J'ai un malware nommé cyberlog x hlep

Résolu
wolfas13 Messages postés 60 Statut Membre -  
wolfas13 Messages postés 60 Statut Membre -
Bonjour,

je ce malware qui me gene enormement g intsallesmitfraudfix et j'ai chhoisit l'option 1 . je vous poste le raport dites moi ce qu'il fo faire pls!!

SmitFraudFix v2.250

Rapport fait à 20:30:07,35, 06/11/2007
Executé à partir de C:\Documents and Settings\nicolas\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\STK017_V2.01\STK017M.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\nicolas

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\nicolas\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\nicolas\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=dword:00000001
"AppInit_DLLs"="C:\\WINDOWS\\system32\\__c0020400.dat"

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Rustock

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: ATMEL USB FastVNET (AR) - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{7636EF0F-96FF-47E5-A7BE-1B10E717B0E1}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{7636EF0F-96FF-47E5-A7BE-1B10E717B0E1}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{7636EF0F-96FF-47E5-A7BE-1B10E717B0E1}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
Configuration: Windows XP
Firefox 2.0.0.9

29 réponses

  • 1
  • 2
  1. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    Bienvenue sur le forum d’entraide de CommentCaMarche.net

    Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
    De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
    Merci de votre compréhension.

    Télécharge HijackThis ici:
    http://telechargement.zebulon.fr/138-hijackthis-1991.html

    Dézippe le dans un dossier prévu à cet effet.
    Par exemple C:\hijackthis < Enregistre-le bien dans c : !
    Démo : (Merci a Balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/balltrap34/Hijenr.gif

    Lance le puis:
    Clique sur "do a system scan and save logfile" (cf démo)
    Faire un copier coller du log entier sur le forum

    Démo : (Merci a Balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/balltrap34/demohijack.htm

    Bon courage

    A+
    0
  2. wolfas13 Messages postés 60 Statut Membre 3
     
    ok je ferai ca ce soir qd je rentre et je poste apres !!
    0
  3. wolfas13 Messages postés 60 Statut Membre 3
     
    tiens voila le rapport; encore merci!

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:45 nicolas, on 07/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AlienGUIse\wbload.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Symantec\LiveUpdate\luall.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Documents and Settings\nicolas\Bureau\HiJackThis\HijackThis.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/fr-fr/index
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
    O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\zctqcksc.dll
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Recordpad] "C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" -logon
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [La_View Mouse] C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe
    O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: STK017 PNP Monitor.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0020400.dat
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\qaebubos.exe (file missing)
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
    0
  4. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    Ok

    Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    et sauvegarde le sur ton bureau et pas ailleurs!

    Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
    Attends que combofix ait terminé, un rapport sera créé. Poste le rapport
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. wolfas13 Messages postés 60 Statut Membre 3
     
    Je poste ce rapport ce soir si c'est pas long sinn ce sera demin merci de ton aide
    0
  7. wolfas13 Messages postés 60 Statut Membre 3
     
    le petit triangle jaune dans la barre de notification n'apparati plus et les 2 icone sur le bureau nn plus de live safety etc...
    je te poste le rappport :
    mais il reapparati a nouveau 1 heure apres
    ComboFix 07-11-08.1 - nicolas 2007-11-07 20:52:42.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.933 [GMT 1:00]
    Running from: C:\Documents and Settings\nicolas\Bureau\ComboFix.exe
    * Created a new restore point
    .

    Incapable d'obtenir les privilèges Système

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Menu Démarrer\Live Safety Center.lnk
    C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk
    C:\Documents and Settings\nicolas\Bureau\Live Safety Center.lnk
    C:\Documents and Settings\nicolas\Bureau\Online Security Guide.lnk
    C:\Documents and Settings\nicolas\Favoris\Online Security Guide.lnk
    C:\Program Files\newdotnet
    C:\Program Files\newdotnet\readme.html
    C:\Program Files\newdotnet\uninstall6_38.exe
    C:\Program Files\newdotnet\uninstall7_48.exe
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\NDNuninstall6_38.exe
    C:\WINDOWS\NDNuninstall7_48.exe
    C:\WINDOWS\system32\afomhfxc.dll
    C:\WINDOWS\system32\bsioxkul.dll
    C:\WINDOWS\system32\mipqweve.dll
    C:\WINDOWS\system32\pcrendjy.dll
    C:\WINDOWS\system32\pqtss.bak1
    C:\WINDOWS\system32\pqtss.bak2
    C:\WINDOWS\system32\pqtss.ini
    C:\WINDOWS\system32\pqtss.ini2
    C:\WINDOWS\system32\pqtss.tmp
    C:\WINDOWS\system32\rk.bin
    C:\WINDOWS\system32\rlvknlg.exe
    C:\WINDOWS\system32\sstqp.dll
    C:\WINDOWS\system32\uthccudj.dll
    C:\WINDOWS\system32\ypvykumw.dll
    C:\WINDOWS\system32\zctqcksc.dllbox

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\LEGACY_DOMAINSERVICE
    -------\DomainService

    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-08 to 2007-11-08 ))))))))))))))))))))))))))))))))))))
    .

    2007-11-07 20:50 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-11-07 19:37 79,936 --a------ C:\WINDOWS\system32\ybmyonaa.dll
    2007-11-07 19:34 86,080 --a------ C:\WINDOWS\system32\mngidhqo.dll
    2007-11-07 19:31 71,232 --a------ C:\WINDOWS\system32\uxkwkxgc.exe
    2007-11-07 17:43 79,936 --a------ C:\WINDOWS\system32\yfbjthiq.dll
    2007-11-07 17:40 71,232 --a------ C:\WINDOWS\system32\alddnkpi.exe
    2007-11-07 17:34 71,232 --a------ C:\WINDOWS\system32\iyjjfvrm.exe
    2007-11-06 21:28 87,104 --a------ C:\WINDOWS\system32\ssjaxrwl.dll
    2007-11-06 21:21 81,472 --a------ C:\WINDOWS\system32\juoxwcir.dll
    2007-11-06 21:19 71,232 --a------ C:\WINDOWS\system32\srcgexdn.exe
    2007-11-06 20:52 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\Grisoft
    2007-11-06 20:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-11-06 20:52 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-11-06 20:30 4,080 --a------ C:\WINDOWS\system32\tmp.reg
    2007-11-06 19:07 <REP> d-------- C:\Program Files\Avira
    2007-11-06 19:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2007-11-06 18:49 <REP> d-------- C:\Program Files\Panda Security
    2007-11-06 18:32 81,472 --a------ C:\WINDOWS\system32\xsvwscik.dll
    2007-11-06 18:23 145,984 --a------ C:\WINDOWS\system32\zctqcksc.dll
    2007-11-06 18:23 145,984 --a------ C:\WINDOWS\system32\ukairyyi.dll
    2007-11-04 10:31 78,912 --a------ C:\WINDOWS\system32\odflaypu.dll
    2007-11-03 10:00 81,472 --a------ C:\WINDOWS\system32\jdjrhcad.dll
    2007-10-30 09:06 589 --a------ C:\WINDOWS\system32\ukiogvra.dll
    2007-10-29 16:59 589 --a------ C:\WINDOWS\system32\farbggvr.dll
    2007-10-29 14:31 589 --a------ C:\WINDOWS\system32\tkynrwvo.dll
    2007-10-29 12:38 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\ArcSoft
    2007-10-29 12:37 11,776 --a------ C:\WINDOWS\system32\drivers\afc.sys
    2007-10-29 12:36 <REP> d-------- C:\Program Files\Hercules
    2007-10-29 12:36 <REP> d-------- C:\Program Files\Fichiers communs\ArcSoft
    2007-10-29 12:36 245,408 --a------ C:\WINDOWS\system32\unicows.dll
    2007-10-29 12:36 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
    2007-10-29 12:34 <REP> d-------- C:\WINDOWS\OvtCam
    2007-10-29 12:34 161,792 --------- C:\WINDOWS\system32\drivers\ov530vid.sys
    2007-10-29 12:34 61,440 --------- C:\WINDOWS\ov530dib.dll
    2007-10-29 12:34 40,960 --------- C:\WINDOWS\system32\ov530ext.dll
    2007-10-29 12:34 25,177 --------- C:\WINDOWS\system32\drivers\ov530cmd.sys
    2007-10-29 12:34 16,440 --------- C:\WINDOWS\system32\ov530usd.dll
    2007-10-29 09:57 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\Recordpad
    2007-10-29 09:19 589 --a------ C:\WINDOWS\system32\ehvecyts.dll
    2007-10-27 16:21 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
    2007-10-27 16:21 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
    2007-10-27 16:21 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
    2007-10-27 16:21 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
    2007-10-27 16:21 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
    2007-10-27 16:21 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
    2007-10-27 16:21 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
    2007-10-27 16:17 <REP> d-------- C:\Program Files\Electronic Arts
    2007-10-24 15:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-10-24 12:48 <REP> d-------- C:\Program Files\MediaCoder
    2007-10-24 12:42 <REP> d-------- C:\Program Files\GXTranscoder.net AWE
    2007-10-24 10:28 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\AVS4YOU
    2007-10-24 10:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU
    2007-10-24 10:27 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia
    2007-10-24 10:25 <REP> d-------- C:\Program Files\AVS4YOU
    2007-10-24 10:23 1,700,352 --a------ C:\WINDOWS\system32\GdiPlus.dll
    2007-10-24 10:23 524,288 --a------ C:\WINDOWS\system32\xvidcore.dll
    2007-10-24 10:23 413,760 --a------ C:\WINDOWS\system32\mpg4c32.dll
    2007-10-24 10:23 261,632 --a------ C:\WINDOWS\system32\mcdvd_32.dll
    2007-10-24 10:23 139,264 --a------ C:\WINDOWS\system32\xvidvfw.dll
    2007-10-24 10:10 <REP> d-------- C:\Temp
    2007-10-24 10:05 <REP> d-------- C:\Program Files\QuickTime
    2007-10-24 10:05 <REP> d-------- C:\Program Files\ImTOO
    2007-10-21 11:00 <REP> d-------- C:\Program Files\oZone3D
    2007-10-20 13:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Software
    2007-10-14 13:34 <REP> d-------- C:\Program Files\NCH Software
    2007-10-14 13:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    2007-10-14 13:32 <REP> d-------- C:\Program Files\NCH Swift Sound
    2007-10-14 13:32 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\NCH Swift Sound
    2007-10-14 13:31 <REP> d-------- C:\Program Files\Winamp
    2007-10-14 13:31 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\Winamp
    2007-10-13 17:31 <REP> d-------- C:\Program Files\GT2002
    2007-10-13 11:16 <REP> d-------- C:\WINDOWS\pss
    2007-10-11 20:23 <REP> d-------- C:\Program Files\WinMX
    2007-10-11 19:37 <REP> d-------- C:\Program Files\WinISO
    2007-10-11 18:33 <REP> d-------- C:\Program Files\Smart Projects
    2007-10-11 16:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-11-07 18:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-11-07 18:28 --------- d-----w C:\Documents and Settings\nicolas\Application Data\OpenOffice.org2
    2007-11-07 17:34 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2007-11-07 16:33 --------- d-----w C:\Program Files\STK017_V2.01
    2007-11-06 19:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2007-10-29 11:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-10-24 08:28 --------- d-----w C:\Documents and Settings\nicolas\Application Data\Nokia Multimedia Player
    2007-10-22 19:23 --------- d-----w C:\Documents and Settings\nicolas\Application Data\DivX
    2007-10-22 19:10 --------- d-----w C:\Program Files\Picasa2
    2007-10-21 15:33 --------- d-----w C:\Program Files\Java
    2007-10-20 10:31 --------- d-----w C:\Program Files\DeskSpace
    2007-10-12 18:36 --------- d-----w C:\Program Files\Silkroad
    2007-10-07 08:06 --------- d-----w C:\Program Files\Elaborate Bytes
    2007-10-06 16:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\SlySoft
    2007-10-06 16:20 --------- d-----w C:\Program Files\SlySoft
    2007-10-06 16:17 --------- d-----w C:\Documents and Settings\nicolas\Application Data\Skype
    2007-10-06 16:08 --------- d-----w C:\Program Files\DiskTrix
    2007-10-06 16:03 --------- d-----w C:\Documents and Settings\nicolas\Application Data\OtakuSoftware
    2007-10-06 15:44 --------- d-----w C:\Documents and Settings\nicolas\Application Data\Joost
    2007-10-05 17:12 --------- d-----w C:\Program Files\AxBx
    2007-10-04 16:09 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2007-10-04 16:09 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
    2007-10-04 16:09 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2007-10-04 16:09 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2007-10-04 16:09 --------- d-----w C:\Program Files\Symantec
    2007-09-29 09:32 --------- d-----w C:\Documents and Settings\nicolas\Application Data\Nokia
    2007-09-23 17:19 --------- d-----w C:\Program Files\Nokia
    2007-09-23 17:19 --------- d-----w C:\Program Files\Fichiers communs\Nokia
    2007-09-23 17:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
    2007-09-21 19:41 --------- d-----w C:\Program Files\DivX
    2007-09-18 12:44 10,662 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat
    2007-09-18 12:44 10,662 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat
    2007-09-18 12:44 10,658 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat
    2007-09-18 12:44 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf
    2007-09-18 12:44 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf
    2007-09-18 12:44 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf
    2007-09-18 12:43 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
    2007-09-18 12:43 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
    2007-09-18 12:43 278,576 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
    2007-09-17 18:23 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    2007-09-17 18:23 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    2007-09-17 18:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    2007-09-17 18:22 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
    2007-09-16 14:21 --------- d-----w C:\Program Files\PhotoFiltre
    2007-09-15 19:12 --------- d-----w C:\Program Files\eRightSoft
    2007-09-13 11:54 --------- d-----w C:\Program Files\Skype
    2007-09-13 11:54 --------- d-----w C:\Program Files\Fichiers communs\Skype
    2007-09-13 11:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
    2007-09-11 23:14 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2007-09-10 16:51 --------- d-----w C:\Program Files\TI Education
    2007-09-10 04:58 --------- d-----w C:\Program Files\Usability Sciences
    2007-09-09 14:15 --------- d-----w C:\Program Files\Fichiers communs\TI Shared
    2007-09-09 14:14 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2007-09-09 12:13 --------- d-----w C:\Program Files\SdLL
    2007-09-08 17:21 --------- d-----w C:\Program Files\Norton 360
    2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    2007-08-21 00:26 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2007-08-21 00:26 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    2007-08-15 22:33 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2007-08-15 22:33 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2007-08-15 22:33 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-08-15 22:33 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2007-08-15 22:33 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2007-08-15 22:33 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2007-08-15 22:33 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-08-15 22:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2007-08-15 22:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2007-08-15 22:31 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    2007-08-15 22:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    2007-08-15 22:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2007-08-15 22:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    2007-08-15 22:30 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2007-05-18 16:40 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    2006-05-03 09:06:54 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
    2007-02-21 10:47:16 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}]
    C:\Program Files\NewDotNet\newdotnet7_48.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{790fd541-85b9-410d-aabf-05288a74242c}]
    2007-11-07 19:37 79936 --a------ C:\WINDOWS\system32\ybmyonaa.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
    2007-11-06 18:23 145984 --a------ C:\WINDOWS\system32\zctqcksc.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\zctqcksc.dll [2007-11-06 18:23 145984]

    [HKEY_CLASSES_ROOT\CLSID\{11A69AE4-FBED-4832-A2BF-45AF82825583}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "nTrayFw"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2005-04-29 17:22]
    "NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" [2004-12-06 11:06]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-09 08:29]
    "nwiz"="nwiz.exe" [2006-03-09 08:29 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-03-09 08:29]
    "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-03-14 19:10]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
    "SoundMan"="SOUNDMAN.EXE" [2006-11-17 04:42 C:\WINDOWS\soundman.exe]
    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10]
    "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22]
    "AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 14:53]
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 06:28]
    "Recordpad"="C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" [2007-10-29 09:56]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
    "105deb37"="C:\WINDOWS\system32\mngidhqo.dll" [2007-11-07 19:34]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-18 18:07]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
    "La_View Mouse"="C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe" [2006-01-04 17:32]
    "DeskSpace"="C:\Program Files\DeskSpace\deskspace.exe" []
    "ares"="C:\Program Files\Ares\Ares.exe" []

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
    "Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "AllowLegacyWebView"=1 (0x1)
    "AllowUnhashedWebView"=1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
    C:\Program Files\AlienGUIse\fastload.dll 2001-12-20 22:34 24576 C:\Program Files\AlienGUIse\fastload.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winexz32]
    winexz32.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\zctqcksc]
    zctqcksc.dll 2007-11-06 18:23 145984 C:\WINDOWS\system32\zctqcksc.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Authentication Packages"= msv1_0 C:\WINDOWS\system32\sstqp.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
    "C:\Program Files\Ares\Ares.exe" -h

    R2 TICalc;TICalc;C:\WINDOWS\system32\drivers\TICalc.sys
    R3 ATMELFVNETusb(AR)(R);ATMEL FVNETusb(AR)(R) Service for ATMEL USB FastVNET (AR);C:\WINDOWS\system32\DRIVERS\vnetusbr.sys
    S3 ovt530;Webcam Classic;C:\WINDOWS\system32\Drivers\ov530vid.sys
    S3 SaiHFF0C;SaiHFF0C;C:\WINDOWS\system32\DRIVERS\SaiHFF0C.sys
    S3 SaiUFF0C;SaiUFF0C;C:\WINDOWS\system32\DRIVERS\SaiUFF0C.sys
    S3 SilverLink;Texas Instruments SilverLink (USB GraphLink) Cable;C:\WINDOWS\system32\Drivers\SilvrLnk.sys

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{634bfe42-0566-11dc-9e73-806d6172696f}]
    \Shell\AutoRun\command - F:\POV.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd5ec2a8-055f-11dc-9694-0006f404143d}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Boot.exe e
    \Shell\Open\command - G:\Boot.exe e

    *Newly Created Service* - COMHOST
    .
    **************************************************************************

    catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-08 21:05:40
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-11-08 21:07:50 - machine was rebooted
    .
    --- E O F ---
    0
  8. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    ok

    Fais un clic droit sur ce lien :
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Fais un clic droit sur navilog1.zip et choisis "tout extraire"
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le blocnote.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
    0
  9. wolfas13 Messages postés 60 Statut Membre 3
     
    ok je fé ce qe vous me dites ce soir;la je suis aps sur mon ordi. merci
    0
  10. wolfas13 Messages postés 60 Statut Membre 3
     
    tiens voila le rapport et je te donne un lien avec les fichiers qe advira antivir ma mis en quarantaine
    lien:[URL=https://imageshack.com/]
    Search Navipromo version 3.3.4 commencé le 09/11/2007 à 18:32:19,90

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Mise à jour le 02.11.2007 à 12h00 par IL-MAFIOSO

    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.11

    *** Recherche Programmes installés ***

    *** Recherche dossiers dans C:\WINDOWS ***

    *** Recherche dossiers dans C:\Program Files ***

    *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***

    *** Recherche dossiers dans C:\Documents and Settings\nicolas\Application Data ***

    *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***

    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Aucun fichier trouvé dans :

    - C:\WINDOWS\system32
    - C:\DOCUME~1\NICOLAS\LOCALS~1\APPLIC~1

    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans C:\WINDOWS\system32 *

    * Recherche dans C:\DOCUME~1\NICOLAS\LOCALS~1\APPLIC~1 *

    *** Recherche fichiers ***

    *** Recherche clés spécifiques dans le Registre ***

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche fichiers connus:
    C:\WINDOWS\system32\oqhdignm.ini2 trouvé ! infection Vundo possible non traitée par cet outil !

    2)Recherche Heuristique :

    3)Recherche Certificats :

    Certificat Egroup absent !

    *** Analyse terminée le 09/11/2007 à 18:33:43,87 ***
    0
  11. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    Salut

    Ok.

    Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
    http://www.atribune.org/ccount/click.php?id=4

    Double-clique VundoFix.exe afin de le lancer.
    Clique sur le bouton Scan for Vundo.
    Lorsque le scan est complété, clique sur le bouton Remove Vundo.
    Une invite te demandera si tu veux supprimer les fichiers, clique YES
    Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
    Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown") ; clique OK
    Démarre ton PC à nouveau.
    Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

    A+
    0
  12. wolfas13 Messages postés 60 Statut Membre 3
     
    je v faire ce qe tu me di et je te colle les rapports tout de suite apres
    0
  13. wolfas13 Messages postés 60 Statut Membre 3
     
    voila les rapports; je te mets vundofix en premier puis hijackthis.

    Beginning removal...

    VundoFix V6.5.11

    Checking Java version...

    Scan started at 10:07:03 nicolas 11/11/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\zctqcksc.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\zctqcksc.dll
    C:\WINDOWS\system32\zctqcksc.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:28 nicolas, on 11/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AlienGUIse\wbload.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
    C:\WINDOWS\System32\svchost.exe
    C:\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/fr-fr/index
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
    O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: {c24247a8-8250-fbaa-d014-9b58145df097} - {790fd541-85b9-410d-aabf-05288a74242c} - C:\WINDOWS\system32\ybmyonaa.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
    O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Recordpad] "C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" -logon
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [105deb37] rundll32.exe "C:\WINDOWS\system32\mngidhqo.dll",b
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [La_View Mouse] C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe
    O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: STK017 PNP Monitor.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: winexz32 - winexz32.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
    0
  14. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    Re,

    On va essayer comme cela mais je doute que cela soit suffisant. Quoi qu'il en soit il en restera a supprimer.

    télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
    double-clique sur OTMoveIt.exe pour le lancer.
    copie la liste qui se trouve ci-dessous,
    et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

    C:\WINDOWS\system32\ybmyonaa.dll
    C:\WINDOWS\system32\mngidhqo.dll
    C:\WINDOWS\system32\uxkwkxgc.exe
    C:\WINDOWS\system32\yfbjthiq.dll
    C:\WINDOWS\system32\alddnkpi.exe
    C:\WINDOWS\system32\iyjjfvrm.exe
    C:\WINDOWS\system32\ssjaxrwl.dll
    C:\WINDOWS\system32\juoxwcir.dll
    C:\WINDOWS\system32\srcgexdn.exe
    C:\WINDOWS\system32\xsvwscik.dll
    C:\WINDOWS\system32\zctqcksc.dll
    C:\WINDOWS\system32\ukairyyi.dll
    C:\WINDOWS\system32\odflaypu.dll
    C:\WINDOWS\system32\jdjrhcad.dll
    C:\WINDOWS\system32\ukiogvra.dll
    C:\WINDOWS\system32\tkynrwvo.dll 
    C:\Program Files\Fichiers communs\Symantec Shared
    C:\Documents and Settings\All Users\Application Data\Symantec
    C:\Program Files\Symantec
     C:\Program Files\NewDotNet


    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre "Results".
    clique sur Exit pour fermer.
    poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

    Puis remet un HijackThis + un combofix.

    A+
    0
  15. wolfas13 Messages postés 60 Statut Membre 3
     
    ok je fé tout de suite ces actions +
    0
  16. wolfas13 Messages postés 60 Statut Membre 3
     
    voila le resultat de OTmoveit

    File/Folder C:\WINDOWS\system32\ybmyonaa.dll not found.
    File/Folder C:\WINDOWS\system32\mngidhqo.dll not found.
    File/Folder C:\WINDOWS\system32\uxkwkxgc.exe not found.
    File/Folder C:\WINDOWS\system32\yfbjthiq.dll not found.
    File/Folder C:\WINDOWS\system32\alddnkpi.exe not found.
    File/Folder C:\WINDOWS\system32\iyjjfvrm.exe not found.
    LoadLibrary failed for C:\WINDOWS\system32\ssjaxrwl.dll
    C:\WINDOWS\system32\ssjaxrwl.dll NOT unregistered.
    File move failed. C:\WINDOWS\system32\ssjaxrwl.dll scheduled to be moved on reboot.
    File/Folder C:\WINDOWS\system32\juoxwcir.dll not found.
    File/Folder C:\WINDOWS\system32\srcgexdn.exe not found.
    File/Folder C:\WINDOWS\system32\xsvwscik.dll not found.
    File/Folder C:\WINDOWS\system32\zctqcksc.dll not found.
    File/Folder C:\WINDOWS\system32\ukairyyi.dll not found.
    LoadLibrary failed for C:\WINDOWS\system32\odflaypu.dll
    C:\WINDOWS\system32\odflaypu.dll NOT unregistered.
    File move failed. C:\WINDOWS\system32\odflaypu.dll scheduled to be moved on reboot.
    LoadLibrary failed for C:\WINDOWS\system32\jdjrhcad.dll
    C:\WINDOWS\system32\jdjrhcad.dll NOT unregistered.
    File move failed. C:\WINDOWS\system32\jdjrhcad.dll scheduled to be moved on reboot.
    File/Folder C:\WINDOWS\system32\ukiogvra.dll not found.
    File/Folder C:\WINDOWS\system32\tkynrwvo.dll not found.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\TextHub scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\incoming scheduled to be deleted on reboot.
    Folder move failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\BinHub\hh scheduled to be moved on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\BinHub scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\VAScanner scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SymTheme scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{420F8FCF-8F5E-4518-A5B3-FBBD56B98FEC}_1_1_0_38\Support\Reporter scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{420F8FCF-8F5E-4518-A5B3-FBBD56B98FEC}_1_1_0_38\Support scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{420F8FCF-8F5E-4518-A5B3-FBBD56B98FEC}_1_1_0_38 scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\Support\Reporter scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\Support scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184 scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SymSetup scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SymHTML scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SymcData scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\Support Controls scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SRTSP scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SPManifests scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\SPBBC scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\Security Center scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\PIF scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\Options scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\OPC scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\NPC scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\NHelp scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\MSL scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\IDS scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\Firewall scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\EENGINE scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\coShared\WP scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\coShared\WA scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\coShared\Common scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\coShared scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\COH scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\Cleanup scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\CF\Manifests scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\CF scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\Bonus\Log scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\Bonus scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\AppCore scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\AntiVirus scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\AntiSpam\Log scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\AntiSpam scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Fichiers communs\Symantec Shared scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\SyKnAppS\Updates scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\SyKnAppS\LiveUpdate scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\SyKnAppS\Freezer scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\SyKnAppS scheduled to be deleted on reboot.
    Folder move failed. C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp scheduled to be moved on reboot.
    Folder move failed. C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine scheduled to be moved on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{FEFAEB87-E88A-4EDC-95C7-AF74AF5C8B41} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{FD5D99F5-A829-4077-ACDD-CAFF944EDB49} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{FCF6B885-4248-4736-AC4B-71E813F9DD44} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{FCAAC9F4-CACB-48B6-BD94-00B284654865} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{FC641E5A-D85C-4A7B-A688-3E6E4E1F6E9D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{FC3A3EF3-2E1D-4897-B2B6-7F7336E8ADDC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{FB23F301-3130-4D69-BF5E-5766C7B6106C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F8F7CC74-3E48-4AEE-9CA7-1019E2E4E279} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F8813246-FA5E-4132-8D6A-4E6C806F8D1A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F875F496-7103-4650-80C9-E72DAB267887} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F841EBD6-8B59-4C15-B327-925B92817A75} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F82D0215-131E-458D-8E58-332E3F8F8617} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F74D1D36-47FD-4D93-B20F-EF13F45E155D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F67470B9-BC49-4B2F-A6B1-EDC34D6B3293} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F54FC706-EACA-47E2-8A1B-8A6A81185199} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F4C31FC1-226A-4C6C-8D6E-60A099A1FEF7} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F4B383D2-F3F5-4625-BD1A-1A562E17A000} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F4172ADE-1570-40B1-9CD6-7C171194C9F1} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F24C052B-1E2E-4AFC-9C86-A5AFC46AC899} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F1DFBC59-13DC-4CA3-A7B3-3035A9DE5758} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{F033652B-B32C-4140-9177-94D73602404E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{EE2E1E61-5804-44CF-83CA-8512257AB881} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{ED402548-68AF-4884-A7DD-E5FBDF24314E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{EAFF75E2-2FDF-4FBC-8E81-48993EF0A1F6} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{EAC749E8-FDB7-4B91-AF49-5A107C4520E5} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E90D809D-4588-45E6-8D42-CEE38FEE8E09} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E8B00F15-0D41-4931-A563-EC9DC3DD041C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E798F5EA-CC80-4F25-8ED8-2FDEDCFDB656} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E6C97506-E114-4B13-B5A6-277C5FD2F66A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E6A13564-0ABA-4C6D-90D3-C66AF4C9233D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E691F1E4-9EEC-45E2-8A44-D82461BF2DE7} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E62820B0-5B27-4FDF-8DDF-C5618564BD94} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E5BCF539-A1DE-4599-A1C3-586064F50297} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E58D72AC-16E9-43EF-971A-0AD67A2DA3B2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E4DCCEB6-0B2F-4D9D-B144-A0B788C576DB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E39089A1-2A27-4E28-A68D-1F658486EFD9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E37F40C1-35BF-4713-A092-D7D6F56133E9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E361AFD6-EE7D-4B2A-B399-F3FC0DE7A328} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E3618CD1-8ABA-4978-A2E2-0F172FFD907E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E284E515-947D-40A4-A93C-AB3F9BB7BAB2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E26D48D4-D740-4303-AEF3-9A596EA6F689} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E22A5EB9-9F98-42F7-B72B-56AB6BC67427} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E1C42F43-E735-4451-875D-6B8CFB9C6F0B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E1853CDD-AB3A-4993-8BB9-F6C6DDD538EB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E159ADF1-7682-4044-8DCA-6325C017FED9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E09B9BB8-C5FF-42C2-9A97-7E8DE949F659} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{E06166A3-C5DE-449D-A5A7-FC36561F2067} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DFF9F627-3842-44E0-AEFC-9F86E01C1FA0} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DF355A46-3B96-4B92-8D4A-0EED7322E882} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DE89EA25-A723-4B57-BD16-BDF983B88B35} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DE7AD178-517C-4C5E-B2BB-87AC12FAE78C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DD1FFBA2-80D7-4F32-9D5E-7CC0BFBD1656} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DD1741B5-254B-4824-895C-0E9A0B5DB212} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DCFA4896-13AC-4EB2-9424-8A3783C0167E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DC82EF6F-1D8C-429D-9A3D-81A1AA5792D0} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DC509FF8-659B-472C-8B9E-352BC0E9E5CD} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DA860860-EBB6-4B2D-85FE-7604F3740959} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{DA5DA8DD-FE0F-485E-ABB3-3BE057D7BE07} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D9E6D6DC-D7F5-46DA-B2B1-FEEF1711A4AE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D99E81D4-D227-4E7D-B07D-9BAAB48D5DD9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D6808DD4-7348-48B1-8A3E-6CBD03A89232} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D5FFE0B7-0630-449B-A8D8-FEEE336C94AC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D5AB7E81-D5A5-4471-9E70-B3692BB61343} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D5A9FED6-B2A6-4BA4-B8F4-6588D515D14E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D51012D5-31C5-46D2-A9BD-8BA70527178F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D333AE78-E287-405C-9C9A-331BF69C3BF9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D306EB37-B237-4D4C-9C6D-741FC4702A99} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D1F21A9B-3974-49F5-B7FE-C3C4EE8259D4} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D178EDF8-CBB6-4A68-ABD8-06A318D87FEB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D17847EE-F97E-488C-BCBA-54FC26209645} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D16C6B23-C48F-41FC-809A-47E7E61A1E36} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D1572E8B-DBBB-4831-A6BD-80BE4E3BE66F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{D0615EA6-D4B4-48A1-9A25-9CEA795130D8} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{CFB519C5-F917-4EC8-A784-318DFA0183CB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{CF684445-7602-4DD2-8D77-455987640849} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{CE653BA0-4B8D-47AE-9BA5-00B659701830} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{CE4030F2-42F0-4022-AB46-24D2E453DB10} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{CD9DAAE6-B6D9-4BDA-AC45-6A0297340F0B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{CD88B8E7-5FE6-44D9-8DA4-F4B968ECDF0C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{CD2082DE-6979-45F2-9189-96A1D5270493} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{CCD1FEEC-6B5D-4E64-B1B8-6FFE2E5BB424} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{C961A21B-CDE3-4C22-9C94-5BEC7ABB40DA} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{C674409E-E04F-409D-9437-F6097B9A4A9B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{C42212F1-F54F-47FB-B6BB-0461D234260A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{C367B382-37CF-4236-B74C-97491BCA42A5} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{C32624F8-6DF0-4D80-8DE8-F2E8C1E55EF7} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{C01FEB0E-E84F-4BB3-9C8B-3682D92B03FE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{C01FC847-EFC7-4087-8425-BBDD14D27242} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BFA318EF-E7D9-4FE4-8BCA-BFB98BEA921F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BF347EF9-2814-4CDE-8A32-829A5C56F4DC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BEB2A4C8-20B6-4A0C-B812-6B5B205C81CE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BE80695A-1D06-417D-825E-8250F2ADB2A1} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BE1BC757-E1E3-4E9A-885B-A7D0B0F8DE34} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BDE722E5-79F2-44CD-9003-F33A1EB2C36C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BC191A35-C94A-408F-BD90-6AF9C729D47B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BB72126F-944C-44F1-87BA-8A0A73EBED00} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BAFA53CE-BBFA-485C-8EA9-3FBDCE62DB71} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BAC5E0D6-4AE8-4859-A6CF-AB0A9EA5290B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BA3F3757-D5DB-49CC-ACB2-1B321EBFE174} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{BA3EA398-FD88-486C-AE08-A2C85395D6E5} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B802A1A9-CAEA-40A8-8CC9-FDC4BA72E9B2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B7933C64-0845-4374-BBD6-9F699B34571B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B78A3B09-C657-4B98-8CE2-AECE08353E87} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B771B966-953C-4CD6-8471-72DCA83C1FFC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B6E56D68-3399-41F4-A0C4-5D137B5F7CEE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B6156982-1927-4D87-88F3-FFF2EDC17F46} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B4895AF0-B915-42FA-ACC1-F6855C5623DB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B44AB1DC-CE35-49EC-8647-07A6D4E28FEC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B25F6B78-D768-4B4B-9315-625667512FCB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B0CF2FDE-C7BA-457D-AD67-7C0E524D9723} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{B025AECE-5082-412C-92A8-EF1971FD1D3F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{AE9FD9AE-D1A0-4783-A7BE-0933D8C477ED} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{AD8A8A50-31AB-4F5C-97E6-2D0E877DC231} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{AD79C753-5D73-4175-B833-853538304CE3} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{ABEAA2C5-4AB0-4797-9F0D-D3E218414983} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{ABCFDBA1-264F-4FE4-9318-78B0C7A689FB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{AB781ACD-380A-460C-8E0B-9FA781236606} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{AB0B44E6-E0E4-4769-91E0-D85D423DC725} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{AAC4BEF6-DCD0-4382-BD7F-4B1DBDC01686} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{AA77129B-1731-47C8-8437-03DECC19C379} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{AA280229-2710-412E-94AE-9CD70C316D01} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{A8CF94F6-4DC1-4FD3-A5F7-68593D032491} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{A78BD616-790B-4C3D-A196-ED342F4682B7} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{A51A7F47-9F68-4571-A949-CF4D4728DDE0} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{A4D77ADF-A9DD-4269-BF0A-24F84CF841F7} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{A4897AC5-BCB9-4377-A060-ED045BB8705B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{A36A4DFB-7DCE-4CC0-89A3-083096FA0933} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{A270A4D5-C100-4AAC-92F9-561DA52B89B9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{A195F63D-32D3-4BC9-9222-6744446B044D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{A17C1D25-720D-44BC-8FBD-FE27B471A716} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{A0B4F6D8-2FEB-4AB9-9F2E-F3F6EF1ACFE9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9FE5AB1E-BFDC-4CC8-A8DA-C6FD8F54F4C8} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9F987968-F188-414A-9DF2-203B5BFECDF4} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9F4B5359-F145-4C77-9D36-841FE9F5DCB9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9F02F401-EF20-42A2-97BE-06FA6350DDCF} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9D754642-B6D6-4BCE-A028-C862F00C9D4A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9B22F267-072B-494D-A7F1-F67FB7B03E4C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9AF7D172-82FE-4B86-AE70-75C75CC58E88} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9AC8C180-D0A1-4668-B086-C58C7AAFE01E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{99F66F2A-C3D7-4EBF-AA9B-8156C382BC8F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{995BA7FC-BBC9-4460-B9A9-56BFE0CABF67} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{97E5E728-CC97-41D8-B108-C4E7EE6BD515} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9750EFCF-6E82-4643-A18F-01BC97ADB93D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9740B776-AC89-4FC2-B3A4-818CCAC5FD7E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{96BC4E7B-341C-4958-876D-BB739B3F65C0} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{965EFDD8-B05D-4572-A761-FE88179FD93D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{96017C34-B1DA-4A1A-8494-D4A859D50109} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{95D92738-C0A5-4E67-8CC0-B17B39B590BD} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{94B22978-6EA1-4B8C-B786-AAF45CC9D6D9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{94926D51-9BB8-4B8B-8F02-E2D6A0A1B801} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{94468D20-E85B-432B-91C3-EAF534B83B2A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{94213D09-8347-4F41-ADCB-6F8A56E6C599} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{941E6240-72BC-457F-9F57-37212B7A191B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{93CB7834-7B53-4E6F-B5D5-4D2DAEBF7CEA} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{92A90FEC-2232-46A5-9BE6-5A8A7CA304CE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{919349D1-2139-4EC7-8B81-BB21E32D4751} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{9174469C-74A8-4026-8583-035C0BBF7399} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8F5C74FD-5BD0-416F-8621-BD20B6158925} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8E5B7862-C8C4-4AC1-B641-BE47710AB704} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8DAAE44D-2486-4702-BA13-879430004866} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8D497E8C-011A-4306-9525-0AD015F82BF9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8C78FF9A-F863-4F5F-B559-32DC79CBA91D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8B14D4F8-4CD6-4BDD-B9F1-689B679FEE30} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{89105D62-6D59-49DE-A16C-9315F8003A23} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{88CBB088-FFCA-4B26-AF9E-00638D1BA69D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{878045E0-2023-4EFF-987A-285F53B1630C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{874120F0-4F5E-422A-9D62-9D1D5B7A5B7E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8694D7D2-8547-4C2F-A42A-7B7D098D8795} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{85044D88-7A58-49D1-9120-3AD3F2EF1A17} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{84A41374-49ED-4CA0-AB7E-9B1CA964BDC9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8445C816-8799-49BF-B594-E2AEA42F04BC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{844052D9-981B-4055-A952-9255E0559E71} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{835C21EA-8EAA-4854-B47A-459AE47EFA0C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8340D48C-1E11-492C-A698-13344AE05934} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{833A745F-6524-4A02-A46D-F54AEE68545A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8310024A-12E5-4688-B2E9-B711E2FE80D5} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{8299C161-D08C-41FC-BE0F-83D4A8F9C20E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{822FA05D-7905-411A-A6E6-9FF8818CFA92} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{81E21D69-20E3-4980-BD76-6425F095B868} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{80B599CB-0F5D-403C-A1A8-033F82B4487E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{807C13C6-613D-40B8-9693-A70CF72D460E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7FC77F0C-1ED4-49C0-8DC2-87A3B4892F88} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7F27694D-3057-44EA-8021-AFD03A6FA96F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7EDE51D2-D8B5-40E5-9FCC-349B15BE6D13} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7E3215CF-39B2-4580-8F04-23F5A52BECC9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7D27D13E-2471-4D40-A4A7-784845768579} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7B98D4AC-B389-4C05-BABB-8AC40CE6EAB1} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7B80F6E6-D8BF-4E04-8F16-77D7A04AB1BD} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7B7F9593-1CBC-4AF7-A75A-6A4FCD142CAB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7A7859B4-889F-4658-ABCB-E0B95EDC7C9A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{79DAB70B-9480-4FB7-BEC3-A29283E945DE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{799B0D39-CFE4-4036-B507-5F2F46DC5356} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7912A902-6F27-4E10-87C0-73F91D78E082} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{78F56CBB-BEB2-4053-83B8-A2EB9225F138} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{788B57EB-D5E5-483E-9DB6-4E6DB5B2AD65} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{77D56C05-0D5F-4998-B9A7-3C9A897CE2B5} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{77725842-00C9-40C0-98E4-AFEDE143284E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{763FBDD1-D128-4C40-95A6-502CAEA7F417} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{75F4EC98-8152-40D2-AA1A-0222EC4511F4} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{75CA9E7A-C05C-4F4E-A0AE-9CB4BD7FD99B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{759D4C2C-0F79-41F8-ACBA-1882D1B9F015} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{756C96B8-CF4D-4DF3-B49F-C523FDD3B975} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{744DF52E-6053-44B1-A731-9A1C0440C165} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{72E3BBC9-9C5C-4E1C-807B-8B7042EA3664} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{72B5981F-8C19-4501-A508-14C8C46EBC14} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{7059F593-C9E1-4246-BF6B-4C61AAC5BBC1} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{6F466472-5FF7-485D-8BD7-D0E2E52BB99D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{6E757C29-9181-47B0-B54D-9A63A1548CE2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{6DEF7973-C658-4B92-AC2F-30DCE1F42918} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{6DD1F3AF-9869-41C1-9105-38E535CE3452} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{6D8BE538-B925-455C-A1B6-CC927398B4F2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{6A937BA2-52EF-4E66-BCB9-3B280E5F1CDE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{692EE04D-AFD1-447C-8BBE-ADF54E51C9DD} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{68DE50E3-77E2-4E67-B8A1-D27BC9C68A4B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{66D51EF8-78CF-45B0-BC74-B51CA14B32BB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{66989F12-1E0F-46D4-96CA-0BDCB0649204} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{6649AF2F-DCF4-4989-AC5F-11B20C8F61C7} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{663D1DBD-DCBB-4609-B605-B3C00D571E9F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{653EA2C7-ACAD-4EEB-8BCE-37EB8034491B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{64141250-DA6C-4C46-B562-C210EF49ECBE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{630349A8-CCDF-4EB3-A840-AD526568FED2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{6013EB64-FEFF-4BA6-B764-11AF4FE91C3B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5FEB38C5-1593-4119-A040-914174158301} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5FBB8628-9350-4BA4-8FC2-879572763F6A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5E9D361A-6398-4D7A-BC1E-1F8D86536ECC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5E4671B9-6990-4244-9164-B69BECFB4E2B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5DF93187-4C56-429C-9EDB-B9741C36363C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5D2CA6EF-D1B1-4FA2-88D5-4FD7284F0A3E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5CD9D157-5693-415E-B4EA-DA136D05F54B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5CC2A69A-EF01-4155-9FAF-6EBA50EDEDFE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5B3D12E9-1D38-445C-8945-C2E0B461887F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5A85AD15-3336-4935-8518-F6F48DC9A5F9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{59DD3C9C-0C9F-4D83-9F71-7D9C418EAD39} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{55A484E4-7947-4537-851A-5603053F683F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5580DC33-88CA-4816-B724-8CFC9A42D4EE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{552A80B2-410B-4F9A-B8AE-795228448BAC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{546C750C-1288-4FFA-884C-45806C5ED5CB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5422E6C1-5EF0-4B7C-B337-E9CD2A4BE7EC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{53ACF217-F45A-49AD-9CD6-6E8DCF1E9506} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5282C2F0-05BC-474B-8E8E-9ACCF553A419} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{52168C1B-719E-4BE8-B75E-9902D4DAC62A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5176B191-BB12-4A2C-81CE-B9AB00087B70} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{5163207C-5B4F-4D50-B862-12F13E173197} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{507719D1-C967-4319-ABA3-FE652CFF9ED1} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{4EED51B2-63BE-4506-8B6F-5C55A43E7944} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{4ED8DFA6-A98E-4DAA-B70B-B240EF514CB2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{4E820BE2-607F-4080-AEE8-53D7511F40AE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{4E1FB536-8256-4C67-AE13-E11DA4B813D6} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{4C27BBE1-5407-46DA-85D4-8E3B78D0B11E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{4BCD0AC0-A151-42AE-B188-D0FBD3DCB68E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{4BC27D01-79D0-410A-AE3F-1DFF5508822B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{4AB05574-29C3-434E-9DE0-1174471EB145} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{4A3BA2EA-B4DF-4A03-8491-E5F00AB39614} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{499A74E5-C2CA-4319-AD56-D8A01C3FE4DF} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{4827476F-CEBB-4B09-8442-2054B9D2D1C8} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{47A360BC-B3B8-4414-8729-2BAA496E668E} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{46632374-2752-4D5F-9ECA-48C65A8C0994} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{462931D7-A3D0-4591-BE81-1E454BED21AA} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{46180886-785C-45D4-8FDE-0D2C10B0D1AB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{459D1D3F-4528-4104-9648-1FD8EFC288C3} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{44C31FB3-38A8-4952-9372-141BB0E83BCE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{44B1C682-9A17-46AC-81BB-09684228FD5B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{43371B75-0066-4E6A-96D3-306056E7C943} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{42A907BD-31B9-4952-A16C-995C480CAF41} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{425BF7FA-1B97-45F3-AC38-D01F7B8FB5D1} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{424237CA-35CD-4202-8EBD-1BEA1F857745} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{41DC96A4-36DD-4B3E-BE5F-33B85F70FC0D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{402E86B6-9F91-49DF-871F-DCFCD49EA92D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{40262FEB-F33F-4B68-A52E-3D57BCF60695} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3FCFB320-7103-4A30-B51B-83F3F8E1D2B8} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3F55A67C-80AB-42E2-AE44-D04F576DD27A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3DAB0606-6679-443C-8DF0-64C5582A58EA} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3C734E75-8A13-4C75-B296-73E494D929F0} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3B82EB1E-E824-4DE3-89C3-913772B141D8} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3B24A0E9-C53C-4A05-A104-99CC7C7AFC4B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3B205BE9-9252-4F00-A9B2-6FFC2D287668} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3A947A38-1EA4-4CE2-901A-B1CCD0F39166} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3A7E1D2D-1EFA-4F12-BB8C-113E2D5DD4D4} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3A458B8A-C4F1-4EBC-AC24-A46881F6FADD} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3A2B76CC-09E4-4787-AABD-8482482B0FBE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3742E65F-5125-49F1-85DC-41C4124381B2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{36848C4E-7AAD-4D27-AACB-80C180420BF6} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{363BB14A-EC6F-4967-AA0C-7ED4C67CCE80} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{362A3B8B-A26D-4319-B065-2B16667DBE6F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{35122F23-7BD4-443E-87DE-E91588124C7A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{340BB1A0-F42C-4604-AB61-162AFF1BA661} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{3313D7D3-FD35-4E05-9AC3-C67CF455391A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{329F3245-604D-4023-95FF-1FDD3F322CB2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{30BE69E4-EDE1-45F8-A9B6-D09DEEC92C42} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{307CF709-0ACB-4558-BE22-072ADF8F64D9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2F28FBCF-41BC-4EF3-9E3C-8C9BACB29A6B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2ECEBE9A-8920-4C9F-8E3D-65B0CB5E6227} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2E5DBA61-383E-49F3-B9A8-89A139EC91EB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2DB4231D-9C9E-42C4-8F9D-F04FCF60F5BC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2BC5581A-6B19-4789-A660-5B19E50FEA8F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2B5548BC-025E-4F3F-8108-C593D9092562} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2AB4C3BE-0266-4E6F-A3F7-FEA06EC8F1E1} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2A5A26C4-10EC-4C8E-A6FE-FDB7F625646B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2A4B9E95-9901-4491-BC76-2201FB23CCDE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{298D083E-F0C9-4CED-9FDF-5009D8461624} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{27256B47-523E-4166-B2CC-977F30CC3B8C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{26C9E18D-8205-4DA0-82D5-A886F85A2EC6} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{26AAA5BF-912C-4706-91E8-2A49FE48BB3D} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{261E9C67-2D4C-4548-8580-9E0D2981F356} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{25B6B2F4-FB59-4BBF-86F8-861B95E90212} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{257E7EFC-505E-4463-90D7-47CABAE4FB01} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2328571F-CFD8-4E83-BF24-4D17282E80EC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2289868E-BE38-4C7B-B276-2096916C6268} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{213BD6ED-AE12-44A9-85CD-214779D3F817} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{2105DD8A-6F0A-4E2C-8C71-2485D6DA054B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1F55FCDC-7F66-4EC3-89B5-1866199842C9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1F510984-028B-422D-8C0F-355151A88771} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1EFC5118-05CB-43A9-96F9-FC1D8D369850} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1E704645-6F37-48B9-A2A6-F1EC52D044D7} scheduled to be deleted on reboot.
    0
  17. wolfas13 Messages postés 60 Statut Membre 3
     
    voila la suite du rapport:

    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1E206E8E-9667-44C9-8956-A57330A93BE6} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1DC23FFB-A458-41AF-83CF-70B3CD8A06BC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1C59BF5C-3E75-48DC-B24B-3C856854D497} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1C38DC78-549F-4180-8CD2-D3300490FD15} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1B30583C-FE13-4343-82B2-196319D82E74} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1B1EC9FF-5051-4AD0-B7E6-E6E0E4BE6387} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1AE0B038-14A9-4DCE-B0F6-1A7120C2859C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1A4049A0-4FB4-42CA-8718-419137867C90} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{19EA218D-1774-4BC4-89EF-00BE7FF06CF5} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{197ACE83-A334-4F63-A818-12818717D5AD} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1941AB9C-EA36-401B-B938-8070A801228C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{19419B36-8BE0-4685-B76D-3E26D3E4FD03} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{18BDED43-3A99-4503-AFDB-76950A8C2B29} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{18504AB0-1656-47DC-BE7B-A6401AD481C7} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{16D5839A-D12E-42A5-88DA-683A2EE20EC2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{16B173F4-10FA-41E2-AAC5-9C458CF58638} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{15CE6695-9ED2-493F-AB70-4E4BDE90A2D9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{159F9BA6-FF3A-4183-B5B7-3DED28302B10} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{14508DEE-39E6-4DA1-9792-54C8F9CC18D9} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{13FDB920-03C8-4C42-9472-4CA02C7878EB} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{13F5170D-7B6D-4B5C-97F8-A2E96EA14451} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{13BA26FE-C7E4-4DF8-8B31-FD3E2E3CED2B} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{134914BF-9FC3-4877-B0BC-F69E105EDFBD} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{12F406D9-0DDC-4EB7-8251-DFB1C2C78EF4} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{125FB6A4-4149-4A07-9660-77F27EEEE1F0} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{125B8332-85F7-4CF7-93E4-1E9B5546FDE5} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{1208C106-1B76-4059-A2AB-EC95DBF209AE} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{11B79323-29B2-43CC-9E4A-A0DD4C5FE98A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{113BA108-3525-411A-B9ED-00FE1E395CAD} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{110DAC0A-EDFE-4B8F-B3B8-66BECC16CD9F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{10E7D5D5-8EF3-4EB6-8F7D-EF037249D4A5} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{10BE5A6F-BB7D-495D-AF0B-68247F53F156} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{10885A90-5A8F-4FBE-A2DA-2CA3C8D31382} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0F82108E-0F8D-4FCC-A194-229374F4AEA5} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0E85F08C-6F21-4FDE-ABBC-1AF1AB740317} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0DC561E1-9E48-4250-BC2C-A7C662F046B2} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0D361B7E-D1CD-4221-9A5E-8737819DC705} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0CEC0B6B-615E-43D7-96D5-7195400E5526} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0B956D90-D55B-43A5-8740-5F32720512D8} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0B5AD1EF-A39F-4D58-9382-453F46E398D7} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0B016D4F-D627-4C1C-B5EA-094E5995D3C8} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0A585D22-9786-43BB-92FB-E2CE0B4CB688} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{099E43D6-5E8D-40A3-88B9-AA79E49B17D3} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0954045C-C12A-4FE1-8122-369B7C4B890A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{085DB3A9-022D-4CF1-9FBA-E6F904E00BFC} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{07B8B922-5F2C-40FF-B7E2-3D96901FB781} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{038D82DC-59BD-4477-9527-43EB901340EA} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{037D5DAD-6CAD-4EA4-8221-7382F8D53EE1} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{0155053F-D822-4E81-9997-90A011AE420F} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{01227E41-1E2C-4780-83F2-3FB1A3699C9A} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{00E04411-30E5-4190-9F76-A2C81098E6A7} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{00C45FB1-FDA2-443A-AEE0-76F25DAB316C} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\{00665EF8-F340-483C-90EC-060E21D2E8BF} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Shared scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\SVAR scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollManager scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\MsgQueue scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08} scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\PIF scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\IDS scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Temp scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Common Client scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec\Cleanup scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Symantec scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Symantec\LiveUpdate scheduled to be deleted on reboot.
    Folder cleanup failed. C:\Program Files\Symantec scheduled to be deleted on reboot.
    File/Folder C:\Program Files\NewDotNet not found.

    Created on 11/11/2007 12:58:48
    0
  18. wolfas13 Messages postés 60 Statut Membre 3
     
    je temontre le rapport hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:22 nicolas, on 11/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\Program Files\AlienGUIse\wbload.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hijackthis\HijackThis.exe
    C:\WINDOWS\system32\MsiExec.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/fr-fr/index
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
    O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: {c24247a8-8250-fbaa-d014-9b58145df097} - {790fd541-85b9-410d-aabf-05288a74242c} - C:\WINDOWS\system32\ybmyonaa.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
    O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Recordpad] "C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" -logon
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [105deb37] rundll32.exe "C:\WINDOWS\system32\mngidhqo.dll",b
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [La_View Mouse] C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe
    O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: STK017 PNP Monitor.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: winexz32 - winexz32.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
    0
  19. wolfas13 Messages postés 60 Statut Membre 3
     
    et voila celui de combofix(dsl pour le flood mais les scans sont long ):
    j'ai un installer ccommon qui se lance à chaque démarrage de xp. je te le dis parce que ca peut peut-être t'aider dans mon problème. ça fait de puis que j'ai fait Otmoveit que ça apparaît.

    ComboFix 07-11-08.1 - nicolas 2007-11-11 13:25:26.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1100 [GMT 1:00]
    Running from: C:\Documents and Settings\nicolas\Bureau\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Menu Démarrer\Live Safety Center.lnk
    C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk
    C:\Documents and Settings\nicolas\Favoris\Online Security Guide.lnk
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\system32\zctqcksc.dllbox

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-11 to 2007-11-11 ))))))))))))))))))))))))))))))))))))
    .

    2007-11-11 10:27 <REP> d-------- C:\New Folder
    2007-11-11 10:27 <REP> d-------- C:\hijackthis
    2007-11-11 10:07 <REP> d-------- C:\VundoFix Backups
    2007-11-09 18:30 <REP> d-------- C:\Program Files\Navilog1
    2007-11-08 21:09 584,683 ---hs---- C:\WINDOWS\system32\oqhdignm.ini2
    2007-11-07 20:50 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-11-06 20:52 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\Grisoft
    2007-11-06 20:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-11-06 20:52 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-11-06 20:30 4,080 --a------ C:\WINDOWS\system32\tmp.reg
    2007-11-06 19:07 <REP> d-------- C:\Program Files\Avira
    2007-11-06 19:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2007-11-06 18:49 <REP> d-------- C:\Program Files\Panda Security
    2007-10-29 16:59 589 --a------ C:\WINDOWS\system32\farbggvr.dll
    2007-10-29 12:38 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\ArcSoft
    2007-10-29 12:37 11,776 --a------ C:\WINDOWS\system32\drivers\afc.sys
    2007-10-29 12:36 <REP> d-------- C:\Program Files\Hercules
    2007-10-29 12:36 <REP> d-------- C:\Program Files\Fichiers communs\ArcSoft
    2007-10-29 12:36 245,408 --a------ C:\WINDOWS\system32\unicows.dll
    2007-10-29 12:36 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
    2007-10-29 12:34 <REP> d-------- C:\WINDOWS\OvtCam
    2007-10-29 12:34 161,792 --------- C:\WINDOWS\system32\drivers\ov530vid.sys
    2007-10-29 12:34 61,440 --------- C:\WINDOWS\ov530dib.dll
    2007-10-29 12:34 40,960 --------- C:\WINDOWS\system32\ov530ext.dll
    2007-10-29 12:34 25,177 --------- C:\WINDOWS\system32\drivers\ov530cmd.sys
    2007-10-29 12:34 16,440 --------- C:\WINDOWS\system32\ov530usd.dll
    2007-10-29 09:57 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\Recordpad
    2007-10-29 09:19 589 --a------ C:\WINDOWS\system32\ehvecyts.dll
    2007-10-27 16:21 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
    2007-10-27 16:21 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
    2007-10-27 16:21 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
    2007-10-27 16:21 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
    2007-10-27 16:21 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
    2007-10-27 16:21 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
    2007-10-27 16:21 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
    2007-10-27 16:17 <REP> d-------- C:\Program Files\Electronic Arts
    2007-10-24 15:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-10-24 12:48 <REP> d-------- C:\Program Files\MediaCoder
    2007-10-24 12:42 <REP> d-------- C:\Program Files\GXTranscoder.net AWE
    2007-10-24 10:28 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\AVS4YOU
    2007-10-24 10:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU
    2007-10-24 10:27 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia
    2007-10-24 10:25 <REP> d-------- C:\Program Files\AVS4YOU
    2007-10-24 10:23 1,700,352 --a------ C:\WINDOWS\system32\GdiPlus.dll
    2007-10-24 10:23 524,288 --a------ C:\WINDOWS\system32\xvidcore.dll
    2007-10-24 10:23 413,760 --a------ C:\WINDOWS\system32\mpg4c32.dll
    2007-10-24 10:23 261,632 --a------ C:\WINDOWS\system32\mcdvd_32.dll
    2007-10-24 10:23 139,264 --a------ C:\WINDOWS\system32\xvidvfw.dll
    2007-10-24 10:10 <REP> d-------- C:\Temp
    2007-10-24 10:05 <REP> d-------- C:\Program Files\QuickTime
    2007-10-24 10:05 <REP> d-------- C:\Program Files\ImTOO
    2007-10-21 11:00 <REP> d-------- C:\Program Files\oZone3D
    2007-10-20 13:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Software
    2007-10-14 13:34 <REP> d-------- C:\Program Files\NCH Software
    2007-10-14 13:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    2007-10-14 13:32 <REP> d-------- C:\Program Files\NCH Swift Sound
    2007-10-14 13:32 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\NCH Swift Sound
    2007-10-14 13:31 <REP> d-------- C:\Program Files\Winamp
    2007-10-14 13:31 <REP> d-------- C:\Documents and Settings\nicolas\Application Data\Winamp
    2007-10-13 17:31 <REP> d-------- C:\Program Files\GT2002
    2007-10-13 11:16 <REP> d-------- C:\WINDOWS\pss
    2007-10-11 20:23 <REP> d-------- C:\Program Files\WinMX
    2007-10-11 19:37 <REP> d-------- C:\Program Files\WinISO
    2007-10-11 18:33 <REP> d-------- C:\Program Files\Smart Projects
    2007-10-11 16:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-11-11 12:05 --------- d-----w C:\Documents and Settings\nicolas\Application Data\OpenOffice.org2
    2007-11-11 11:56 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2007-11-11 11:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2007-11-11 09:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-11-07 16:33 --------- d-----w C:\Program Files\STK017_V2.01
    2007-10-29 11:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-10-24 08:28 --------- d-----w C:\Documents and Settings\nicolas\Application Data\Nokia Multimedia Player
    2007-10-22 19:23 --------- d-----w C:\Documents and Settings\nicolas\Application Data\DivX
    2007-10-22 19:10 --------- d-----w C:\Program Files\Picasa2
    2007-10-21 15:33 --------- d-----w C:\Program Files\Java
    2007-10-20 10:31 --------- d-----w C:\Program Files\DeskSpace
    2007-10-12 18:36 --------- d-----w C:\Program Files\Silkroad
    2007-10-07 08:06 --------- d-----w C:\Program Files\Elaborate Bytes
    2007-10-06 16:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\SlySoft
    2007-10-06 16:20 --------- d-----w C:\Program Files\SlySoft
    2007-10-06 16:17 --------- d-----w C:\Documents and Settings\nicolas\Application Data\Skype
    2007-10-06 16:08 --------- d-----w C:\Program Files\DiskTrix
    2007-10-06 16:03 --------- d-----w C:\Documents and Settings\nicolas\Application Data\OtakuSoftware
    2007-10-06 15:44 --------- d-----w C:\Documents and Settings\nicolas\Application Data\Joost
    2007-10-05 17:12 --------- d-----w C:\Program Files\AxBx
    2007-10-04 16:09 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2007-10-04 16:09 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
    2007-10-04 16:09 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2007-10-04 16:09 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2007-10-04 16:09 --------- d-----w C:\Program Files\Symantec
    2007-09-29 09:32 --------- d-----w C:\Documents and Settings\nicolas\Application Data\Nokia
    2007-09-23 17:19 --------- d-----w C:\Program Files\Nokia
    2007-09-23 17:19 --------- d-----w C:\Program Files\Fichiers communs\Nokia
    2007-09-23 17:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
    2007-09-21 19:41 --------- d-----w C:\Program Files\DivX
    2007-09-18 12:44 10,662 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat
    2007-09-18 12:44 10,662 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat
    2007-09-18 12:44 10,658 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat
    2007-09-18 12:44 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf
    2007-09-18 12:44 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf
    2007-09-18 12:44 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf
    2007-09-18 12:43 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
    2007-09-18 12:43 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
    2007-09-18 12:43 278,576 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
    2007-09-17 18:23 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    2007-09-17 18:23 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    2007-09-17 18:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    2007-09-17 18:22 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
    2007-09-16 14:21 --------- d-----w C:\Program Files\PhotoFiltre
    2007-09-15 19:12 --------- d-----w C:\Program Files\eRightSoft
    2007-09-13 11:54 --------- d-----w C:\Program Files\Skype
    2007-09-13 11:54 --------- d-----w C:\Program Files\Fichiers communs\Skype
    2007-09-13 11:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
    2007-09-11 23:14 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    2007-08-21 00:26 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2007-08-21 00:26 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    2007-08-15 22:33 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2007-08-15 22:33 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2007-08-15 22:33 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-08-15 22:33 129,784 ------w C:\WINDOWS\system32\pxafs.dll
    2007-08-15 22:33 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
    2007-08-15 22:33 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2007-08-15 22:33 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-08-15 22:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2007-08-15 22:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2007-08-15 22:31 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    2007-08-15 22:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    2007-08-15 22:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2007-08-15 22:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    2007-08-15 22:30 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2007-05-18 16:40 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
    2006-05-03 09:06:54 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
    2007-02-21 10:47:16 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2007-11-08_21.06.23.70 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2007-09-07 11:05:19 62,016 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
    + 2007-11-11 09:40:15 61,632 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}]
    C:\Program Files\NewDotNet\newdotnet7_48.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{790fd541-85b9-410d-aabf-05288a74242c}]
    C:\WINDOWS\system32\ybmyonaa.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "nTrayFw"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2005-04-29 17:22]
    "NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" [2004-12-06 11:06]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-09 08:29]
    "nwiz"="nwiz.exe" [2006-03-09 08:29 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-03-09 08:29]
    "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-03-14 19:10]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
    "SoundMan"="SOUNDMAN.EXE" [2006-11-17 04:42 C:\WINDOWS\soundman.exe]
    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10]
    "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22]
    "AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 14:53]
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 06:28]
    "Recordpad"="C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" [2007-10-29 09:56]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-11-11 10:40]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
    "105deb37"="C:\WINDOWS\system32\mngidhqo.dll" []

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-18 18:07]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
    "La_View Mouse"="C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe" [2006-01-04 17:32]
    "DeskSpace"="C:\Program Files\DeskSpace\deskspace.exe" []
    "ares"="C:\Program Files\Ares\Ares.exe" []

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
    "Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "AllowLegacyWebView"=1 (0x1)
    "AllowUnhashedWebView"=1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
    C:\Program Files\AlienGUIse\fastload.dll 2001-12-20 22:34 24576 C:\Program Files\AlienGUIse\fastload.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winexz32]
    winexz32.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
    "C:\Program Files\Ares\Ares.exe" -h

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{634bfe42-0566-11dc-9e73-806d6172696f}]
    \Shell\AutoRun\command - F:\POV.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd5ec2a8-055f-11dc-9694-0006f404143d}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Boot.exe e
    \Shell\Open\command - G:\Boot.exe e

    *Newly Created Service* - COMHOST
    .
    **************************************************************************

    catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-11 13:31:58
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    **************************************************************************
    .
    Completion time: 2007-11-11 13:33:46 - machine was rebooted
    C:\ComboFix2.txt ... 2007-11-08 21:07
    .
    --- E O F ---
    0
  20. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    Re;

    télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
    double-clique sur OTMoveIt.exe pour le lancer.
    copie la liste qui se trouve ci-dessous,
    et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

    C:\WINDOWS\system32\oqhdignm.ini2
    C:\WINDOWS\system32\farbggvr.dll 
    C:\WINDOWS\system32\mngidhqo.dll


    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre "Results".
    clique sur Exit pour fermer.
    poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

    Puis, ouvre le bloc note et copie colle ceci:(Regedit4 tu le met sur la 1ere ligne du bloc note)

    REGEDIT4
    
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}]
    
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{790fd541-85b9-410d-aabf-05288a74242c}]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ccApp"=-
    "Symantec PIF AlertEng"=-
    "105deb37"=-
    
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winexz32]


    Fais Fichier < enregistrer sous.
    Nom du fichier, met bureau.reg
    Type : sélectionne "tous les fichiers"
    clique sur enregistrer

    Double clique sur bureau.reg et accepte la fusion avec le registre.

    Puis redemarre ton PC et remet un HijackThis + Combofix.

    A+

    0
  21. wolfas13 Messages postés 60 Statut Membre 3
     
    tiens voila le rapport de hijackthis. je te poste celui de combofix au redémarrage :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:38 nicolas, on 11/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\Program Files\AlienGUIse\wbload.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Inventel\Gateway\wlancfg.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
    C:\hijackthis\HijackThis.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\MsiExec.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/fr-fr/index
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: {c24247a8-8250-fbaa-d014-9b58145df097} - {790fd541-85b9-410d-aabf-05288a74242c} - C:\WINDOWS\system32\ybmyonaa.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [La_View Mouse] C:\PROGRA~1\nicolas\1TEKCO~1\F1Driver.exe
    O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
    O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: STK017 PNP Monitor.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
    O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
    0
  • 1
  • 2