou Firefox.
Mon navigateur internet, comme si cela ne suffisait pas, dévie toutes mes recherches vers des sites spams.

En mode sans échec, j'ai pu faire un scan Hijackthis, que vous trouverez ci-dessous.

Si vous aviez un peu de temps à m'accorder ce serait génial, je n'y comprends vraiment rien à ces petits machins binaires!
Merci infiniment!!!

A voir également:

17 réponses

Réponse 1 / 17
amaterasu
21 sept. 2011 à 12:35
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:14:55, on 21/09/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\LICITRA\Mes documents\Téléchargements\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eeepc.asus.com/global
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://fr.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://fr.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDect.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
0
Réponse 2 / 17
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
21 sept. 2011 à 13:27
Salut,

1/
Comme antivirus tu as Avira et des traces d'AVG :
Désinstallation propre d' AVG :
* Télécharge AVGREMOVER et enregistre le sur le bureau de ton PC
* Exécute ce fichier en suivant les instructions

2/
Télécharge Reload_TDSSKiller

* Lance le

* choisis : lancer le nettoyage

* l'outil va automatiquement télécharger la derniere version puis

* TDSSKiller va s'ouvrir , clique sur "Start Scan"

Clique ici pour l'aide en image
- Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
- Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
- Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
- Si Suspicious file est indiqué, laisse l''option cochée sur Skip
- une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

* Copie/Colle son contenu dans ta prochaine réponse


0
Réponse 3 / 17
amaterasu
21 sept. 2011 à 13:41
Salut Fish66 et merci de ton aide!

1. Voici le rapport AVGREMOVER:

2011-09-21 11:31:34,625 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2011-09-21 11:31:34,671 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2011-09-21 11:31:34,671 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2011-09-21 11:31:34,671 WARN AvgDir param empty.
2011-09-21 11:31:34,671 WARN AvgDataDir param empty.
2011-09-21 11:31:39,984 INFO AvgRemover runs in attempt number 1
2011-09-21 11:31:39,984 INFO ***** Services *****
2011-09-21 11:31:39,984 INFO Processing service avg8emc
2011-09-21 11:31:40,000 INFO Service avg8emc is not installed
2011-09-21 11:31:40,000 DEBUG Service avg8emc RegCleanup
2011-09-21 11:31:40,000 DEBUG Registry keys for service avg8emc are not present
2011-09-21 11:31:40,000 INFO Processing service avgfws8
2011-09-21 11:31:40,000 INFO Service avgfws8 is not installed
2011-09-21 11:31:40,000 DEBUG Service avgfws8 RegCleanup
2011-09-21 11:31:40,000 DEBUG Registry keys for service avgfws8 are not present
2011-09-21 11:31:40,000 INFO Processing service avg8wd
2011-09-21 11:31:40,000 INFO Service avg8wd is not installed
2011-09-21 11:31:40,000 DEBUG Service avg8wd RegCleanup
2011-09-21 11:31:40,000 DEBUG Registry keys for service avg8wd are not present
2011-09-21 11:31:40,000 INFO Processing service AvgWFPx
2011-09-21 11:31:40,000 INFO Service AvgWFPx is not installed
2011-09-21 11:31:40,000 DEBUG Service AvgWFPx RegCleanup
2011-09-21 11:31:40,000 DEBUG Registry keys for service AvgWFPx are not present
2011-09-21 11:31:40,000 INFO Processing service AvgWFPa
2011-09-21 11:31:40,000 INFO Service AvgWFPa is not installed
2011-09-21 11:31:40,000 DEBUG Service AvgWFPa RegCleanup
2011-09-21 11:31:40,000 DEBUG Registry keys for service AvgWFPa are not present
2011-09-21 11:31:40,000 INFO Processing service AvgMfx86
2011-09-21 11:31:40,000 INFO Service AvgMfx86 is not installed
2011-09-21 11:31:40,000 DEBUG Service AvgMfx86 RegCleanup
2011-09-21 11:31:40,000 DEBUG Registry keys for service AvgMfx86 are not present
2011-09-21 11:31:40,000 INFO Processing service AvgMfx64
2011-09-21 11:31:40,015 INFO Service AvgMfx64 is not installed
2011-09-21 11:31:40,015 DEBUG Service AvgMfx64 RegCleanup
2011-09-21 11:31:40,015 DEBUG Registry keys for service AvgMfx64 are not present
2011-09-21 11:31:40,015 INFO Processing service AvgLdx86
2011-09-21 11:31:40,015 INFO Service AvgLdx86 is not installed
2011-09-21 11:31:40,015 DEBUG Service AvgLdx86 RegCleanup
2011-09-21 11:31:40,015 DEBUG Registry keys for service AvgLdx86 are not present
2011-09-21 11:31:40,015 INFO Processing service AvgLdx64
2011-09-21 11:31:40,015 INFO Service AvgLdx64 is not installed
2011-09-21 11:31:40,015 DEBUG Service AvgLdx64 RegCleanup
2011-09-21 11:31:40,015 DEBUG Registry keys for service AvgLdx64 are not present
2011-09-21 11:31:40,015 INFO Processing service AvgTdiX
2011-09-21 11:31:40,015 INFO Service AvgTdiX is not installed
2011-09-21 11:31:40,015 DEBUG Service AvgTdiX RegCleanup
2011-09-21 11:31:40,015 DEBUG Registry keys for service AvgTdiX are not present
2011-09-21 11:31:40,015 INFO Processing service AvgTdiA
2011-09-21 11:31:40,015 INFO Service AvgTdiA is not installed
2011-09-21 11:31:40,015 DEBUG Service AvgTdiA RegCleanup
2011-09-21 11:31:40,015 DEBUG Registry keys for service AvgTdiA are not present
2011-09-21 11:31:40,015 INFO Processing service AvgRkx86
2011-09-21 11:31:40,015 INFO Service AvgRkx86 is not installed
2011-09-21 11:31:40,031 DEBUG Service AvgRkx86 RegCleanup
2011-09-21 11:31:40,031 DEBUG Registry keys for service AvgRkx86 are not present
2011-09-21 11:31:40,031 INFO Processing service AvgRkx64
2011-09-21 11:31:40,031 INFO Service AvgRkx64 is not installed
2011-09-21 11:31:40,031 DEBUG Service AvgRkx64 RegCleanup
2011-09-21 11:31:40,031 DEBUG Registry keys for service AvgRkx64 are not present
2011-09-21 11:31:40,031 INFO Processing service avg9emc
2011-09-21 11:31:40,031 INFO Service avg9emc is not installed
2011-09-21 11:31:40,031 DEBUG Service avg9emc RegCleanup
2011-09-21 11:31:40,031 DEBUG Registry keys for service avg9emc are not present
2011-09-21 11:31:40,031 INFO Processing service avgfws9
2011-09-21 11:31:40,031 INFO Service avgfws9 is not installed
2011-09-21 11:31:40,031 DEBUG Service avgfws9 RegCleanup
2011-09-21 11:31:40,031 DEBUG Registry keys for service avgfws9 are not present
2011-09-21 11:31:40,031 INFO Processing service avg9wd
2011-09-21 11:31:40,046 INFO Service avg9wd is not installed
2011-09-21 11:31:40,046 DEBUG Service avg9wd RegCleanup
2011-09-21 11:31:40,046 DEBUG Registry keys for service avg9wd are not present
2011-09-21 11:31:40,046 INFO Processing service AVGIDSAgent
2011-09-21 11:31:40,046 INFO Service AVGIDSAgent is not installed
2011-09-21 11:31:40,046 DEBUG Service AVGIDSAgent RegCleanup
2011-09-21 11:31:40,046 DEBUG Registry keys for service AVGIDSAgent are not present
2011-09-21 11:31:40,046 INFO Processing service AVGIDSShimxpx
2011-09-21 11:31:40,046 INFO Service AVGIDSShimxpx is not installed
2011-09-21 11:31:40,046 DEBUG Service AVGIDSShimxpx RegCleanup
2011-09-21 11:31:40,046 DEBUG Registry keys for service AVGIDSShimxpx are not present
2011-09-21 11:31:40,046 INFO Processing service AVGIDSFilterxpx
2011-09-21 11:31:40,046 INFO Service AVGIDSFilterxpx is not installed
2011-09-21 11:31:40,062 DEBUG Service AVGIDSFilterxpx RegCleanup
2011-09-21 11:31:40,062 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2011-09-21 11:31:40,062 INFO Processing service AVGIDSDriverxpx
2011-09-21 11:31:40,062 INFO Service AVGIDSDriverxpx is not installed
2011-09-21 11:31:40,062 DEBUG Service AVGIDSDriverxpx RegCleanup
2011-09-21 11:31:40,062 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2011-09-21 11:31:40,062 INFO Processing service AVGIDSShimvtx
2011-09-21 11:31:40,062 INFO Service AVGIDSShimvtx is not installed
2011-09-21 11:31:40,062 DEBUG Service AVGIDSShimvtx RegCleanup
2011-09-21 11:31:40,062 DEBUG Registry keys for service AVGIDSShimvtx are not present
2011-09-21 11:31:40,062 INFO Processing service AVGIDSFiltervtx
2011-09-21 11:31:40,062 INFO Service AVGIDSFiltervtx is not installed
2011-09-21 11:31:40,062 DEBUG Service AVGIDSFiltervtx RegCleanup
2011-09-21 11:31:40,062 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2011-09-21 11:31:40,078 INFO Processing service AVGIDSDrivervtx
2011-09-21 11:31:40,078 INFO Service AVGIDSDrivervtx is not installed
2011-09-21 11:31:40,078 DEBUG Service AVGIDSDrivervtx RegCleanup
2011-09-21 11:31:40,078 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2011-09-21 11:31:40,078 INFO Processing service AVGIDSFiltervta
2011-09-21 11:31:40,078 INFO Service AVGIDSFiltervta is not installed
2011-09-21 11:31:40,078 DEBUG Service AVGIDSFiltervta RegCleanup
2011-09-21 11:31:40,078 DEBUG Registry keys for service AVGIDSFiltervta are not present
2011-09-21 11:31:40,078 INFO Processing service AVGIDSDrivervta
2011-09-21 11:31:40,078 INFO Service AVGIDSDrivervta is not installed
2011-09-21 11:31:40,078 DEBUG Service AVGIDSDrivervta RegCleanup
2011-09-21 11:31:40,078 DEBUG Registry keys for service AVGIDSDrivervta are not present
2011-09-21 11:31:40,078 INFO Processing service AVGIDSShimw7x
2011-09-21 11:31:40,078 INFO Service AVGIDSShimw7x is not installed
2011-09-21 11:31:40,093 DEBUG Service AVGIDSShimw7x RegCleanup
2011-09-21 11:31:40,093 DEBUG Registry keys for service AVGIDSShimw7x are not present
2011-09-21 11:31:40,093 INFO Processing service AVGIDSFilterw7x
2011-09-21 11:31:40,093 INFO Service AVGIDSFilterw7x is not installed
2011-09-21 11:31:40,093 DEBUG Service AVGIDSFilterw7x RegCleanup
2011-09-21 11:31:40,093 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2011-09-21 11:31:40,093 INFO Processing service AVGIDSDriverw7x
2011-09-21 11:31:40,093 INFO Service AVGIDSDriverw7x is not installed
2011-09-21 11:31:40,093 DEBUG Service AVGIDSDriverw7x RegCleanup
2011-09-21 11:31:40,093 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2011-09-21 11:31:40,093 INFO Processing service AVGIDSFilterw7a
2011-09-21 11:31:40,093 INFO Service AVGIDSFilterw7a is not installed
2011-09-21 11:31:40,109 DEBUG Service AVGIDSFilterw7a RegCleanup
2011-09-21 11:31:40,109 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2011-09-21 11:31:40,109 INFO Processing service AVGIDSDriverw7a
2011-09-21 11:31:40,109 INFO Service AVGIDSDriverw7a is not installed
2011-09-21 11:31:40,109 DEBUG Service AVGIDSDriverw7a RegCleanup
2011-09-21 11:31:40,109 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2011-09-21 11:31:40,109 INFO Processing service AVGIDSErHrxpx
2011-09-21 11:31:40,109 INFO Service AVGIDSErHrxpx is not installed
2011-09-21 11:31:40,109 DEBUG Service AVGIDSErHrxpx RegCleanup
2011-09-21 11:31:40,109 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2011-09-21 11:31:40,109 INFO Processing service AVGIDSErHrvtx
2011-09-21 11:31:40,125 INFO Service AVGIDSErHrvtx is not installed
2011-09-21 11:31:40,125 DEBUG Service AVGIDSErHrvtx RegCleanup
2011-09-21 11:31:40,125 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2011-09-21 11:31:40,125 INFO Processing service AVGIDSErHrvta
2011-09-21 11:31:40,125 INFO Service AVGIDSErHrvta is not installed
2011-09-21 11:31:40,125 DEBUG Service AVGIDSErHrvta RegCleanup
2011-09-21 11:31:40,125 DEBUG Registry keys for service AVGIDSErHrvta are not present
2011-09-21 11:31:40,125 INFO Processing service AVGIDSErHrw7x
2011-09-21 11:31:40,125 INFO Service AVGIDSErHrw7x is not installed
2011-09-21 11:31:40,125 DEBUG Service AVGIDSErHrw7x RegCleanup
2011-09-21 11:31:40,125 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2011-09-21 11:31:40,125 INFO Processing service AVGIDSErHrw7a
2011-09-21 11:31:40,140 INFO Service AVGIDSErHrw7a is not installed
2011-09-21 11:31:40,140 DEBUG Service AVGIDSErHrw7a RegCleanup
2011-09-21 11:31:40,140 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2011-09-21 11:31:40,140 INFO ***** Registry keys and values *****
2011-09-21 11:31:40,140 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2011-09-21 11:31:40,140 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2011-09-21 11:31:40,140 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2011-09-21 11:31:40,140 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2011-09-21 11:31:40,140 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2011-09-21 11:31:40,140 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2011-09-21 11:31:40,140 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2011-09-21 11:31:40,156 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2011-09-21 11:31:40,156 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2011-09-21 11:31:40,156 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2011-09-21 11:31:40,156 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2011-09-21 11:31:40,156 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2011-09-21 11:31:40,156 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2011-09-21 11:31:40,156 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2011-09-21 11:31:40,156 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2011-09-21 11:31:40,156 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2011-09-21 11:31:40,156 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2011-09-21 11:31:40,156 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2011-09-21 11:31:40,156 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2011-09-21 11:31:40,171 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2011-09-21 11:31:40,171 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2011-09-21 11:31:40,171 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2011-09-21 11:31:40,171 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2011-09-21 11:31:40,171 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2011-09-21 11:31:40,171 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-09-21 11:31:40,171 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-09-21 11:31:40,171 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-09-21 11:31:40,171 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2011-09-21 11:31:40,171 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2011-09-21 11:31:40,171 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2011-09-21 11:31:40,171 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-09-21 11:31:40,171 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-09-21 11:31:40,171 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-09-21 11:31:40,171 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2011-09-21 11:31:40,187 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2011-09-21 11:31:40,187 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2011-09-21 11:31:40,187 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2011-09-21 11:31:40,187 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2011-09-21 11:31:40,187 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2011-09-21 11:31:40,187 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2011-09-21 11:31:40,203 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2011-09-21 11:31:40,203 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs doesn't need to be modified
2011-09-21 11:31:40,203 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-09-21 11:31:40,203 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2011-09-21 11:31:40,203 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2011-09-21 11:31:40,203 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-09-21 11:31:40,203 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2011-09-21 11:31:40,203 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2011-09-21 11:31:40,203 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-09-21 11:31:40,203 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2011-09-21 11:31:40,218 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2011-09-21 11:31:40,218 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-09-21 11:31:40,218 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2011-09-21 11:31:40,218 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2011-09-21 11:31:40,218 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-09-21 11:31:40,218 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2011-09-21 11:31:40,218 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2011-09-21 11:31:40,234 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-09-21 11:31:40,234 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2011-09-21 11:31:40,234 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2011-09-21 11:31:40,234 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2011-09-21 11:31:40,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2011-09-21 11:31:40,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2011-09-21 11:31:40,234 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2011-09-21 11:31:40,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2011-09-21 11:31:40,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2011-09-21 11:31:40,234 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2011-09-21 11:31:40,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2011-09-21 11:31:40,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2011-09-21 11:31:40,234 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-09-21 11:31:40,250 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2011-09-21 11:31:40,250 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2011-09-21 11:31:40,250 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2011-09-21 11:31:40,250 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2011-09-21 11:31:40,250 INFO Processing registry SOFTWARE\Classes\.avgdi
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2011-09-21 11:31:40,250 DEBUG Key SOFTWARE\Classes\.avgdi not found
2011-09-21 11:31:40,250 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-09-21 11:31:40,265 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-09-21 11:31:40,265 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-09-21 11:31:40,265 INFO Processing registry SOFTWARE\AVG\Clients
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\AVG\Clients not found
2011-09-21 11:31:40,265 INFO Processing registry SOFTWARE\AVG\AVG8
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\AVG\AVG8 not found
2011-09-21 11:31:40,265 INFO Processing registry SOFTWARE\AVG\AVG9
2011-09-21 11:31:40,265 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2011-09-21 11:31:40,265 INFO Processing registry SOFTWARE\AVG\AVG IDS
2011-09-21 11:31:40,281 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2011-09-21 11:31:40,281 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2011-09-21 11:31:40,281 INFO Processing registry SOFTWARE\AVG
2011-09-21 11:31:40,281 DEBUG Value SOFTWARE\AVG:DumpType Remove
2011-09-21 11:31:40,281 INFO Value SOFTWARE\AVG:DumpType is not present
2011-09-21 11:31:40,281 INFO Processing registry SOFTWARE\AVG
2011-09-21 11:31:40,281 DEBUG Key SOFTWARE\AVG Remove
2011-09-21 11:31:40,281 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-09-21 11:31:40,281 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-09-21 11:31:40,281 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-09-21 11:31:40,281 INFO Processing registry SOFTWARE\AVG\AVG8
2011-09-21 11:31:40,281 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2011-09-21 11:31:40,281 DEBUG Key SOFTWARE\AVG\AVG8 not found
2011-09-21 11:31:40,281 INFO Processing registry SOFTWARE\AVG\AVG9
2011-09-21 11:31:40,281 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2011-09-21 11:31:40,281 INFO Processing registry SOFTWARE\AVG
2011-09-21 11:31:40,281 DEBUG Key SOFTWARE\AVG Remove
2011-09-21 11:31:40,296 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-09-21 11:31:40,296 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-09-21 11:31:40,296 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-09-21 11:31:40,296 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2011-09-21 11:31:40,296 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2011-09-21 11:31:40,296 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2011-09-21 11:31:40,296 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-09-21 11:31:40,296 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-09-21 11:31:40,296 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-09-21 11:31:40,296 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2011-09-21 11:31:40,296 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2011-09-21 11:31:40,296 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2011-09-21 11:31:40,312 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-09-21 11:31:40,312 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-09-21 11:31:40,312 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-09-21 11:31:40,312 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-09-21 11:31:40,312 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-09-21 11:31:40,312 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-09-21 11:31:40,312 INFO Processing registry aAvgAPI.AvgBro
2011-09-21 11:31:40,312 DEBUG Key aAvgAPI.AvgBro ForceRemove
2011-09-21 11:31:40,312 DEBUG Key aAvgAPI.AvgBro not found
2011-09-21 11:31:40,312 INFO Processing registry AVG.Office
2011-09-21 11:31:40,312 DEBUG Key AVG.Office ForceRemove
2011-09-21 11:31:40,312 DEBUG Key AVG.Office not found
2011-09-21 11:31:40,312 INFO Processing registry AVG.Office.8
2011-09-21 11:31:40,312 DEBUG Key AVG.Office.8 ForceRemove
2011-09-21 11:31:40,312 DEBUG Key AVG.Office.8 not found
2011-09-21 11:31:40,312 INFO Processing registry avgtoolbar.AVGTOOLBAR
2011-09-21 11:31:40,312 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2011-09-21 11:31:40,312 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2011-09-21 11:31:40,312 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2011-09-21 11:31:40,328 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2011-09-21 11:31:40,328 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2011-09-21 11:31:40,328 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2011-09-21 11:31:40,328 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2011-09-21 11:31:40,328 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2011-09-21 11:31:40,328 INFO Processing registry LinkScannerIE.NavFilter
2011-09-21 11:31:40,328 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2011-09-21 11:31:40,328 INFO Processing registry LinkScannerIE.NavFilter.1
2011-09-21 11:31:40,328 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2011-09-21 11:31:40,328 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2011-09-21 11:31:40,343 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2011-09-21 11:31:40,343 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2011-09-21 11:31:40,343 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2011-09-21 11:31:40,343 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2011-09-21 11:31:40,343 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2011-09-21 11:31:40,343 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2011-09-21 11:31:40,343 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2011-09-21 11:31:40,343 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2011-09-21 11:31:40,343 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-09-21 11:31:40,343 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-09-21 11:31:40,343 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-09-21 11:31:40,343 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-09-21 11:31:40,343 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-09-21 11:31:40,343 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-09-21 11:31:40,343 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2011-09-21 11:31:40,343 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2011-09-21 11:31:40,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2011-09-21 11:31:40,359 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2011-09-21 11:31:40,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2011-09-21 11:31:40,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2011-09-21 11:31:40,359 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2011-09-21 11:31:40,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2011-09-21 11:31:40,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2011-09-21 11:31:40,359 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2011-09-21 11:31:40,359 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2011-09-21 11:31:40,359 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2011-09-21 11:31:40,359 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2011-09-21 11:31:40,359 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2011-09-21 11:31:40,359 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-09-21 11:31:40,375 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-09-21 11:31:40,375 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-09-21 11:31:40,375 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-09-21 11:31:40,375 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-09-21 11:31:40,375 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-09-21 11:31:40,375 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2011-09-21 11:31:40,375 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2011-09-21 11:31:40,375 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2011-09-21 11:31:40,375 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2011-09-21 11:31:40,375 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2011-09-21 11:31:40,375 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2011-09-21 11:31:40,375 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2011-09-21 11:31:40,375 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2011-09-21 11:31:40,375 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2011-09-21 11:31:40,375 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2011-09-21 11:31:40,390 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2011-09-21 11:31:40,390 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2011-09-21 11:31:40,390 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2011-09-21 11:31:40,390 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2011-09-21 11:31:40,390 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2011-09-21 11:31:40,390 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2011-09-21 11:31:40,390 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-09-21 11:31:40,406 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-09-21 11:31:40,406 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-09-21 11:31:40,406 INFO ***** Files and folders *****
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 0
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 1
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 2
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 3
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 4
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 5
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 6
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 7
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 8
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 9
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 10
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 11
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 12
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 13
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 14
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 15
2011-09-21 11:31:40,406 DEBUG Missing ParentDir path for fileItem number 16
2011-09-21 11:31:40,406 DEBUG Processing item C:\Documents and Settings\LICITRA\Application Data\AVGTOOLBAR
2011-09-21 11:31:40,406 INFO Directory C:\Documents and Settings\LICITRA\Application Data\AVGTOOLBAR not found
2011-09-21 11:31:40,406 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-09-21 11:31:40,406 DEBUG Processing item C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avg 8.0
2011-09-21 11:31:40,406 INFO Directory C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avg 8.0 not found
2011-09-21 11:31:40,406 DEBUG Processing item C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avg free 8.0
2011-09-21 11:31:40,406 INFO Directory C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avg free 8.0 not found
2011-09-21 11:31:40,406 DEBUG Processing item C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avg 8.5
2011-09-21 11:31:40,406 INFO Directory C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avg 8.5 not found
2011-09-21 11:31:40,421 DEBUG Processing item C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avg free 8.5
2011-09-21 11:31:40,421 INFO Directory C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avg free 8.5 not found
2011-09-21 11:31:40,421 DEBUG Processing item C:\Documents and Settings\All Users\Bureau\avg 8.0.lnk
2011-09-21 11:31:40,421 INFO File C:\Documents and Settings\All Users\Bureau\avg 8.0.lnk not found
2011-09-21 11:31:40,421 DEBUG Processing item C:\Documents and Settings\All Users\Bureau\avg free 8.0.lnk
2011-09-21 11:31:40,421 INFO File C:\Documents and Settings\All Users\Bureau\avg free 8.0.lnk not found
2011-09-21 11:31:40,421 DEBUG Processing item C:\Documents and Settings\All Users\Bureau\avg 8.5.lnk
2011-09-21 11:31:40,421 INFO File C:\Documents and Settings\All Users\Bureau\avg 8.5.lnk not found
2011-09-21 11:31:40,421 DEBUG Processing item C:\Documents and Settings\All Users\Bureau\avg free 8.5.lnk
2011-09-21 11:31:40,421 INFO File C:\Documents and Settings\All Users\Bureau\avg free 8.5.lnk not found
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 27
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 28
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 29
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 30
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 31
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 32
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 33
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 34
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 35
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 36
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 37
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 38
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 39
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 40
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 41
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 42
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 43
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 44
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 45
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 46
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 47
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 48
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 49
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 50
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 51
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 52
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 53
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 54
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 55
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 56
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 57
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 58
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 59
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 60
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 61
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 62
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 63
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 64
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 65
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 66
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 67
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 68
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 69
2011-09-21 11:31:40,437 DEBUG Missing ParentDir path for fileItem number 70
2011-09-21 11:31:40,437 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages
2011-09-21 11:31:40,437 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found
2011-09-21 11:31:40,437 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2011-09-21 11:31:40,437 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found
2011-09-21 11:31:40,437 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-09-21 11:31:40,437 DEBUG Processing item C:\Documents and Settings\All Users\Bureau\avg 9.0.lnk
2011-09-21 11:31:40,437 INFO File C:\Documents and Settings\All Users\Bureau\avg 9.0.lnk not found
2011-09-21 11:31:40,453 DEBUG Processing item C:\Documents and Settings\All Users\Bureau\avg free 9.0.lnk
2011-09-21 11:31:40,453 INFO File C:\Documents and Settings\All Users\Bureau\avg free 9.0.lnk not found
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 76
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 77
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 78
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 79
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 80
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 81
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 82
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 83
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 84
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 85
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 86
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 87
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 88
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 89
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 90
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 91
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 92
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 93
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 94
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 95
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 96
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 97
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 98
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 99
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 100
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 101
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 102
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 103
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 104
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 105
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 106
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 107
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 108
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 109
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 110
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 111
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 112
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 113
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 114
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 115
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 116
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 117
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 118
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 119
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 120
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 121
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 122
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 123
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 124
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 125
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 126
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 127
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 128
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 129
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 130
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 131
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 132
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 133
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 134
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 135
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 136
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 137
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 138
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 139
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 140
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 141
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 142
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 143
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 144
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 145
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 146
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 147
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 148
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 149
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 150
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 151
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 152
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 153
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 154
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 155
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 156
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 157
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 158
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 159
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 160
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 161
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 162
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 163
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 164
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 165
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 166
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 167
2011-09-21 11:31:40,453 DEBUG Missing ParentDir path for fileItem number 168
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 169
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 170
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 171
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 172
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 173
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 174
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 175
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 176
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 177
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 178
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 179
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 180
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 181
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 182
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 183
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 184
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 185
2011-09-21 11:31:40,468 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-09-21 11:31:40,468 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-09-21 11:31:40,468 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-09-21 11:31:40,468 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-09-21 11:31:40,468 DEBUG Processing item C:\WINDOWS\System32\Drivers
2011-09-21 11:31:40,468 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg
2011-09-21 11:31:40,468 INFO Directory C:\WINDOWS\System32\Drivers\avg not found
2011-09-21 11:31:40,468 DEBUG Processing item C:\WINDOWS\System32
2011-09-21 11:31:40,468 DEBUG Processing item C:\Program Files\AVG
2011-09-21 11:31:40,468 INFO Directory C:\Program Files\AVG not found
2011-09-21 11:31:40,468 DEBUG Missing ParentDir path for fileItem number 194
2011-09-21 11:31:40,468 INFO ***** Avg Fw NDIS driver *****
2011-09-21 11:31:42,171 INFO FW NDIS driver not present
2011-09-21 11:32:10,625 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2011-09-21 11:32:10,640 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2011-09-21 11:32:10,640 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2011-09-21 11:32:10,640 WARN AvgDir param empty.
2011-09-21 11:32:10,640 WARN AvgDataDir param empty.
2011-09-21 11:32:13,625 INFO AvgRemover runs in attempt number 1
2011-09-21 11:32:13,625 INFO ***** Services *****
2011-09-21 11:32:13,625 INFO Processing service avg8emc
2011-09-21 11:32:13,625 INFO Service avg8emc is not installed
2011-09-21 11:32:13,625 DEBUG Service avg8emc RegCleanup
2011-09-21 11:32:13,625 DEBUG Registry keys for service avg8emc are not present
2011-09-21 11:32:13,625 INFO Processing service avgfws8
2011-09-21 11:32:13,625 INFO Service avgfws8 is not installed
2011-09-21 11:32:13,625 DEBUG Service avgfws8 RegCleanup
2011-09-21 11:32:13,625 DEBUG Registry keys for service avgfws8 are not present
2011-09-21 11:32:13,625 INFO Processing service avg8wd
2011-09-21 11:32:13,640 INFO Service avg8wd is not installed
2011-09-21 11:32:13,640 DEBUG Service avg8wd RegCleanup
2011-09-21 11:32:13,640 DEBUG Registry keys for service avg8wd are not present
2011-09-21 11:32:13,640 INFO Processing service AvgWFPx
2011-09-21 11:32:13,640 INFO Service AvgWFPx is not installed
2011-09-21 11:32:13,640 DEBUG Service AvgWFPx RegCleanup
2011-09-21 11:32:13,640 DEBUG Registry keys for service AvgWFPx are not present
2011-09-21 11:32:13,640 INFO Processing service AvgWFPa
2011-09-21 11:32:13,640 INFO Service AvgWFPa is not installed
2011-09-21 11:32:13,640 DEBUG Service AvgWFPa RegCleanup
2011-09-21 11:32:13,640 DEBUG Registry keys for service AvgWFPa are not present
2011-09-21 11:32:13,640 INFO Processing service AvgMfx86
2011-09-21 11:32:13,640 INFO Service AvgMfx86 is not installed
2011-09-21 11:32:13,640 DEBUG Service AvgMfx86 RegCleanup
2011-09-21 11:32:13,640 DEBUG Registry keys for service AvgMfx86 are not present
2011-09-21 11:32:13,640 INFO Processing service AvgMfx64
2011-09-21 11:32:13,640 INFO Service AvgMfx64 is not installed
2011-09-21 11:32:13,640 DEBUG Service AvgMfx64 RegCleanup
2011-09-21 11:32:13,640 DEBUG Registry keys for service AvgMfx64 are not present
2011-09-21 11:32:13,640 INFO Processing service AvgLdx86
2011-09-21 11:32:13,640 INFO Service AvgLdx86 is not installed
2011-09-21 11:32:13,640 DEBUG Service AvgLdx86 RegCleanup
2011-09-21 11:32:13,640 DEBUG Registry keys for service AvgLdx86 are not present
2011-09-21 11:32:13,640 INFO Processing service AvgLdx64
2011-09-21 11:32:13,640 INFO Service AvgLdx64 is not installed
2011-09-21 11:32:13,640 DEBUG Service AvgLdx64 RegCleanup
2011-09-21 11:32:13,640 DEBUG Registry keys for service AvgLdx64 are not present
2011-09-21 11:32:13,640 INFO Processing service AvgTdiX
2011-09-21 11:32:13,656 INFO Service AvgTdiX is not installed
2011-09-21 11:32:13,656 DEBUG Service AvgTdiX RegCleanup
2011-09-21 11:32:13,656 DEBUG Registry keys for service AvgTdiX are not present
2011-09-21 11:32:13,656 INFO Processing service AvgTdiA
2011-09-21 11:32:13,656 INFO Service AvgTdiA is not installed
2011-09-21 11:32:13,656 DEBUG Service AvgTdiA RegCleanup
2011-09-21 11:32:13,656 DEBUG Registry keys for service AvgTdiA are not present
2011-09-21 11:32:13,656 INFO Processing service AvgRkx86
2011-09-21 11:32:13,656 INFO Service AvgRkx86 is not installed
2011-09-21 11:32:13,656 DEBUG Service AvgRkx86 RegCleanup
2011-09-21 11:32:13,656 DEBUG Registry keys for service AvgRkx86 are not present
2011-09-21 11:32:13,656 INFO Processing service AvgRkx64
2011-09-21 11:32:13,656 INFO Service AvgRkx64 is not installed
2011-09-21 11:32:13,656 DEBUG Service AvgRkx64 RegCleanup
2011-09-21 11:32:13,656 DEBUG Registry keys for service AvgRkx64 are not present
2011-09-21 11:32:13,656 INFO Processing service avg9emc
2011-09-21 11:32:13,671 INFO Service avg9emc is not installed
2011-09-21 11:32:13,671 DEBUG Service avg9emc RegCleanup
2011-09-21 11:32:13,671 DEBUG Registry keys for service avg9emc are not present
2011-09-21 11:32:13,671 INFO Processing service avgfws9
2011-09-21 11:32:13,671 INFO Service avgfws9 is not installed
2011-09-21 11:32:13,671 DEBUG Service avgfws9 RegCleanup
2011-09-21 11:32:13,671 DEBUG Registry keys for service avgfws9 are not present
2011-09-21 11:32:13,671 INFO Processing service avg9wd
2011-09-21 11:32:13,671 INFO Service avg9wd is not installed
2011-09-21 11:32:13,671 DEBUG Service avg9wd RegCleanup
2011-09-21 11:32:13,671 DEBUG Registry keys for service avg9wd are not present
2011-09-21 11:32:13,671 INFO Processing service AVGIDSAgent
2011-09-21 11:32:13,671 INFO Service AVGIDSAgent is not installed
2011-09-21 11:32:13,687 DEBUG Service AVGIDSAgent RegCleanup
2011-09-21 11:32:13,687 DEBUG Registry keys for service AVGIDSAgent are not present
2011-09-21 11:32:13,687 INFO Processing service AVGIDSShimxpx
2011-09-21 11:32:13,687 INFO Service AVGIDSShimxpx is not installed
2011-09-21 11:32:13,687 DEBUG Service AVGIDSShimxpx RegCleanup
2011-09-21 11:32:13,687 DEBUG Registry keys for service AVGIDSShimxpx are not present
2011-09-21 11:32:13,687 INFO Processing service AVGIDSFilterxpx
2011-09-21 11:32:13,687 INFO Service AVGIDSFilterxpx is not installed
2011-09-21 11:32:13,687 DEBUG Service AVGIDSFilterxpx RegCleanup
2011-09-21 11:32:13,687 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2011-09-21 11:32:13,687 INFO Processing service AVGIDSDriverxpx
2011-09-21 11:32:13,687 INFO Service AVGIDSDriverxpx is not installed
2011-09-21 11:32:13,687 DEBUG Service AVGIDSDriverxpx RegCleanup
2011-09-21 11:32:13,687 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2011-09-21 11:32:13,687 INFO Processing service AVGIDSShimvtx
2011-09-21 11:32:13,703 INFO Service AVGIDSShimvtx is not installed
2011-09-21 11:32:13,703 DEBUG Service AVGIDSShimvtx RegCleanup
2011-09-21 11:32:13,703 DEBUG Registry keys for service AVGIDSShimvtx are not present
2011-09-21 11:32:13,703 INFO Processing service AVGIDSFiltervtx
2011-09-21 11:32:13,703 INFO Service AVGIDSFiltervtx is not installed
2011-09-21 11:32:13,703 DEBUG Service AVGIDSFiltervtx RegCleanup
2011-09-21 11:32:13,703 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2011-09-21 11:32:13,703 INFO Processing service AVGIDSDrivervtx
2011-09-21 11:32:13,703 INFO Service AVGIDSDrivervtx is not installed
2011-09-21 11:32:13,703 DEBUG Service AVGIDSDrivervtx RegCleanup
2011-09-21 11:32:13,703 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2011-09-21 11:32:13,703 INFO Processing service AVGIDSFiltervta
2011-09-21 11:32:13,703 INFO Service AVGIDSFiltervta is not installed
2011-09-21 11:32:13,703 DEBUG Service AVGIDSFiltervta RegCleanup
2011-09-21 11:32:13,703 DEBUG Registry keys for service AVGIDSFiltervta are not present
2011-09-21 11:32:13,703 INFO Processing service AVGIDSDrivervta
2011-09-21 11:32:13,718 INFO Service AVGIDSDrivervta is not installed
2011-09-21 11:32:13,718 DEBUG Service AVGIDSDrivervta RegCleanup
2011-09-21 11:32:13,718 DEBUG Registry keys for service AVGIDSDrivervta are not present
2011-09-21 11:32:13,718 INFO Processing service AVGIDSShimw7x
2011-09-21 11:32:13,718 INFO Service AVGIDSShimw7x is not installed
2011-09-21 11:32:13,718 DEBUG Service AVGIDSShimw7x RegCleanup
2011-09-21 11:32:13,718 DEBUG Registry keys for service AVGIDSShimw7x are not present
2011-09-21 11:32:13,718 INFO Processing service AVGIDSFilterw7x
2011-09-21 11:32:13,718 INFO Service AVGIDSFilterw7x is not installed
2011-09-21 11:32:13,718 DEBUG Service AVGIDSFilterw7x RegCleanup
2011-09-21 11:32:13,718 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2011-09-21 11:32:13,718 INFO Processing service AVGIDSDriverw7x
2011-09-21 11:32:13,734 INFO Service AVGIDSDriverw7x is not installed
2011-09-21 11:32:13,734 DEBUG Service AVGIDSDriverw7x RegCleanup
2011-09-21 11:32:13,734 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2011-09-21 11:32:13,734 INFO Processing service AVGIDSFilterw7a
2011-09-21 11:32:13,734 INFO Service AVGIDSFilterw7a is not installed
2011-09-21 11:32:13,734 DEBUG Service AVGIDSFilterw7a RegCleanup
2011-09-21 11:32:13,734 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2011-09-21 11:32:13,734 INFO Processing service AVGIDSDriverw7a
2011-09-21 11:32:13,734 INFO Service AVGIDSDriverw7a is not installed
2011-09-21 11:32:13,734 DEBUG Service AVGIDSDriverw7a RegCleanup
2011-09-21 11:32:13,734 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2011-09-21 11:32:13,734 INFO Processing service AVGIDSErHrxpx
2011-09-21 11:32:13,734 INFO Service AVGIDSErHrxpx is not installed
2011-09-21 11:32:13,734 DEBUG Service AVGIDSErHrxpx RegCleanup
2011-09-21 11:32:13,750 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2011-09-21 11:32:13,750 INFO Processing service AVGIDSErHrvtx
2011-09-21 11:32:13,750 INFO Service AVGIDSErHrvtx is not installed
2011-09-21 11:32:13,750 DEBUG Service AVGIDSErHrvtx RegCleanup
2011-09-21 11:32:13,750 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2011-09-21 11:32:13,750 INFO Processing service AVGIDSErHrvta
2011-09-21 11:32:13,750 INFO Service AVGIDSErHrvta is not installed
2011-09-21 11:32:13,750 DEBUG Service AVGIDSErHrvta RegCleanup
2011-09-21 11:32:13,750 DEBUG Registry keys for service AVGIDSErHrvta are not present
2011-09-21 11:32:13,750 INFO Processing service AVGIDSErHrw7x
2011-09-21 11:32:13,750 INFO Service AVGIDSErHrw7x is not installed
2011-09-21 11:32:13,750 DEBUG Service AVGIDSErHrw7x RegCleanup
2011-09-21 11:32:13,750 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2011-09-21 11:32:13,750 INFO Processing service AVGIDSErHrw7a
2011-09-21 11:32:13,750 INFO Service AVGIDSErHrw7a is not installed
2011-09-21 11:32:13,765 DEBUG Service AVGIDSErHrw7a RegCleanup
2011-09-21 11:32:13,765 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2011-09-21 11:32:13,765 INFO ***** Registry keys and values *****
2011-09-21 11:32:13,765 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2011-09-21 11:32:13,765 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2011-09-21 11:32:13,765 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2011-09-21 11:32:13,765 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2011-09-21 11:32:13,765 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2011-09-21 11:32:13,765 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2011-09-21 11:32:13,765 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2011-09-21 11:32:13,765 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2011-09-21 11:32:13,781 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2011-09-21 11:32:13,781 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2011-09-21 11:32:13,781 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2011-09-21 11:32:13,781 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2011-09-21 11:32:13,781 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2011-09-21 11:32:13,781 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2011-09-21 11:32:13,7
0
Réponse 4 / 17
amaterasu
21 sept. 2011 à 13:43
2. Et le log TDSSKiller:

2011/09/21 13:33:59.0359 4024 TDSS rootkit removing tool 2.5.23.0 Sep 20 2011 08:53:10
2011/09/21 13:33:59.0765 4024 ================================================================================
2011/09/21 13:33:59.0765 4024 SystemInfo:
2011/09/21 13:33:59.0765 4024
2011/09/21 13:33:59.0765 4024 OS Version: 5.1.2600 ServicePack: 3.0
2011/09/21 13:33:59.0765 4024 Product type: Workstation
2011/09/21 13:33:59.0765 4024 ComputerName: LICITRA-CHLOE
2011/09/21 13:33:59.0765 4024 UserName: LICITRA
2011/09/21 13:33:59.0765 4024 Windows directory: C:\WINDOWS
2011/09/21 13:33:59.0765 4024 System windows directory: C:\WINDOWS
2011/09/21 13:33:59.0765 4024 Processor architecture: Intel x86
2011/09/21 13:33:59.0765 4024 Number of processors: 2
2011/09/21 13:33:59.0765 4024 Page size: 0x1000
2011/09/21 13:33:59.0765 4024 Boot type: Normal boot
2011/09/21 13:33:59.0765 4024 ================================================================================
2011/09/21 13:34:01.0718 4024 Initialize success
2011/09/21 13:34:23.0500 2896 ================================================================================
2011/09/21 13:34:23.0500 2896 Scan started
2011/09/21 13:34:23.0500 2896 Mode: Manual;
2011/09/21 13:34:23.0500 2896 ================================================================================
2011/09/21 13:34:24.0250 2896 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/21 13:34:24.0375 2896 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/09/21 13:34:24.0546 2896 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/21 13:34:24.0640 2896 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/21 13:34:24.0937 2896 AR5211 (6d5f95602b8d0d994d31a864872b38ef) C:\WINDOWS\system32\DRIVERS\ar5211.sys
2011/09/21 13:34:25.0187 2896 AsusACPI (12415a4b61ded200fe9932b47a35fa42) C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
2011/09/21 13:34:25.0265 2896 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/21 13:34:25.0328 2896 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/21 13:34:25.0453 2896 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/21 13:34:25.0531 2896 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/21 13:34:25.0656 2896 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/09/21 13:34:25.0718 2896 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/09/21 13:34:25.0781 2896 avipbb (ecd583515e651fde7ab3340ccb813e5b) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/09/21 13:34:25.0781 2896 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\avipbb.sys. Real md5: ecd583515e651fde7ab3340ccb813e5b, Fake md5: 0f78d3dae6dedd99ae54c9491c62adf2
2011/09/21 13:34:25.0812 2896 avipbb - detected Rootkit.Win32.ZAccess.g (0)
2011/09/21 13:34:25.0843 2896 b7893402 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\36997559:1215745021.exe
2011/09/21 13:34:26.0640 2896 Suspicious file (Hidden): C:\WINDOWS\36997559:1215745021.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/21 13:34:26.0656 2896 b7893402 - detected HiddenFile.Multi.Generic (1)
2011/09/21 13:34:26.0781 2896 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/21 13:34:26.0875 2896 btaudio (4b43dfe1c1fbb305a1dc5504ef9bb34e) C:\WINDOWS\system32\drivers\btaudio.sys
2011/09/21 13:34:26.0984 2896 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/09/21 13:34:27.0062 2896 BTKRNL (70455baffc078b6152d1e52376296467) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/09/21 13:34:27.0171 2896 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/09/21 13:34:27.0281 2896 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys
2011/09/21 13:34:27.0359 2896 BTWUSB (2cfc2bd8785f82a42fcad83de1fa5a36) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/09/21 13:34:27.0468 2896 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/21 13:34:27.0531 2896 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/21 13:34:27.0640 2896 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/21 13:34:27.0703 2896 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/21 13:34:27.0781 2896 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/21 13:34:27.0937 2896 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/09/21 13:34:28.0015 2896 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/09/21 13:34:28.0281 2896 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/21 13:34:28.0390 2896 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/21 13:34:28.0515 2896 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/21 13:34:28.0609 2896 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/21 13:34:28.0703 2896 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/21 13:34:28.0828 2896 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/21 13:34:28.0968 2896 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/21 13:34:29.0062 2896 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/21 13:34:29.0140 2896 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/21 13:34:29.0187 2896 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/21 13:34:29.0265 2896 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/09/21 13:34:29.0312 2896 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/21 13:34:29.0406 2896 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/21 13:34:29.0578 2896 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/21 13:34:29.0671 2896 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/21 13:34:29.0781 2896 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/21 13:34:29.0921 2896 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/21 13:34:30.0093 2896 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/21 13:34:30.0359 2896 ialm (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/09/21 13:34:30.0640 2896 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/21 13:34:30.0953 2896 IntcAzAudAddService (c73a4a48fbb3d00c7dbc6fe4f5e3675f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/09/21 13:34:31.0187 2896 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/21 13:34:31.0234 2896 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/09/21 13:34:31.0281 2896 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/21 13:34:31.0312 2896 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/21 13:34:31.0406 2896 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/21 13:34:31.0468 2896 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/21 13:34:31.0515 2896 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/21 13:34:31.0609 2896 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/21 13:34:31.0718 2896 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/21 13:34:31.0796 2896 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/21 13:34:31.0859 2896 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/21 13:34:31.0906 2896 Ktp (6e775ade642556c6d43450d16d763fc2) C:\WINDOWS\system32\DRIVERS\ETD.sys
2011/09/21 13:34:31.0968 2896 L1e (303627228dd739d98289679901a38c8f) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
2011/09/21 13:34:32.0156 2896 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/21 13:34:32.0218 2896 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/21 13:34:32.0265 2896 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/21 13:34:32.0328 2896 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/21 13:34:32.0390 2896 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/21 13:34:32.0515 2896 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/21 13:34:32.0625 2896 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/21 13:34:32.0734 2896 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/21 13:34:32.0796 2896 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/21 13:34:32.0843 2896 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/21 13:34:32.0875 2896 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/21 13:34:32.0953 2896 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/21 13:34:33.0000 2896 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/21 13:34:33.0046 2896 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/21 13:34:33.0093 2896 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/21 13:34:33.0187 2896 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/21 13:34:33.0218 2896 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/21 13:34:33.0296 2896 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/21 13:34:33.0375 2896 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/21 13:34:33.0453 2896 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/21 13:34:33.0500 2896 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/21 13:34:33.0609 2896 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/21 13:34:33.0656 2896 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/21 13:34:33.0781 2896 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/21 13:34:33.0875 2896 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/21 13:34:34.0000 2896 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/21 13:34:34.0062 2896 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/21 13:34:34.0109 2896 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/21 13:34:34.0171 2896 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
2011/09/21 13:34:34.0250 2896 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/21 13:34:34.0296 2896 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/21 13:34:34.0343 2896 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/21 13:34:34.0421 2896 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/21 13:34:34.0500 2896 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/21 13:34:34.0890 2896 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/21 13:34:34.0937 2896 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/21 13:34:34.0984 2896 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/21 13:34:35.0218 2896 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/21 13:34:35.0296 2896 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/21 13:34:35.0375 2896 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/21 13:34:35.0421 2896 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/21 13:34:35.0515 2896 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/21 13:34:35.0562 2896 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/21 13:34:35.0656 2896 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/21 13:34:35.0750 2896 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/21 13:34:35.0906 2896 RT80x86 (162d6aee49372b9ce17c418cc5cde7b5) C:\WINDOWS\system32\DRIVERS\RT2860.sys
2011/09/21 13:34:36.0031 2896 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/21 13:34:36.0125 2896 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
2011/09/21 13:34:36.0187 2896 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/21 13:34:36.0296 2896 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/21 13:34:36.0406 2896 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/21 13:34:36.0578 2896 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/21 13:34:36.0687 2896 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/21 13:34:36.0921 2896 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/09/21 13:34:37.0015 2896 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/21 13:34:37.0078 2896 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/21 13:34:37.0171 2896 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/21 13:34:37.0546 2896 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/21 13:34:37.0656 2896 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/21 13:34:37.0750 2896 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/21 13:34:37.0781 2896 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/21 13:34:37.0859 2896 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/21 13:34:38.0031 2896 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/21 13:34:38.0312 2896 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/21 13:34:38.0421 2896 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/21 13:34:38.0593 2896 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/21 13:34:38.0671 2896 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/21 13:34:38.0796 2896 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/21 13:34:38.0906 2896 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/21 13:34:39.0093 2896 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/21 13:34:39.0203 2896 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/09/21 13:34:39.0296 2896 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/21 13:34:39.0515 2896 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/21 13:34:39.0718 2896 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/21 13:34:39.0859 2896 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/21 13:34:40.0062 2896 WpdUsb (c1b3d9d75c3fb735f5fa3a5806aded57) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/09/21 13:34:40.0140 2896 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/21 13:34:40.0265 2896 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
2011/09/21 13:34:40.0500 2896 Boot (0x1200) (831162d90603514379692c672ad024b5) \Device\Harddisk0\DR0\Partition0
2011/09/21 13:34:40.0578 2896 Boot (0x1200) (a06afe6fd5af52dc1e8df8c88343b913) \Device\Harddisk0\DR0\Partition1
2011/09/21 13:34:40.0593 2896 ================================================================================
2011/09/21 13:34:40.0593 2896 Scan finished
2011/09/21 13:34:40.0593 2896 ================================================================================
2011/09/21 13:34:40.0609 2116 Detected object count: 2
2011/09/21 13:34:40.0625 2116 Actual detected object count: 2
2011/09/21 13:36:50.0750 2116 avipbb (ecd583515e651fde7ab3340ccb813e5b) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/09/21 13:36:50.0765 2116 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\avipbb.sys. Real md5: ecd583515e651fde7ab3340ccb813e5b, Fake md5: 0f78d3dae6dedd99ae54c9491c62adf2
2011/09/21 13:36:51.0500 2116 Backup copy found, using it..
2011/09/21 13:36:51.0515 2116 C:\WINDOWS\system32\DRIVERS\avipbb.sys - will be cured after reboot
2011/09/21 13:36:51.0515 2116 Rootkit.Win32.ZAccess.g(avipbb) - User select action: Cure
2011/09/21 13:36:51.0515 2116 HiddenFile.Multi.Generic(b7893402) - User select action: Skip
2011/09/21 13:37:06.0015 2340 Deinitialize success


Qu'est ce que c'est un Rootkit.Win32.ZAccess.g(avipbb)???
Comment ce truc a atterri sur ma machine?

J'ai rebooté et j'ai toujours les alertes de sécurité qui apparaissent....
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 17
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
21 sept. 2011 à 14:23
Re,

Rootkit.Win32.ZAccess.g est un rootkit coriace.

On va essayer de le supprimer!

===========================

Avant d'utiliser ComboFix :

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

si tu as ce genre de d'outils sur ton pc Utilise Defogger pour les désactiver temporairement : sinon passe directement à combofix

. Télécharge Defogger (de jpshortstuff) sur ton Bureau

. Lance le

Une fenêtre apparait : clique sur "Disable"

. Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

Attention, avant de commencer, lit attentivement la procédure

/!\ Ne pas utiliser ce logiciel en dehors du cadre de cette désinfection : DANGEUREUX /!\

? Fais un clic droit sur ce lien, enregistre le dans ton bureau

Voici Aide combofix


* /!\ Déconnecte-toi du net et ARRÊTE TES LOGICIELS DE PROTECTION /!\


*Double-clique sur ComboFix.exe (ou exécuter en tant qu'administrateur pour vista et seven)

Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter

** SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
(si il te propose de l'installer remets internet)

? Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

*En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

** /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

*Note : Le rapport se trouve également là : C:\ComboFix.txt

@+
0
amateasu
21 sept. 2011 à 14:49
Un rootkit coriace: super!

ComboFix vient de planter. Tout allait bien jusqu'à l'acceptation de la licence, j'ai eu l'écran bleu puis il a crashé, depuis impossible de le relancer. Ce message apparait (exactement le même que pour mbam): "Windows ne parvient pas à accéder au périphérique, au chemin d'accès ou au fichier spécifié. Vous ne disposez peut etre pas des autorisations appropriées pour avoir accès à l'élément."
De plus, j'ai essayé de désactiver mon pare-feu Windows depuis le panneau de configuration, la case "désactivé" est coché mais il apparait toujours comme actif sur la page "Centre de sécurité"....
0
amateasu
21 sept. 2011 à 14:52
Ah oui et aussi j'ai sauvegardé ComboFix.exe sur mon bureau, mais l'icône rouge à tête de lion n'apparait pas...c'est grave docteur?
0
Réponse 6 / 17
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
21 sept. 2011 à 15:58
Re,

Supprime combofix, télécharge et enregistre le sous le nom Titti.exe.

Ensuite lance le en prenant toutes les précautions déjà citées

@+

0
Réponse 7 / 17
amaterasu
21 sept. 2011 à 16:54
OK je n'arrive pas à le désinstaller, mode sans échec ou pas. Il me dit que le fichier est en lecture seule puis: "Accès refusé: Vérifiez que le disque n'est pas plein ou protégé en écriture, et que le fichier n'est pas utilisé actuellement"

Évidemment, j'ai essayé de le renommer directement, impossible.

Je le jette par la fenêtre? ^^
0
Réponse 8 / 17
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
21 sept. 2011 à 20:35
Re,

1/
*Télécharge Rkill (de Grinler) depuis l'un des liens ci dessous :

http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com
https://download.bleepingcomputer.com/grinler/rkill.exe

*Enregistrer le fichier sur le Bureau.
*Désactive ton antivirus et/ou antispyware .
*Faire un double clic sur le fichier rkill téléchargé pour lancer l'outil.
Pour Vista, faire un clic droit sur le fichier rkill téléchargé puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
*Une fenêtre à fond noir va apparaître brièvement, puis disparaître.

Si rien ne se passe, ou si l'outil ne se lance pas, télécharger l'outil depuis un autre des quatre liens ci-dessus et faire une nouvelle tentative d'exécution. Un fichier log a du être créé sur le bureau, le coller dans la réponse

2/ Ensuite lance combofix stp

3/
Si encore des problèmes, lance combofix en mode sans échec avec prise en charge du réseau

@+

0
Réponse 9 / 17
amaterasu
21 sept. 2011 à 22:01
Salut Fish66,

Le premier lien est mort, les 3 autres ne donnent strictement rien, j'ai en effet une fenêtre qui s'affiche brièvement puis un ou deux soubresauts de mon écran de bureau, puis un désespérant...rien du tout...

C'est l'heure que je désespère? Pourquoi je ne peux rien lancer?

Merci encore de ton aide...
0
Réponse 10 / 17
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
22 sept. 2011 à 06:31
Bonjour,

Télécharge de nouveau Combofix, en le renommant au moment du téléchargement puis tu l'enregistre sur le bureau de ton PC.
Ensuite tu le lances en mode normal et s'il des problèmes lance le en mode sans échec avec prise en charge du réseau
0
Réponse 11 / 17
amaterasu
22 sept. 2011 à 11:43
Bonjour,

- Titti.exe ne s'exécute pas en mode normal.
- Titti2.exe (je ne peux utiliser chaque programme qu'une fois avant qu'il ne m'annonce que je n'ai plus le droit d'y toucher) ne s'exécute pas non plus en mode safe.
Il est vrai que les fenêtres restent présentes un peu plus longtemps que quand le fichier s'appelait Combofix mais je n'arrive jamais jusqu'à la console de récupération...
0
amaterasu
22 sept. 2011 à 12:04
Je sais pas si ça peut aider mais je viens de trouver ceci: C:\32788R22FWJFW.
Dans ce dossier, il y a tout le contenu de mon poste de travail, y compris un autre dossier C:\32788R22FWJFW.
Dans le même genre, j'ai un C:\2b66e99d1f624bec17e520a4, qui lui aussi a un miroir sous C:\32788R22FWJFW.

J'ai beau ne pas être très douée, je suis sûre que ce n'est pas moi qui ai nommé ces trucs.
0
amaterasu
22 sept. 2011 à 14:02
Je perds maintenant le contrôle de ma souris...
0
Réponse 12 / 17
amaterasu
23 sept. 2011 à 09:27
Fish?
0
Réponse 13 / 17
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
23 sept. 2011 à 15:18
Salut,

Attend stp, je vais me renseigner...

0
Réponse 14 / 17
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
25 sept. 2011 à 14:59
Salut,

desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu

Ferme toutes tes appilications en cours

telecharge et enregistre ceci sur ton bureau :

Pre_Scan

s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau

Avertissement: Il y aura une extinction courte du bureau --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr

Il se peut que l'outil soit un peu long sur la reattribution des fichiers tout depend combien tu en as , laisse-le travailler

Poste Pre_Scan.txt qui apparaitra sur le bureau en fin de scan

??? NE LE POSTE PAS SUR LE FORUM (il est trop long)

Le rapport à l'héberger (comme tu as fait pour le rapport ZHPDiag)
0
Réponse 15 / 17
amaterasu
26 sept. 2011 à 17:32
Salut Fish,

Merci de ta réponse, je me mets au boulot ;-)
0
Réponse 16 / 17
amaterasu
26 sept. 2011 à 18:08
Re,

La bonne nouvelle, c'est qu'il se lance au moins 3 min. La deuxième bonne nouvelle, c'est que je peux le supprimer si je veux.
La mauvaise, c'est qu'au bout de trois min de scan, le bureau disparaît une seconde fois puis plus rien. Et evidemment, pas de.txt nulle part...
0
Réponse 17 / 17
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
26 sept. 2011 à 21:11
Re,

Est ce que tu as téléchargé et enregistré le fichier Pre_scan sur le bureau de ton PC avant l'exécuter ?

Redémarre ton PC pour afficher le bureau et refais l'opération stp (en enregistrant le fichier Pre_scan avant l'exécution)

0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses