Infecté par adware et cheval de troie

mehdi75_9 Messages postés 2 Statut Membre -  
ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   -
Bonjour,
Sa fait 2 jours que j'arrête pas de recevoir un message d'alerte de avast comme quoi j'ai des adwares cheval de troie trojan et je sais pas comment m'en débarrassé pouvez vous m'aidez. Merci d'avance
Voilà mon rapport d'erreur:

Malwarebytes' Anti-Malware 1.23
Version de la base de données: 992
Windows 5.1.2600 Service Pack 2

20:38:58 25/07/2008
mbam-log-7-25-2008 (20-38-58).txt

Type de recherche: Examen rapide
Eléments examinés: 43187
Temps écoulé: 18 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 12
Fichier(s) infecté(s): 12

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xbtb01621.ietoolbar (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.ietoolbar.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.xbtb01621 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.xbtb01621.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcr1cj0er1q (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcr1cj0er1q (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\qndsfmao.bvqe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\qndsfmao.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\VCLSDCompression.class (Rogue.Installer) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcv1cj0er1q (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\evgratsm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\kvxqmtre (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\rhcr1cj0er1q (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\reda\Local Settings\Application Data\ficaaerxa_navps.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Local Settings\Application Data\ficaaerxa_nav.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\rhcr1cj0er1q.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
Configuration: Windows XP
Internet Explorer 7.0

21 réponses

  • 1
  • 2
  1. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Bonsoir
    Malwarebytest à supprimé pas mal de saloperies ;)

    pour vérification

    Télécharge sur le Bureau HijackThis

    http://download.hijackthis.eu/HJTInstall.exe

    = Double-clique sur dessus pour l'installer
    = Clique sur Do a system scan and save the log
    = Colle le rapport
    si problème voir l'aide
    http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

    @+
    0
  2. mehdi75_9 Messages postés 2 Statut Membre
     
    Voila ce que sa me donne.
    Merci davoir répondu aussi vite

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:17:25, on 25/07/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\BVRP Connection Manager\NomadSvr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\BVRP Connection Manager\Nomad.exe
    C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe
    C:\Program Files\Neuf\Widget Neuf\9widget.exe
    C:\WINDOWS\system32\igfxext.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\Neuf\Media Center\MediaCenter.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Neuf\Media Center\httpd\httpd.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Neuf\Media Center\httpd\httpd.exe
    C:\DOCUME~1\reda\LOCALS~1\Temp\RtkBtMnt.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {0066c54a-c6a5-4eaa-a7fd-b82efaa223b9} - (no file)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: (no name) - {1206D4D5-390A-4EF5-ABD6-4C44D9B3BD69} - (no file)
    O2 - BHO: (no name) - {2C5EF120-D431-4628-ACC7-6ED529743FBC} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {6A10732F-BDB9-48B3-9DF7-622478AD74FC} - C:\WINDOWS\system32\jkkHAtrs.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {78529661-4C15-4A68-B80A-8C49BC3F344D} - C:\WINDOWS\system32\qoMfeBtr.dll (file missing)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /normal-run2
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [WiFiSiStr] C:\Program Files\DNsoft.be\DNsoft.be WiFi SiStr\WiFi SiStr.exe
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKCU\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart
    O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe" -scheduler
    O4 - HKCU\..\Run: [VMCL] C:\Program Files\vodafone\vmclite\DongleEnumerator.exe
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
    O4 - HKCU\..\Run: [ficaaerxa] c:\documents and settings\reda\local settings\application data\ficaaerxa.exe ficaaerxa
    O4 - HKCU\..\Run: [Widget Neuf] "C:\Program Files\Neuf\Widget Neuf\9widget.exe"
    O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"
    O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\reda\APPLIC~1\ELSEPL~1\AXISNEW.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: jkkHAtrs - jkkHAtrs.dll (file missing)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Connection Manager (Nomad) - Unknown owner - C:\Program Files\BVRP Connection Manager\NomadSvr.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    0
  3. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Bon tu es belle et bien infecté :(

    mais ne t'inquiète pas je vais t'aider à nettoyer tout ça ;)

    C'est partit

    1/ Télécharge LOP S&D d'Eric71 ici https://sites.google.com/site/eric71mespages/lop.sd.exe

    Double-clique dessus pour lancer l'installation.
    Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
    Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
    Patiente jusqu'à la fin du scan.
    Poste le rapport généré (situé aussi ici C:\lopR.txt )

    ( Si le Bureau ne réapparaît pas, lance le gestionnaire des tâches en cliquant sur Ctrl + Alt + Suppr , puis Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

    2 / Télécharge Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    et sauvegarde le sur ton bureau et pas ailleurs!

    Avant de lancer le téléchargement
    Clique droit sur le lien et tu choisis "enregistrer la cible du lien sous"
    et tu le renomme par outil


    => /!\déconnecte toi d'internet et ferme toutes tes applications./!\

    =>/!\ désactive tes protections (antivirus, parefeu,antispyware) provisoirement et seulement le temps de l'utilisation de ComboFix,/!\

    => Double-clic sur outil,

    => /!\Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi./!\

    => Attends que combofix ait terminé, un rapport sera créé.

    => réactive ton parefeu, ton antivirus, la garde de ton antispyware

    => copie/colle le rapport C:\ComboFix.txt

    => Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    0
  4. mehdidi75_9
     
    Voilà le premier rapport
    --------------------\\ Lop S&D 4.2.2-4 XP/Vista

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : reda ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 25/07/2008 | 21:28:33,78 ] [ PC : ACER-4CCBBC5D09 ]
    [ MAJ : 25-07-2008 | 17:45 ]

    --------------------\\ Listing des dossiers dans APPLIC~1

    [25/08/2006|06:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Acer
    [25/08/2006|05:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [25/08/2006|06:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [25/08/2006|05:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [25/08/2006|06:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acer
    [05/12/2007|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [20/04/2008|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [20/04/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [14/05/2007|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [21/04/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [20/02/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [07/01/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    [06/02/2007|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [25/08/2006|05:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [15/04/2008|11:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [22/05/2008|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [23/07/2008|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [27/01/2008|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
    [25/07/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [04/03/2007|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [25/08/2006|05:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/07/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
    [14/01/2008|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
    [30/06/2008|13:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [09/04/2008|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
    [21/12/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
    [19/02/2007|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [23/07/2008|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [25/07/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
    [25/08/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [23/07/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [12/02/2007|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [10/02/2007|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [16/12/2007|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [20/02/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
    [07/02/2007|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [25/08/2006|05:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [14/05/2007|21:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [25/08/2006|05:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [20/05/2008|09:59] C:\DOCUME~1\reda\APPLIC~1\$_hpcst$.hpc
    [12/06/2008|17:28] C:\DOCUME~1\reda\APPLIC~1\{B2A6EEBC-1184-4D6D-AC68-F354C811A6F9}
    [25/08/2006|06:35] C:\DOCUME~1\reda\APPLIC~1\Acer
    [27/02/2007|22:23] C:\DOCUME~1\reda\APPLIC~1\Adobe
    [05/03/2007|19:04] C:\DOCUME~1\reda\APPLIC~1\AdobeUM
    [20/04/2008|14:37] C:\DOCUME~1\reda\APPLIC~1\Apple Computer
    [14/05/2007|21:13] C:\DOCUME~1\reda\APPLIC~1\AVG7
    [21/04/2008|12:23] C:\DOCUME~1\reda\APPLIC~1\AVS4YOU
    [19/02/2007|20:05] C:\DOCUME~1\reda\APPLIC~1\CyberLink
    [25/08/2006|05:55] C:\DOCUME~1\reda\APPLIC~1\desktop.ini
    [15/12/2007|06:22] C:\DOCUME~1\reda\APPLIC~1\DivX
    [22/04/2008|23:26] C:\DOCUME~1\reda\APPLIC~1\dvdcss
    [07/01/2008|17:12] C:\DOCUME~1\reda\APPLIC~1\Else plus
    [18/04/2007|17:52] C:\DOCUME~1\reda\APPLIC~1\Google
    [06/02/2007|17:02] C:\DOCUME~1\reda\APPLIC~1\Help
    [25/08/2006|06:16] C:\DOCUME~1\reda\APPLIC~1\Identities
    [06/02/2007|21:44] C:\DOCUME~1\reda\APPLIC~1\Macromedia
    [27/03/2008|21:33] C:\DOCUME~1\reda\APPLIC~1\Macrovision
    [25/07/2008|19:56] C:\DOCUME~1\reda\APPLIC~1\Malwarebytes
    [25/08/2006|05:55] C:\DOCUME~1\reda\APPLIC~1\Microsoft
    [10/11/2007|16:38] C:\DOCUME~1\reda\APPLIC~1\Mozilla
    [27/12/2007|17:54] C:\DOCUME~1\reda\APPLIC~1\MSN Pictures Displayer
    [23/07/2008|01:32] C:\DOCUME~1\reda\APPLIC~1\Opera
    [29/05/2008|09:45] C:\DOCUME~1\reda\APPLIC~1\Real
    [15/12/2007|14:37] C:\DOCUME~1\reda\APPLIC~1\Samsung
    [04/03/2007|21:04] C:\DOCUME~1\reda\APPLIC~1\Screenshot Sender
    [19/02/2007|20:21] C:\DOCUME~1\reda\APPLIC~1\Skype
    [02/09/2007|21:54] C:\DOCUME~1\reda\APPLIC~1\Sun
    [25/07/2008|19:44] C:\DOCUME~1\reda\APPLIC~1\SUPERAntiSpyware.com
    [02/12/2007|23:09] C:\DOCUME~1\reda\APPLIC~1\vlc
    [26/06/2007|00:37] C:\DOCUME~1\reda\APPLIC~1\V-Safe
    [18/12/2007|20:15] C:\DOCUME~1\reda\APPLIC~1\Yahoo!

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [12/07/2008 14:11][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [25/07/2008 20:43][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [25/07/2008 20:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [06/02/2007|21:37] C:\Program Files\Acer
    [25/08/2006|06:21] C:\Program Files\Acer Inc
    [25/08/2006|06:22] C:\Program Files\Adobe
    [14/07/2008|19:06] C:\Program Files\adslTV
    [25/07/2008|19:39] C:\Program Files\AdwareSpywareScannerDeleter
    [30/11/2007|14:34] C:\Program Files\Alwil Software
    [08/07/2008|20:42] C:\Program Files\Apple Software Update
    [16/04/2008|08:35] C:\Program Files\AskTBar
    [08/04/2007|13:36] C:\Program Files\Athan
    [20/05/2008|00:37] C:\Program Files\AvantGo Connect
    [08/03/2007|20:49] C:\Program Files\AVI MPEG RM WMV Joiner
    [21/04/2008|12:22] C:\Program Files\AVS4YOU
    [20/04/2008|14:36] C:\Program Files\Bonjour
    [27/01/2008|11:30] C:\Program Files\Boonty
    [27/01/2008|11:30] C:\Program Files\BoontyGames
    [20/02/2008|23:34] C:\Program Files\BVRP Connection Manager
    [07/01/2008|17:09] C:\Program Files\Circle Developement
    [20/05/2008|00:37] C:\Program Files\Common Files
    [25/08/2006|06:03] C:\Program Files\ComPlus Applications
    [25/08/2006|06:18] C:\Program Files\CONEXANT
    [25/08/2006|06:23] C:\Program Files\CyberLink
    [07/06/2007|00:11] C:\Program Files\Dial-Messenger
    [15/12/2007|06:11] C:\Program Files\DivX
    [03/12/2007|23:18] C:\Program Files\DNsoft.be
    [15/04/2008|11:25] C:\Program Files\DVD Shrink
    [30/06/2008|03:38] C:\Program Files\Else plus
    [07/02/2007|13:00] C:\Program Files\eMule
    [25/08/2006|05:55] C:\Program Files\Fichiers communs
    [30/11/2007|14:25] C:\Program Files\FileZilla
    [30/11/2007|12:14] C:\Program Files\Free
    [20/12/2007|15:26] C:\Program Files\Freeplayer
    [10/03/2007|18:03] C:\Program Files\Google
    [14/05/2007|21:12] C:\Program Files\Grisoft
    [23/07/2008|22:32] C:\Program Files\Hitman Pro
    [15/04/2007|21:39] C:\Program Files\iMesh Applications
    [25/08/2006|06:17] C:\Program Files\InstallShield Installation Information
    [25/08/2006|06:11] C:\Program Files\Intel
    [25/08/2006|06:03] C:\Program Files\Internet Explorer
    [20/04/2008|14:37] C:\Program Files\iPod
    [20/04/2008|14:36] C:\Program Files\iTunes
    [02/09/2007|21:53] C:\Program Files\Java
    [25/02/2007|03:31] C:\Program Files\K-Lite Codec Pack
    [06/02/2007|21:40] C:\Program Files\Launch Manager
    [23/07/2008|00:09] C:\Program Files\Lavasoft
    [25/07/2008|19:56] C:\Program Files\Malwarebytes' Anti-Malware
    [25/08/2006|06:02] C:\Program Files\Messenger
    [04/03/2007|21:02] C:\Program Files\Messenger Plus! Live
    [04/04/2008|15:15] C:\Program Files\MeuhMeuhTV Alpha
    [20/05/2008|00:36] C:\Program Files\Microsoft ActiveSync
    [10/05/2007|03:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [25/08/2006|06:05] C:\Program Files\microsoft frontpage
    [16/12/2007|23:14] C:\Program Files\Microsoft SQL Server Compact Edition
    [25/08/2006|06:03] C:\Program Files\Movie Maker
    [10/11/2007|16:37] C:\Program Files\Mozilla Firefox
    [25/08/2006|06:02] C:\Program Files\MSN
    [25/08/2006|06:02] C:\Program Files\MSN Gaming Zone
    [27/12/2007|17:52] C:\Program Files\MSN Pictures Displayer
    [07/02/2007|00:36] C:\Program Files\MSXML 4.0
    [20/12/2007|15:29] C:\Program Files\MyFreeTV
    [25/08/2006|06:03] C:\Program Files\NetMeeting
    [18/06/2008|11:17] C:\Program Files\Neuf
    [18/06/2008|11:23] C:\Program Files\neuf Talk
    [25/08/2006|06:26] C:\Program Files\NewTech Infosystems
    [25/08/2006|06:02] C:\Program Files\Online Services
    [23/07/2008|01:31] C:\Program Files\Opera
    [25/08/2006|06:03] C:\Program Files\Outlook Express
    [15/12/2007|06:13] C:\Program Files\Picasa2
    [20/05/2008|11:03] C:\Program Files\POI-Warner SONY Edition
    [20/04/2008|14:35] C:\Program Files\QuickTime
    [29/05/2008|09:46] C:\Program Files\Real
    [25/08/2006|06:17] C:\Program Files\Realtek
    [22/07/2008|19:59] C:\Program Files\RegCleaner
    [15/12/2007|13:45] C:\Program Files\Samsung
    [06/02/2007|22:02] C:\Program Files\Securitoo
    [25/08/2006|06:04] C:\Program Files\Services en ligne
    [19/02/2007|20:19] C:\Program Files\Skype
    [23/07/2008|00:17] C:\Program Files\Spybot - Search & Destroy
    [25/07/2008|19:44] C:\Program Files\SUPERAntiSpyware
    [25/08/2006|22:14] C:\Program Files\Symantec
    [25/08/2006|06:20] C:\Program Files\Synaptics
    [02/04/2008|09:36] C:\Program Files\temp
    [25/07/2008|21:17] C:\Program Files\Trend Micro
    [25/08/2006|06:16] C:\Program Files\Uninstall Information
    [02/12/2007|23:03] C:\Program Files\VideoLAN
    [12/06/2008|17:29] C:\Program Files\VIRTUELSOFT
    [06/02/2007|16:52] C:\Program Files\Wanadoo
    [11/06/2007|10:25] C:\Program Files\Windows Live
    [02/12/2007|01:25] C:\Program Files\Windows Live Favorites
    [10/02/2007|17:39] C:\Program Files\Windows Live Toolbar
    [22/02/2007|17:44] C:\Program Files\Windows Media Connect 2
    [25/08/2006|06:02] C:\Program Files\Windows Media Player
    [16/06/2008|22:35] C:\Program Files\Windows Mobile Device Handbook
    [25/08/2006|06:02] C:\Program Files\Windows NT
    [25/08/2006|06:04] C:\Program Files\WindowsUpdate
    [27/01/2008|11:36] C:\Program Files\WinRAR
    [25/08/2006|06:05] C:\Program Files\xerox
    [06/02/2007|21:44] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [05/12/2007|16:04] C:\Program Files\Fichiers communs\Adobe
    [20/04/2008|14:34] C:\Program Files\Fichiers communs\Apple
    [21/04/2008|12:22] C:\Program Files\Fichiers communs\AVSMedia
    [04/04/2008|11:22] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [27/06/2008|15:40] C:\Program Files\Fichiers communs\GTK
    [25/08/2006|06:17] C:\Program Files\Fichiers communs\InstallShield
    [02/09/2007|21:52] C:\Program Files\Fichiers communs\Java
    [25/08/2006|06:27] C:\Program Files\Fichiers communs\LightScribe
    [25/08/2006|05:55] C:\Program Files\Fichiers communs\Microsoft Shared
    [25/08/2006|06:04] C:\Program Files\Fichiers communs\MSSoap
    [25/08/2006|06:27] C:\Program Files\Fichiers communs\muvee Technologies
    [25/08/2006|06:26] C:\Program Files\Fichiers communs\NewTech Infosystems
    [25/08/2006|05:55] C:\Program Files\Fichiers communs\ODBC
    [29/05/2008|09:46] C:\Program Files\Fichiers communs\Real
    [25/08/2006|06:04] C:\Program Files\Fichiers communs\Services
    [19/02/2007|20:21] C:\Program Files\Fichiers communs\Skype
    [25/08/2006|05:55] C:\Program Files\Fichiers communs\SpeechEngines
    [25/08/2006|22:13] C:\Program Files\Fichiers communs\Symantec Shared
    [25/08/2006|06:03] C:\Program Files\Fichiers communs\System
    [16/12/2007|23:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [25/07/2008|19:44] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [29/05/2008|09:46] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 72 Processus )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    C:\DOCUME~1\reda\APPLIC~1\ELSE PLUS
    C:\Program Files\ELSE PLUS
    C:\Program Files\Circle Developement
    C:\DOCUME~1\reda\Cookies\reda@directinet.advertserve[1].txt
    C:\DOCUME~1\reda\Cookies\reda@advertising[2].txt
    C:\DOCUME~1\reda\Cookies\reda@bigpoint[1].txt
    C:\DOCUME~1\reda\Cookies\reda@fr.bigpoint[1].txt
    C:\DOCUME~1\reda\Cookies\reda@adin.bigpoint[2].txt
    C:\DOCUME~1\reda\Cookies\reda@adin.bigpoint[3].txt
    C:\DOCUME~1\reda\Cookies\reda@bigpoint[2].txt
    C:\DOCUME~1\reda\Cookies\reda@fr1.darkorbit.bigpoint[1].txt
    C:\DOCUME~1\reda\Cookies\reda@fr1.seafight.bigpoint[1].txt
    C:\DOCUME~1\reda\Cookies\reda@cotedazurpalace[1].txt
    C:\DOCUME~1\reda\Cookies\reda@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\reda\Cookies\reda@cotedazurpalace[3].txt
    C:\DOCUME~1\reda\Cookies\reda@pacificpoker[1].txt
    C:\DOCUME~1\reda\Cookies\reda@pacificpoker[2].txt
    C:\DOCUME~1\reda\Cookies\reda@fr1.seafight.bigpoint[1].txt
    C:\DOCUME~1\reda\Cookies\reda@vegas-millions[2].txt
    C:\DOCUME~1\reda\Cookies\reda@www.2xmoinscher[2].txt
    C:\DOCUME~1\reda\Cookies\reda@2xmoinscher[1].txt
    C:\DOCUME~1\reda\Cookies\reda@www.2xmoinscher[1].txt
    C:\DOCUME~1\reda\Cookies\reda@888[2].txt
    C:\DOCUME~1\reda\Cookies\reda@888[3].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
    127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
    127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

    -> 72 [ 70 ## added by CiD ]

    /!\ 1 Not 127.0.0.1 !!

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-25 21:30:24
    Windows 5.1.2600 Service Pack 2 FAT NTAPI
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ficaaerxa"="c:\\documents and settings\\reda\\local settings\\application data\\ficaaerxa.exe ficaaerxa"

    [b]==> EGDACCESS <==/b

    --------------------\\ Cracks & Keygens ..

    => C:\DOCUME~1\reda\Local Settings\Application Data\Shareaza\Incomplete\(ECHOS) mutlu 1 (Crack) Album.wma
    => C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(ECHOS) mutlu 1 (Crack) Album.wma.xml
    => C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(DONE) cheb hafid rabani rabani _crack_ (Front).wma.xml

    [F:73][D:13]-> C:\DOCUME~1\reda\LOCALS~1\Temp
    [F:801][D:0]-> C:\DOCUME~1\reda\Cookies
    [F:1057][D:40]-> C:\DOCUME~1\reda\LOCALS~1\TEMPOR~1\content.IE5
    [F:8][D:0]-> C:\Recycled

    --------------------\\ Fin du rapport a 21:31:24,29
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. mehdidi75_9
     
    J'ai effectuer le test avec combo sans rien toucher mais je n'est eu aucun rapport.
    0
  7. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Regarde dans C: tu doit trouver Combofix.txt
    0
  8. mehdidi75_9
     
    ComboFix 08-07-24.6 - reda 2008-07-25 21:37:16.1 - [color=red][b]FAT32[/b][/color]x86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.313 [GMT 2:00]
    Endroit: C:\Documents and Settings\reda\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\_000007_.tmp.dll
    C:\WINDOWS\system32\_000008_.tmp.dll
    C:\WINDOWS\system32\_000009_.tmp.dll
    C:\WINDOWS\system32\_000012_.tmp.dll
    C:\WINDOWS\system32\_000013_.tmp.dll
    C:\WINDOWS\system32\_000014_.tmp.dll
    C:\WINDOWS\system32\iwohfoti.ini
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\rtBefMoq.ini
    C:\WINDOWS\system32\rtBefMoq.ini2

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-25 to 2008-07-25 ))))))))))))))))))))))))))))))))))))
    .

    2008-07-25 21:27 . 2008-07-25 21:27 <REP> d-------- C:\Lop SD
    2008-07-25 21:17 . 2008-07-25 21:17 <REP> d-------- C:\Program Files\Trend Micro
    2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Documents and Settings\reda\Application Data\Malwarebytes
    2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-07-25 19:56 . 2008-07-23 20:09 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-07-25 19:56 . 2008-07-23 20:09 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Program Files\SUPERAntiSpyware
    2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Documents and Settings\reda\Application Data\SUPERAntiSpyware.com
    2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-07-25 19:39 . 2008-07-25 19:39 <REP> d-------- C:\Program Files\AdwareSpywareScannerDeleter
    2008-07-23 22:33 . 2008-07-23 22:33 <REP> d-------- C:\WINDOWS\system32\GroupPolicy
    2008-07-23 22:32 . 2008-07-23 22:32 <REP> d-------- C:\Program Files\Hitman Pro
    2008-07-23 19:37 . 2008-07-23 19:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
    2008-07-23 01:31 . 2008-07-23 01:31 <REP> d-------- C:\Program Files\Opera
    2008-07-23 01:20 . 2008-07-23 13:21 400 --a------ C:\WINDOWS\wininit.ini
    2008-07-23 00:39 . 2008-07-23 00:39 0 --a------ C:\WINDOWS\system32\3C.tmp
    2008-07-23 00:17 . 2008-07-23 00:17 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-07-23 00:17 . 2008-07-23 00:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-07-23 00:08 . 2008-07-23 00:09 <REP> d-------- C:\Program Files\Lavasoft
    2008-07-23 00:08 . 2008-07-23 00:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-07-22 19:59 . 2008-07-22 19:59 <REP> d-------- C:\Program Files\RegCleaner
    2008-07-22 18:40 . 2008-07-23 19:09 44,122 ---hs---- C:\WINDOWS\system32\xkmsfari.ini
    2008-07-14 19:06 . 2008-07-14 19:06 <REP> d-------- C:\Program Files\adslTV
    2008-07-08 20:42 . 2008-07-08 20:42 <REP> d-------- C:\Program Files\Apple Software Update
    2008-06-30 13:27 . 2008-06-30 13:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
    2008-06-30 03:38 . 2008-06-30 03:38 <REP> d-------- C:\Program Files\Else plus
    2008-06-27 15:40 . 2008-06-27 15:40 <REP> d-------- C:\Program Files\Fichiers communs\GTK

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
    2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
    2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
    2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
    2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
    2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
    2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
    2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
    2008-06-18 09:23 --------- d-----w C:\Program Files\neuf Talk
    2008-06-18 09:17 --------- d-----w C:\Program Files\Neuf
    2008-06-16 20:35 --------- d-----w C:\Program Files\Windows Mobile Device Handbook
    2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-12 15:29 --------- d-----w C:\Program Files\VIRTUELSOFT
    2008-06-12 15:28 --------- d-----w C:\Documents and Settings\reda\Application Data\{B2A6EEBC-1184-4D6D-AC68-F354C811A6F9}
    2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
    2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
    2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    2008-05-29 07:46 --------- d-----w C:\Program Files\Real
    2008-05-29 07:46 --------- d-----w C:\Program Files\Fichiers communs\xing shared
    2008-05-29 07:46 --------- d-----w C:\Program Files\Fichiers communs\Real
    2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2008-05-20 09:03 372,736 ----a-w C:\WINDOWS\suinsta4001.exe
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
    2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    2008-04-02 07:36 32,768 ------w C:\Program Files\temp
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
    "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-11-06 19:51 3810544]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
    "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]
    "Connection Manager"="C:\Program Files\BVRP Connection Manager\Nomad.exe" [2006-01-23 10:25 49152]
    "ISUSPM"="C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe" [2007-03-29 15:41 222128]
    "Widget Neuf"="C:\Program Files\Neuf\Widget Neuf\9widget.exe" [2008-04-30 10:34 722160]
    "Neuf Media Center"="C:\Program Files\Neuf\Media Center\MediaCenter.exe" [2007-10-15 17:57 1025264]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" [X]
    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 12:17 94208]
    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 12:13 77824]
    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 12:17 118784]
    "AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 15:02 53248]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 13:07 761946]
    "ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 11:15 45056]
    "ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 16:45 2462208]
    "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 15:50 69632]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 05:00 208952]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00 59392]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
    "PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2006-08-09 22:29 151552]
    "ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 19:29 352256]
    "Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 12:54 3080704]
    "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-07-20 22:15 593920]
    "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 18:00 397312]
    "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 13:08 61440]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
    "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22 517768]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-05-29 09:46 185896]
    "Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2008-03-18 18:47 287984]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:55 110592 C:\WINDOWS\system32\bthprops.cpl]
    "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 14:54 16248320 C:\WINDOWS\RTHDCPL.exe]
    "SkyTel"="SkyTel.EXE" [2006-05-16 18:04 2879488 C:\WINDOWS\SkyTel.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]
    "Connection Manager"="C:\Program Files\BVRP Connection Manager\Nomad.exe" [2006-01-23 10:25 49152]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "MSACM.CEGSM"= mobilev.acm

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\MSNMSGR.EXE"=
    "C:\\WINDOWS\\System32\\dpnsvr.exe"=
    "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "C:\Program Files\Neuf\Media Center\httpd\httpd.exe"= C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
    R1 OsaFsLoc;OsaFsLoc;C:\WINDOWS\system32\drivers\OsaFsLoc.sys [2005-10-15 18:20]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
    R2 BVRPNDIS;BVRPNDIS Protocol Driver U/I;C:\Program Files\BVRP Connection Manager\BVRPNDIS.SYS [2004-06-02 16:56]
    R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
    R2 Nomad;Connection Manager;C:\Program Files\BVRP Connection Manager\NomadSvr.exe [2005-12-15 11:58]
    R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
    R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
    R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
    R3 NdisFilt;OSA NdisFilter Protocol;C:\WINDOWS\system32\Drivers\NdisFilt.sys [2005-09-13 15:34]
    R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
    S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 16:23]
    S3 FileObjInfo;STFileDriver;C:\Documents and Settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys []
    S3 hitmanpro2;Hitman Pro 2 Driver;C:\Program Files\Hitman Pro\hitmanpro2.sys [2006-11-03 13:03]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
    S3 TV_551805_Sp50;TV_551805_Sp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\TV_551805_Sp50.sys [2008-04-09 13:47]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f2d3474-fce6-11dc-b139-0016d465f2ed}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f2d3476-fce6-11dc-b139-0016cfc8bf0d}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbd00-fbf3-11dc-b136-0016d465f2ed}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbd01-fbf3-11dc-b136-0016d465f2ed}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8666916c-da03-11db-b035-0016d465f2ed}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebd5df0a-fcdd-11dc-b138-0016d465f2ed}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebd5df0b-fcdd-11dc-b138-0016d465f2ed}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe
    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-07-25 19:43:54 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    0
  9. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    selectionne ceci

    File::
    C:\WINDOWS\system32\3C.tmp
    C:\WINDOWS\system32\xkmsfari.ini



    * Copie le texte sélectionné (CTRL+C).
    * Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
    * Veille à ce que Retour à la ligne ne soit pas coché dans Format.
    * Colle le texte copié dans ce bloc-notes (CTRL+V).
    * Sauvegarde ce fichier sous le nom de CFScript.txt
    * Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme ceci
    http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
    * Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
    * Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!
    Ne touche à rien tant que le scan n'est pas terminé.
    * Une fois le scan achevé, un rapport va s'afficher : Poste son contenu.
    * Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

    Note: Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur.
    si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.  
    


    ensuite repasse LOP S&D d'Eric71 en mode 2
    et poste le rapport
    0
  10. mehdidi75_9
     
    je tiens a te remercier pour ton aide avant tout
    Voilà le rapport

    ComboFix 08-07-24.6 - reda 2008-07-25 22:44:53.2 - [color=red][b]FAT32[/b][/color]x86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.442 [GMT 2:00]
    Endroit: C:\Documents and Settings\reda\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\reda\Mes documents\CFScript.txt
    * Création d'un nouveau point de restauration

    [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

    FILE ::
    C:\WINDOWS\system32\3C.tmp
    C:\WINDOWS\system32\xkmsfari.ini
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\3C.tmp
    C:\WINDOWS\system32\xkmsfari.ini
    .
    ---- Previous Run -------
    .
    C:\WINDOWS\system32\_000007_.tmp.dll
    C:\WINDOWS\system32\_000008_.tmp.dll
    C:\WINDOWS\system32\_000009_.tmp.dll
    C:\WINDOWS\system32\_000012_.tmp.dll
    C:\WINDOWS\system32\_000013_.tmp.dll
    C:\WINDOWS\system32\_000014_.tmp.dll
    C:\WINDOWS\system32\iwohfoti.ini
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\rtBefMoq.ini
    C:\WINDOWS\system32\rtBefMoq.ini2

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-06-25 to 2008-07-25 ))))))))))))))))))))))))))))))))))))
    .

    2008-07-25 21:27 . 2008-07-25 21:27 <REP> d-------- C:\Lop SD
    2008-07-25 21:17 . 2008-07-25 21:17 <REP> d-------- C:\Program Files\Trend Micro
    2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Documents and Settings\reda\Application Data\Malwarebytes
    2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-07-25 19:56 . 2008-07-23 20:09 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-07-25 19:56 . 2008-07-23 20:09 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Program Files\SUPERAntiSpyware
    2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Documents and Settings\reda\Application Data\SUPERAntiSpyware.com
    2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-07-25 19:39 . 2008-07-25 19:39 <REP> d-------- C:\Program Files\AdwareSpywareScannerDeleter
    2008-07-23 22:33 . 2008-07-23 22:33 <REP> d-------- C:\WINDOWS\system32\GroupPolicy
    2008-07-23 22:32 . 2008-07-23 22:32 <REP> d-------- C:\Program Files\Hitman Pro
    2008-07-23 19:37 . 2008-07-23 19:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
    2008-07-23 01:31 . 2008-07-23 01:31 <REP> d-------- C:\Program Files\Opera
    2008-07-23 01:20 . 2008-07-23 13:21 400 --a------ C:\WINDOWS\wininit.ini
    2008-07-23 00:17 . 2008-07-23 00:17 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-07-23 00:17 . 2008-07-23 00:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-07-23 00:08 . 2008-07-23 00:09 <REP> d-------- C:\Program Files\Lavasoft
    2008-07-23 00:08 . 2008-07-23 00:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-07-22 19:59 . 2008-07-22 19:59 <REP> d-------- C:\Program Files\RegCleaner
    2008-07-14 19:06 . 2008-07-14 19:06 <REP> d-------- C:\Program Files\adslTV
    2008-07-08 20:42 . 2008-07-08 20:42 <REP> d-------- C:\Program Files\Apple Software Update
    2008-06-30 13:27 . 2008-06-30 13:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
    2008-06-30 03:38 . 2008-06-30 03:38 <REP> d-------- C:\Program Files\Else plus
    2008-06-27 15:40 . 2008-06-27 15:40 <REP> d-------- C:\Program Files\Fichiers communs\GTK

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
    2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
    2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
    2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
    2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
    2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
    2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
    2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
    2008-06-18 09:23 --------- d-----w C:\Program Files\neuf Talk
    2008-06-18 09:17 --------- d-----w C:\Program Files\Neuf
    2008-06-16 20:35 --------- d-----w C:\Program Files\Windows Mobile Device Handbook
    2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-12 15:29 --------- d-----w C:\Program Files\VIRTUELSOFT
    2008-06-12 15:28 --------- d-----w C:\Documents and Settings\reda\Application Data\{B2A6EEBC-1184-4D6D-AC68-F354C811A6F9}
    2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
    2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
    2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
    2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
    2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
    2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
    2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
    2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
    2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
    2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
    2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
    2008-05-29 07:46 --------- d-----w C:\Program Files\Real
    2008-05-29 07:46 --------- d-----w C:\Program Files\Fichiers communs\xing shared
    2008-05-29 07:46 --------- d-----w C:\Program Files\Fichiers communs\Real
    2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
    2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
    2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
    2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
    2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
    2008-05-20 09:03 372,736 ----a-w C:\WINDOWS\suinsta4001.exe
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
    2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
    2008-04-02 07:36 32,768 ------w C:\Program Files\temp
    .

    ((((((((((((((((((((((((((((( snapshot@2008-07-25_21.44.31.90 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-07-25 15:57:42 1,852 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{2DF143DB-A92C-4B90-BF9A-B9183C2B0E5D}.bin
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6A10732F-BDB9-48B3-9DF7-622478AD74FC}]
    C:\WINDOWS\system32\jkkHAtrs.dll [BU]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78529661-4C15-4A68-B80A-8C49BC3F344D}]
    C:\WINDOWS\system32\qoMfeBtr.dll [BU]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
    "WOOKIT"="C:\Program Files\Wanadoo\Shell.exe" [BU]
    "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-11-06 19:51 3810544]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
    "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
    "WiFiSiStr"="C:\Program Files\DNsoft.be\DNsoft.be WiFi SiStr\WiFi SiStr.exe" [BU]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]
    "Connection Manager"="C:\Program Files\BVRP Connection Manager\Nomad.exe" [2006-01-23 10:25 49152]
    "ISUSPM"="C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe" [2007-03-29 15:41 222128]
    "VMCL"="C:\Program Files\vodafone\vmclite\DongleEnumerator.exe" [BU]
    "WINSOS VERIFY"="C:\Program Files\Winsos\WINSOS.EXE" [BU]
    "Widget Neuf"="C:\Program Files\Neuf\Widget Neuf\9widget.exe" [2008-04-30 10:34 722160]
    "Neuf Media Center"="C:\Program Files\Neuf\Media Center\MediaCenter.exe" [2007-10-15 17:57 1025264]
    "book ante"="C:\DOCUME~1\reda\APPLIC~1\ELSEPL~1\AXISNEW.exe" [BU]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" [X]
    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 12:17 94208]
    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 12:13 77824]
    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 12:17 118784]
    "AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 15:02 53248]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 13:07 761946]
    "ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 11:15 45056]
    "ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 16:45 2462208]
    "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 15:50 69632]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 05:00 208952]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00 59392]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
    "PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2006-08-09 22:29 151552]
    "ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 19:29 352256]
    "Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 12:54 3080704]
    "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-07-20 22:15 593920]
    "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 18:00 397312]
    "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 13:08 61440]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
    "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22 517768]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-05-29 09:46 185896]
    "Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2008-03-18 18:47 287984]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:55 110592 C:\WINDOWS\system32\bthprops.cpl]
    "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 14:54 16248320 C:\WINDOWS\RTHDCPL.exe]
    "SkyTel"="SkyTel.EXE" [2006-05-16 18:04 2879488 C:\WINDOWS\SkyTel.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]
    "Connection Manager"="C:\Program Files\BVRP Connection Manager\Nomad.exe" [2006-01-23 10:25 49152]

    C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{6A10732F-BDB9-48B3-9DF7-622478AD74FC}"= "C:\WINDOWS\system32\jkkHAtrs.dll" [BU]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkHAtrs]
    jkkHAtrs.dll [BU]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "MSACM.CEGSM"= mobilev.acm

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\MSNMSGR.EXE"=
    "C:\\WINDOWS\\System32\\dpnsvr.exe"=
    "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    "C:\Program Files\Neuf\Media Center\httpd\httpd.exe"= C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
    R1 OsaFsLoc;OsaFsLoc;C:\WINDOWS\system32\drivers\OsaFsLoc.sys [2005-10-15 18:20]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
    R2 BVRPNDIS;BVRPNDIS Protocol Driver U/I;C:\Program Files\BVRP Connection Manager\BVRPNDIS.SYS [2004-06-02 16:56]
    R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
    R2 Nomad;Connection Manager;C:\Program Files\BVRP Connection Manager\NomadSvr.exe [2005-12-15 11:58]
    R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
    R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
    R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
    R3 NdisFilt;OSA NdisFilter Protocol;C:\WINDOWS\system32\Drivers\NdisFilt.sys [2005-09-13 15:34]
    R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
    S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 16:23]
    S3 FileObjInfo;STFileDriver;C:\Documents and Settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys []
    S3 hitmanpro2;Hitman Pro 2 Driver;C:\Program Files\Hitman Pro\hitmanpro2.sys [2006-11-03 13:03]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
    S3 TV_551805_Sp50;TV_551805_Sp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\TV_551805_Sp50.sys [2008-04-09 13:47]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f2d3474-fce6-11dc-b139-0016d465f2ed}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f2d3476-fce6-11dc-b139-0016cfc8bf0d}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbd00-fbf3-11dc-b136-0016d465f2ed}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbd01-fbf3-11dc-b136-0016d465f2ed}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8666916c-da03-11db-b035-0016d465f2ed}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebd5df0a-fcdd-11dc-b138-0016d465f2ed}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebd5df0b-fcdd-11dc-b138-0016d465f2ed}]
    \Shell\AutoRun\command - F:\StartVMCLite.exe
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-07-25 20:43:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
    "2008-07-12 12:11:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-25 22:46:25
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-07-25 22:47:04
    ComboFix-quarantined-files.txt 2008-07-25 20:47:02

    Pre-Run: 3,002,302,464 octets libres
    Post-Run: 2,993,389,568 octets libres

    248 --- E O F --- 2008-07-11 19:03:55
    0
  11. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    repasse LOP S&D d'Eric71 en mode 2
    et poste le rapport ;)
    0
  12. mehdidi75_9
     
    --------------------\\ Lop S&D 4.2.2-4 XP/Vista

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : reda ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 25/07/2008 | 23:03:56,56 ] [ PC : ACER-4CCBBC5D09 ]
    [ MAJ : 25-07-2008 | 17:45 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprime! - C:\DOCUME~1\reda\Cookies\reda@directinet.advertserve[1].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@advertising[2].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@bigpoint[1].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@fr.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@adin.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@adin.bigpoint[3].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@bigpoint[2].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@fr1.darkorbit.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@fr1.seafight.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@banner.cotedazurpalace[2].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@cotedazurpalace[3].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@pacificpoker[1].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@pacificpoker[2].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@vegas-millions[2].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@www.2xmoinscher[2].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@www.2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@888[2].txt
    Supprime! - C:\DOCUME~1\reda\Cookies\reda@888[3].txt
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
    Supprime! - C:\DOCUME~1\reda\APPLIC~1\ELSE PLUS
    Supprime! - C:\Program Files\ELSE PLUS
    Supprime! - C:\Program Files\Circle Developement

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [25/08/2006|06:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Acer
    [25/08/2006|05:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [25/08/2006|06:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [25/08/2006|05:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [25/08/2006|06:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acer
    [05/12/2007|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [20/04/2008|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [20/04/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [14/05/2007|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
    [21/04/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [20/02/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
    [06/02/2007|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [25/08/2006|05:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [15/04/2008|11:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [22/05/2008|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [23/07/2008|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [27/01/2008|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
    [25/07/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [04/03/2007|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [25/08/2006|05:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/07/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
    [14/01/2008|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
    [30/06/2008|13:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [09/04/2008|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
    [21/12/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
    [19/02/2007|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [23/07/2008|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [25/07/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
    [25/08/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [23/07/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [12/02/2007|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [10/02/2007|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [16/12/2007|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [20/02/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
    [07/02/2007|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [25/08/2006|05:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [14/05/2007|21:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
    [25/08/2006|05:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [20/05/2008|09:59] C:\DOCUME~1\reda\APPLIC~1\$_hpcst$.hpc
    [12/06/2008|17:28] C:\DOCUME~1\reda\APPLIC~1\{B2A6EEBC-1184-4D6D-AC68-F354C811A6F9}
    [25/08/2006|06:35] C:\DOCUME~1\reda\APPLIC~1\Acer
    [27/02/2007|22:23] C:\DOCUME~1\reda\APPLIC~1\Adobe
    [05/03/2007|19:04] C:\DOCUME~1\reda\APPLIC~1\AdobeUM
    [20/04/2008|14:37] C:\DOCUME~1\reda\APPLIC~1\Apple Computer
    [14/05/2007|21:13] C:\DOCUME~1\reda\APPLIC~1\AVG7
    [21/04/2008|12:23] C:\DOCUME~1\reda\APPLIC~1\AVS4YOU
    [19/02/2007|20:05] C:\DOCUME~1\reda\APPLIC~1\CyberLink
    [25/08/2006|05:55] C:\DOCUME~1\reda\APPLIC~1\desktop.ini
    [15/12/2007|06:22] C:\DOCUME~1\reda\APPLIC~1\DivX
    [22/04/2008|23:26] C:\DOCUME~1\reda\APPLIC~1\dvdcss
    [18/04/2007|17:52] C:\DOCUME~1\reda\APPLIC~1\Google
    [06/02/2007|17:02] C:\DOCUME~1\reda\APPLIC~1\Help
    [25/08/2006|06:16] C:\DOCUME~1\reda\APPLIC~1\Identities
    [06/02/2007|21:44] C:\DOCUME~1\reda\APPLIC~1\Macromedia
    [27/03/2008|21:33] C:\DOCUME~1\reda\APPLIC~1\Macrovision
    [25/07/2008|19:56] C:\DOCUME~1\reda\APPLIC~1\Malwarebytes
    [25/08/2006|05:55] C:\DOCUME~1\reda\APPLIC~1\Microsoft
    [10/11/2007|16:38] C:\DOCUME~1\reda\APPLIC~1\Mozilla
    [27/12/2007|17:54] C:\DOCUME~1\reda\APPLIC~1\MSN Pictures Displayer
    [23/07/2008|01:32] C:\DOCUME~1\reda\APPLIC~1\Opera
    [29/05/2008|09:45] C:\DOCUME~1\reda\APPLIC~1\Real
    [15/12/2007|14:37] C:\DOCUME~1\reda\APPLIC~1\Samsung
    [04/03/2007|21:04] C:\DOCUME~1\reda\APPLIC~1\Screenshot Sender
    [19/02/2007|20:21] C:\DOCUME~1\reda\APPLIC~1\Skype
    [02/09/2007|21:54] C:\DOCUME~1\reda\APPLIC~1\Sun
    [25/07/2008|19:44] C:\DOCUME~1\reda\APPLIC~1\SUPERAntiSpyware.com
    [02/12/2007|23:09] C:\DOCUME~1\reda\APPLIC~1\vlc
    [26/06/2007|00:37] C:\DOCUME~1\reda\APPLIC~1\V-Safe
    [18/12/2007|20:15] C:\DOCUME~1\reda\APPLIC~1\Yahoo!

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [12/07/2008 14:11][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [25/07/2008 21:41][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [06/02/2007|21:37] C:\Program Files\Acer
    [25/08/2006|06:21] C:\Program Files\Acer Inc
    [25/08/2006|06:22] C:\Program Files\Adobe
    [14/07/2008|19:06] C:\Program Files\adslTV
    [25/07/2008|19:39] C:\Program Files\AdwareSpywareScannerDeleter
    [30/11/2007|14:34] C:\Program Files\Alwil Software
    [08/07/2008|20:42] C:\Program Files\Apple Software Update
    [16/04/2008|08:35] C:\Program Files\AskTBar
    [08/04/2007|13:36] C:\Program Files\Athan
    [20/05/2008|00:37] C:\Program Files\AvantGo Connect
    [08/03/2007|20:49] C:\Program Files\AVI MPEG RM WMV Joiner
    [21/04/2008|12:22] C:\Program Files\AVS4YOU
    [20/04/2008|14:36] C:\Program Files\Bonjour
    [27/01/2008|11:30] C:\Program Files\Boonty
    [27/01/2008|11:30] C:\Program Files\BoontyGames
    [20/02/2008|23:34] C:\Program Files\BVRP Connection Manager
    [20/05/2008|00:37] C:\Program Files\Common Files
    [25/08/2006|06:03] C:\Program Files\ComPlus Applications
    [25/08/2006|06:18] C:\Program Files\CONEXANT
    [25/08/2006|06:23] C:\Program Files\CyberLink
    [07/06/2007|00:11] C:\Program Files\Dial-Messenger
    [15/12/2007|06:11] C:\Program Files\DivX
    [03/12/2007|23:18] C:\Program Files\DNsoft.be
    [15/04/2008|11:25] C:\Program Files\DVD Shrink
    [07/02/2007|13:00] C:\Program Files\eMule
    [25/08/2006|05:55] C:\Program Files\Fichiers communs
    [30/11/2007|14:25] C:\Program Files\FileZilla
    [30/11/2007|12:14] C:\Program Files\Free
    [20/12/2007|15:26] C:\Program Files\Freeplayer
    [10/03/2007|18:03] C:\Program Files\Google
    [14/05/2007|21:12] C:\Program Files\Grisoft
    [23/07/2008|22:32] C:\Program Files\Hitman Pro
    [15/04/2007|21:39] C:\Program Files\iMesh Applications
    [25/08/2006|06:17] C:\Program Files\InstallShield Installation Information
    [25/08/2006|06:11] C:\Program Files\Intel
    [25/08/2006|06:03] C:\Program Files\Internet Explorer
    [20/04/2008|14:37] C:\Program Files\iPod
    [20/04/2008|14:36] C:\Program Files\iTunes
    [02/09/2007|21:53] C:\Program Files\Java
    [25/02/2007|03:31] C:\Program Files\K-Lite Codec Pack
    [06/02/2007|21:40] C:\Program Files\Launch Manager
    [23/07/2008|00:09] C:\Program Files\Lavasoft
    [25/07/2008|19:56] C:\Program Files\Malwarebytes' Anti-Malware
    [25/08/2006|06:02] C:\Program Files\Messenger
    [04/03/2007|21:02] C:\Program Files\Messenger Plus! Live
    [04/04/2008|15:15] C:\Program Files\MeuhMeuhTV Alpha
    [20/05/2008|00:36] C:\Program Files\Microsoft ActiveSync
    [10/05/2007|03:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [25/08/2006|06:05] C:\Program Files\microsoft frontpage
    [16/12/2007|23:14] C:\Program Files\Microsoft SQL Server Compact Edition
    [25/08/2006|06:03] C:\Program Files\Movie Maker
    [10/11/2007|16:37] C:\Program Files\Mozilla Firefox
    [25/08/2006|06:02] C:\Program Files\MSN
    [25/08/2006|06:02] C:\Program Files\MSN Gaming Zone
    [27/12/2007|17:52] C:\Program Files\MSN Pictures Displayer
    [07/02/2007|00:36] C:\Program Files\MSXML 4.0
    [20/12/2007|15:29] C:\Program Files\MyFreeTV
    [25/08/2006|06:03] C:\Program Files\NetMeeting
    [18/06/2008|11:17] C:\Program Files\Neuf
    [18/06/2008|11:23] C:\Program Files\neuf Talk
    [25/08/2006|06:26] C:\Program Files\NewTech Infosystems
    [25/08/2006|06:02] C:\Program Files\Online Services
    [23/07/2008|01:31] C:\Program Files\Opera
    [25/08/2006|06:03] C:\Program Files\Outlook Express
    [15/12/2007|06:13] C:\Program Files\Picasa2
    [20/05/2008|11:03] C:\Program Files\POI-Warner SONY Edition
    [20/04/2008|14:35] C:\Program Files\QuickTime
    [29/05/2008|09:46] C:\Program Files\Real
    [25/08/2006|06:17] C:\Program Files\Realtek
    [22/07/2008|19:59] C:\Program Files\RegCleaner
    [15/12/2007|13:45] C:\Program Files\Samsung
    [06/02/2007|22:02] C:\Program Files\Securitoo
    [25/08/2006|06:04] C:\Program Files\Services en ligne
    [19/02/2007|20:19] C:\Program Files\Skype
    [23/07/2008|00:17] C:\Program Files\Spybot - Search & Destroy
    [25/07/2008|19:44] C:\Program Files\SUPERAntiSpyware
    [25/08/2006|22:14] C:\Program Files\Symantec
    [25/08/2006|06:20] C:\Program Files\Synaptics
    [02/04/2008|09:36] C:\Program Files\temp
    [25/07/2008|21:17] C:\Program Files\Trend Micro
    [25/08/2006|06:16] C:\Program Files\Uninstall Information
    [02/12/2007|23:03] C:\Program Files\VideoLAN
    [12/06/2008|17:29] C:\Program Files\VIRTUELSOFT
    [06/02/2007|16:52] C:\Program Files\Wanadoo
    [11/06/2007|10:25] C:\Program Files\Windows Live
    [10/02/2007|17:39] C:\Program Files\Windows Live Toolbar
    [22/02/2007|17:44] C:\Program Files\Windows Media Connect 2
    [25/08/2006|06:02] C:\Program Files\Windows Media Player
    [16/06/2008|22:35] C:\Program Files\Windows Mobile Device Handbook
    [25/08/2006|06:02] C:\Program Files\Windows NT
    [25/08/2006|06:04] C:\Program Files\WindowsUpdate
    [27/01/2008|11:36] C:\Program Files\WinRAR
    [25/08/2006|06:05] C:\Program Files\xerox
    [06/02/2007|21:44] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [05/12/2007|16:04] C:\Program Files\Fichiers communs\Adobe
    [20/04/2008|14:34] C:\Program Files\Fichiers communs\Apple
    [21/04/2008|12:22] C:\Program Files\Fichiers communs\AVSMedia
    [04/04/2008|11:22] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [27/06/2008|15:40] C:\Program Files\Fichiers communs\GTK
    [25/08/2006|06:17] C:\Program Files\Fichiers communs\InstallShield
    [02/09/2007|21:52] C:\Program Files\Fichiers communs\Java
    [25/08/2006|06:27] C:\Program Files\Fichiers communs\LightScribe
    [25/08/2006|05:55] C:\Program Files\Fichiers communs\Microsoft Shared
    [25/08/2006|06:04] C:\Program Files\Fichiers communs\MSSoap
    [25/08/2006|06:27] C:\Program Files\Fichiers communs\muvee Technologies
    [25/08/2006|06:26] C:\Program Files\Fichiers communs\NewTech Infosystems
    [25/08/2006|05:55] C:\Program Files\Fichiers communs\ODBC
    [29/05/2008|09:46] C:\Program Files\Fichiers communs\Real
    [25/08/2006|06:04] C:\Program Files\Fichiers communs\Services
    [19/02/2007|20:21] C:\Program Files\Fichiers communs\Skype
    [25/08/2006|05:55] C:\Program Files\Fichiers communs\SpeechEngines
    [25/08/2006|22:13] C:\Program Files\Fichiers communs\Symantec Shared
    [25/08/2006|06:03] C:\Program Files\Fichiers communs\System
    [16/12/2007|23:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [25/07/2008|19:44] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [29/05/2008|09:46] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 70 Processus )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-25 23:06:53
    Windows 5.1.2600 Service Pack 2 FAT NTAPI
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    => C:\DOCUME~1\reda\Local Settings\Application Data\Shareaza\Incomplete\(ECHOS) mutlu 1 (Crack) Album.wma
    => C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(ECHOS) mutlu 1 (Crack) Album.wma.xml
    => C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(DONE) cheb hafid rabani rabani _crack_ (Front).wma.xml

    [F:10][D:3]-> C:\DOCUME~1\reda\LOCALS~1\Temp
    [F:782][D:0]-> C:\DOCUME~1\reda\Cookies
    [F:6][D:2]-> C:\DOCUME~1\reda\LOCALS~1\TEMPOR~1\content.IE5
    [F:2][D:0]-> C:\Recycled

    --------------------\\ Fin du rapport a 23:08:08,25
    0
  13. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Supprime ces cracks ils sont infectès

    => C:\DOCUME~1\reda\Local Settings\Application Data\Shareaza\Incomplete\(ECHOS) mutlu 1 (Crack) Album.wma
    => C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(ECHOS) mutlu 1 (Crack) Album.wma.xml
    => C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(DONE) cheb hafid rabani rabani _crack_ (Front).wma.xml

    ensuite
    Télécharge malwarebytes
    http://www.malwarebytes.org/mbam/program/mbam-setup.exe
    Une aide pour l'installation
    http://www.swl1f.net/viewtopic.php?f=14&t=68

    => Installe le
    => Ensuite va en mode sans echec

    Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
    Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel

    => Lance malwarebytes
    => Coche "Executer un examen complet"
    => Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
    => Clique sur Supprimer la sélection
    => Pour poster le rapport Clique sur l'onglet Rapports/Logs, sélectionne celui t'intéresse et clique sur Ouvrir
    => Fait copier coller et poste le rapport

    --------------------------

    ensuite

    * Télécharge CCleaner
    https://filehippo.com/download_ccleaner/
    => Aide toi de ce tuto pour l'utiliser
    http://www.swl1f.net/viewtopic.php?f=14&t=69

    --------------------------

    Ensuite refais un nouveau rapport HijackTis stp ;)
    0
  14. mehdidi75_9
     
    comment je fais pour supprimer

    => C:\DOCUME~1\reda\Local Settings\Application Data\Shareaza\Incomplete\(ECHOS) mutlu 1 (Crack) Album.wma
    => C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(ECHOS) mutlu 1 (Crack) Album.wma.xml
    => C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(DONE) cheb hafid rabani rabani _crack_ (Front).wma.xml
    0
  15. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Shareaza => P2P facteur de risques pour infections

    Tu as télécharger des morceaux de musique et il sont infectés
    Le P2P c'est source de nombreuses infections.
    Le P2P est un système permettant la connexion directe d'ordinateurs les uns aux autres. En résumé, tu ouvre sur ton pc un accès à des millions d'internautes, donc des individus malveillants pourraient introduire virus, cheval de Troie ect..

    Le mieux supprime Shareaza de ton PC car un album ça coute 15 euros un PC ça coute 500 euros ;)
    Je pense qu'il faut réagir à ça :)

    Pour le reste j'attends ton rapport de Malwarebytes

    @+
    0
  16. mehdidi75_9
     
    Voilà le rapport et je les déja supprimer shareaza et je les remis:

    Malwarebytes' Anti-Malware 1.23
    Version de la base de données: 993
    Windows 5.1.2600 Service Pack 2

    10:50:08 26/07/2008
    mbam-log-7-26-2008 (10-50-08).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|G:\|)
    Eléments examinés: 97144
    Temps écoulé: 2 hour(s), 49 minute(s), 16 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 472

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Documents and Settings\reda\Local Settings\Application Data\Mozilla\Firefox\Profiles\v6su6gn7.default\Cache(3)\348820F2d01 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.342.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.343.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.2.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.3.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.4.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.5.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.6.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.7.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.8.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.9.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.10.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.11.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.12.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.13.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.14.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.15.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.16.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.17.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.18.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.19.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.20.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.21.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.22.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.23.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.24.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.25.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.26.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.27.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.28.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.29.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.30.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.31.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.32.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.33.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.34.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.35.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.36.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.37.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.38.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.39.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.40.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.41.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.42.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.43.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.44.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.45.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.46.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.47.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.48.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.49.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.50.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.51.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.52.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.53.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.54.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.55.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.56.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.57.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.58.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.59.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.60.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.61.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.62.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.63.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.64.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.65.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.66.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.67.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.68.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.69.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.70.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.71.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.72.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.73.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.74.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.75.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.76.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.77.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.78.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.79.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.80.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.81.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.82.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.83.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.84.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.85.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.86.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.87.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.88.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.89.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.90.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.91.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.92.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.93.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.94.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.95.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.96.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.97.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.98.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.99.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.100.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.101.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.102.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.103.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.104.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.105.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.106.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.107.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.108.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.109.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.110.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.111.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.112.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.113.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.114.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.115.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.116.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.117.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.118.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.119.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.120.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.121.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.122.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.123.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.124.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.125.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.126.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.127.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.128.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.129.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.130.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.131.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.132.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.133.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.134.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.135.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.136.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.137.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.138.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.139.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.140.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.141.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.142.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.143.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.144.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.145.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.146.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.147.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.148.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.149.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.150.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.151.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.152.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.153.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.154.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.155.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.156.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.157.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.158.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.159.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.160.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.161.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.162.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.163.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.164.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.165.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.166.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.167.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.168.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.169.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.170.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.171.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.172.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.173.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.174.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.175.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.176.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.177.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.178.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.179.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.180.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.181.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.182.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.183.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.184.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.185.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.186.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.187.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.188.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.189.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.190.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.191.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.192.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.193.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.194.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.195.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.196.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.197.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.198.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.199.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.200.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.201.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.202.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.203.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.204.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.205.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.206.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.207.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.208.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.209.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.210.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.211.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.212.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.213.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.214.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.215.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.216.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.217.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.218.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.219.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.220.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.221.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.222.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.223.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.224.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.225.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.226.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.227.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.228.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.229.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.230.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.231.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.232.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.233.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.234.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.235.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.236.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.237.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.238.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.239.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.240.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.241.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.242.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.243.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.244.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.245.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.246.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.247.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.248.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.249.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.250.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.251.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.252.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.253.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.254.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.255.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.256.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.257.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.258.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.259.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.260.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.261.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.262.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.263.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.264.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.265.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.266.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.267.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.268.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.269.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.270.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.271.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.272.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.273.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.274.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.275.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.276.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.277.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.278.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.279.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.280.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.281.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.282.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.283.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.284.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.285.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.286.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.287.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.288.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.289.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.290.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.291.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.292.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.293.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.294.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.295.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.296.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.297.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.298.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.299.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.300.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.301.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.302.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.303.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.304.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.305.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.306.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.307.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.308.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.309.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.310.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.311.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.312.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.313.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.314.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.315.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.316.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.317.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.318.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.319.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.320.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.321.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.322.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.323.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.324.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.325.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.326.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.327.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.328.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.329.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.330.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.331.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.332.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.333.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.334.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.335.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.336.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.337.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.338.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.339.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.340.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.341.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.344.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.345.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.346.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.347.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.348.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.349.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.350.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.351.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.352.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.353.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.354.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.355.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.356.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.357.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.358.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.359.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.360.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.361.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.362.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.363.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.364.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.365.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.366.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.367.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.368.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.369.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.370.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.371.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.372.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.373.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.374.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.375.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.376.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.377.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.378.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.379.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.380.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.381.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.382.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.383.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.384.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.385.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.386.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.387.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.388.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.389.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.390.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.391.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.392.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.393.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.394.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.395.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.396.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.397.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.398.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.399.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.400.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.401.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.402.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.403.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.404.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.405.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.406.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.407.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.408.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.409.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.410.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.411.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.412.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.413.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.414.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.415.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.416.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.417.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.418.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.419.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.420.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.421.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.422.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.423.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.424.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.425.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.426.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.427.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.428.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.429.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.430.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.431.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.432.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.433.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.434.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.435.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.436.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.437.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.438.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP334\A0110006.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP334\A0110010.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP342\A0110788.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP342\A0110789.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP342\A0110825.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP342\A0110826.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP342\A0110827.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP344\A0110979.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP344\A0110980.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP344\A0110981.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP344\A0111114.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP344\A0112144.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP345\A0112157.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP345\A0112344.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP345\A0112354.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP345\A0112381.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP345\A0112395.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP346\A0112460.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP347\A0112476.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP347\A0112623.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP347\A0112668.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP347\A0113707.DLL (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP347\A0113719.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP348\A0113798.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP348\A0114821.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP348\A0114843.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP348\A0114845.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP348\A0114875.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_
    0
  17. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Bonjour

    Pour le P2P
    je te conseil vivement de l'oublier
    mais bon te feras comme tu voudras ;)

    Pour continuer la recherche

    Télécharge sur ton bureau DSS (ex Comboscan) de Deckard:

    (choisis enregistrer, puis Bureau comme emplacement)

    http://deckard.geekstogo.com/dss.exe

    Ferme toutes les applications en cours.

    Double-clic sur comboscan.exe pour lancer l'outil.

    Une fenêtre s'ouvre, invitant à fermer toutes les applications, clique sur OK.

    A la fin de l'analyse, une fenêtre s'ouvre, clique sur OK.

    Le rapport Comboscan.txt va s'afficher, copie le dans ta prochaine réponse.
    Si un rapport complémentaire a été créé, poste le aussi dans ta réponse.

    @+
    0
  18. mehdidu75_9
     
    donc le premier rapport merci beaucoup de prendre ton temps pour m'aider:

    Deckard's System Scanner v20071014.68
    Run by reda on 2008-07-26 12:48:02
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.

    -- Last 5 Restore Point(s) --
    45: 2008-07-26 10:48:07 UTC - RP363 - Deckard's System Scanner Restore Point
    44: 2008-07-25 21:20:13 UTC - RP362 - Installed Windows Live
    43: 2008-07-25 21:19:03 UTC - RP361 - Installé Windows Live installer
    42: 2008-07-25 20:57:39 UTC - RP360 - Supprimé Windows Live installer
    41: 2008-07-25 20:54:23 UTC - RP359 - Supprimé Windows Live Toolbar

    -- First Restore Point --
    1: 2008-07-22 00:15:15 UTC - RP319 - Point de vérification système

    Backed up registry hives.
    Performed disk cleanup.

    [color=red]System Drive C: has 3.87 GiB (less than 15%) free.[/color]

    -- HijackThis (run as reda.exe) ------------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:49:37, on 26/07/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\BVRP Connection Manager\Nomad.exe
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe
    C:\Program Files\BVRP Connection Manager\NomadSvr.exe
    C:\Program Files\Neuf\Widget Neuf\9widget.exe
    C:\Program Files\Neuf\Media Center\MediaCenter.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\igfxext.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\DOCUME~1\reda\LOCALS~1\Temp\RtkBtMnt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\reda\Bureau\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\reda.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {6A10732F-BDB9-48B3-9DF7-622478AD74FC} - C:\WINDOWS\system32\jkkHAtrs.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {78529661-4C15-4A68-B80A-8C49BC3F344D} - C:\WINDOWS\system32\qoMfeBtr.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /normal-run2
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [WiFiSiStr] C:\Program Files\DNsoft.be\DNsoft.be WiFi SiStr\WiFi SiStr.exe
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKCU\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart
    O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe" -scheduler
    O4 - HKCU\..\Run: [VMCL] C:\Program Files\vodafone\vmclite\DongleEnumerator.exe
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
    O4 - HKCU\..\Run: [Widget Neuf] "C:\Program Files\Neuf\Widget Neuf\9widget.exe"
    O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: jkkHAtrs - jkkHAtrs.dll (file missing)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Connection Manager (Nomad) - Unknown owner - C:\Program Files\BVRP Connection Manager\NomadSvr.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    0
  19. mehdidu75_9
     
    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Édition familiale (build 2600) SP 2.0
    Architecture: X86; Language: French

    CPU 0: Intel(R) Celeron(R) M CPU 420 @ 1.60GHz
    Percentage of Memory in Use: 50%
    Physical Memory (total/avail): 1014.04 MiB / 504.99 MiB
    Pagefile Memory (total/avail): 2439.95 MiB / 1858.68 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1910.87 MiB

    C: is Fixed (FAT32) - 34.57 GiB total, 3.88 GiB free.
    D: is Fixed (FAT32) - 35.06 GiB total, 1.75 GiB free.
    E: is CDROM (No Media)

    \\.\PHYSICALDRIVE0 - HTS541080G9AT00 - 74.53 GiB - 3 partitions
    \PARTITION0 - Unknown - 4.88 GiB
    \PARTITION1 (bootable) - Unknown - 34.58 GiB - C:
    \PARTITION2 - Unknown - 35.07 GiB - D:

    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is enabled.

    FirstRunDisabled is set.
    AntiVirusDisableNotify is set.

    AV: avast! antivirus 4.8.1229 [VPS 080725-1] v4.8.1229 (ALWIL Software)

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\WINDOWS\\System32\\dpnsvr.exe"="C:\\WINDOWS\\System32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
    "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
    "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Disabled:VLC media player"
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
    "C:\\Program Files\\Neuf\\Media Center\\httpd\\httpd.exe"="C:\\Program Files\\Neuf\\Media Center\\httpd\\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing"

    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\reda\Application Data
    CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
    CommonProgramFiles=C:\Program Files\Fichiers communs
    COMPUTERNAME=ACER-4CCBBC5D09
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\reda
    LOGONSERVER=\\ACER-4CCBBC5D09
    NUMBER_OF_PROCESSORS=1
    OS=Windows_NT
    Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\QuickTime\QTSystem;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\QuickTime\QTSystem;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=0e08
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
    RNLOG_BASEKEY=Software\RealNetworks\RealPlayer\6.0\Preferences\BrowserRecordPluginLog
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\reda\LOCALS~1\Temp
    TMP=C:\DOCUME~1\reda\LOCALS~1\Temp
    USERDOMAIN=ACER-4CCBBC5D09
    USERNAME=reda
    USERPROFILE=C:\Documents and Settings\reda
    windir=C:\WINDOWS

    -- User Profiles ---------------------------------------------------------------

    reda [I](admin)/I

    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
    --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13E613EF-BB55-11D9-9D77-000129760D75}\setup.exe" -uninstall
    --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.exe" -uninstall
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Acer Arcade --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
    Acer eDataSecurity Management 1.00.26 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E431C518-2EE2-471E-9234-BE995C36D513}\setup.exe" -l0x40c -removeonly
    Acer eLock Management --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}
    Acer Empowering Technology framework --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{15B70821-7893-4607-805A-BB80F3EA8279}
    Acer ePerformance Management --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DEE08946-40F0-4890-853E-60A6C3306041}
    Acer ePower Management --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
    Acer ePresentation Management --> C:\WINDOWS\UnInst32.exe AcerePrj.UNI
    Acer eSettings Management --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}
    Acer GridVista --> C:\WINDOWS\UnInst32.exe GridV.UNI
    Acer OrbiCam --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\setup.exe" -l0x40c
    Acer Screensaver --> MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}
    Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
    Adobe Shockwave Player --> C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\INSTALL.LOG
    Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
    Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
    Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AVI/MPEG/RM/WMV Joiner 4.82 --> "C:\Program Files\AVI MPEG RM WMV Joiner\unins000.exe"
    Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
    BVRP Connection Manager Lite --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2D88DF3-EF39-456E-A393-BF48037D985A}\setup.exe" -l0x40c -removeonly
    CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
    Correctif pour Lecteur Windows Media 11 (KB939683) --> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB896256) --> "C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB909667) --> "C:\WINDOWS\$NtUninstallKB909667$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB918005) --> "C:\WINDOWS\$NtUninstallKB918005$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB935448) --> "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
    Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Correctif Windows XP - KB885855 --> C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe
    Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Correctif Windows XP - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
    Essai de World of Warcraft --> C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft Trial\Uninstall.exe
    Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025007F\HXFSETUP.EXE -U -IWstAzlK.inf
    High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2 --> "C:\Documents and Settings\reda\Bureau\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    iMesh MediaBar --> regsvr32 /u /s "C:\Program Files\iMesh applications\iMesh MediaBar\MediaBar.dll"
    Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
    iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
    Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    L'Album de Bébé --> MsiExec.exe /I{FF1A5077-C7E9-442A-B57A-37C23606AEE4}
    Launch Manager --> C:\WINDOWS\UnInst32.exe LManager.UNI
    LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
    LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
    Lop S&D --> C:\Lop SD\Uninstal.exe
    Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Manuel de l'appareil Windows Mobile® --> C:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe
    Messenger Plus! Live & Sponsor (CiD) --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748) --> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB912945) --> "C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB932823-v3) --> "C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Mozilla Firefox (2.0.0.16) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe
    Neuf - Media Center --> C:\Program Files\Neuf\Media Center\uninstall.exe
    Neuf - Widget Neuf --> C:\Program Files\Neuf\Widget Neuf\uninstall.exe
    neuf Talk 1.4 --> C:\Program Files\neuf Talk\uninst.exe
    NTI Backup NOW! 4.5 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B06B842F-2450-494F-BBDE-217CDC151A37}\setup.exe" -l0x9 -uninst -removeonly
    NTI CD & DVD-Maker --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
    Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
    QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
    RealPlayer --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
    SAMSUNG CDMA Modem Driver Set --> C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    SAMSUNG Mobile Composite Device Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
    Samsung Mobile phone USB driver Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Shareaza 2.3.1.0 --> "C:\Program Files\Shareaza\Uninstall\unins000.exe"
    Skype 3.0 --> "C:\Program Files\Skype\Phone\unins000.exe"
    Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
    Skype Toolbar for Microsoft Office --> "C:\Program Files\Skype\toolbars\Skype for Microsoft Office\unins000.exe"
    SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
    Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    VideoLAN VLC media player 0.8.6b --> C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
    Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Yahoo! Messenger --> C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
    Yahoo! Toolbar avec bloqueur de fenêtres pop-up --> C:\PROGRA~1\YAHOO!\common\unyt.exe

    -- Application Event Log -------------------------------------------------------

    Event Record #/Type27945 / Warning
    Event Submitted/Written: 07/25/2008 08:11:30 PM
    Event ID/Source: 1524 / Userenv
    Event Description:
    Windows ne peut pas décharger vos classes fichier de Registre - il est en cours d'utilisation par d'autres applications ou services. Le fichier sera déchargé quand il ne sera plus utilisé.

    Event Record #/Type27917 / Error
    Event Submitted/Written: 07/25/2008 06:21:22 PM
    Event ID/Source: 1001 / Application Hang
    Event Description:
    Détecteur d'erreurs 744394775.

    Event Record #/Type27916 / Error
    Event Submitted/Written: 07/25/2008 06:21:13 PM
    Event ID/Source: 1002 / Application Hang
    Event Description:
    Application bloquée 9widget.exe, version 8.4.29.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Event Record #/Type27879 / Error
    Event Submitted/Written: 07/25/2008 02:19:57 PM
    Event ID/Source: 5000 / Windows Live Messenger
    Event Description:
    msnmsgrdiagnosticmsnmsgr.exe8.5.1302login081000306NILNILNILNILNIL

    Event Record #/Type27864 / Warning
    Event Submitted/Written: 07/25/2008 02:04:56 PM
    Event ID/Source: 1524 / Userenv
    Event Description:
    Windows ne peut pas décharger vos classes fichier de Registre - il est en cours d'utilisation par d'autres applications ou services. Le fichier sera déchargé quand il ne sera plus utilisé.

    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.

    -- System Event Log ------------------------------------------------------------

    Event Record #/Type178558 / Error
    Event Submitted/Written: 07/26/2008 11:43:04 AM
    Event ID/Source: 7011 / Service Control Manager
    Event Description:
    Délai (30000 millisecondes) d'attente pour une réponse du service stisvc à une transaction.

    Event Record #/Type178557 / Error
    Event Submitted/Written: 07/26/2008 11:42:56 AM
    Event ID/Source: 7 / Disk
    Event Description:
    Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

    Event Record #/Type178556 / Error
    Event Submitted/Written: 07/26/2008 11:42:49 AM / 07/26/2008 11:42:56 AM
    Event ID/Source: 7 / Disk
    Event Description:
    Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

    Event Record #/Type178554 / Warning
    Event Submitted/Written: 07/26/2008 11:15:36 AM
    Event ID/Source: 4226 / Tcpip
    Event Description:
    TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

    Event Record #/Type178546 / Warning
    Event Submitted/Written: 07/26/2008 10:57:21 AM
    Event ID/Source: 20192 / RemoteAccess
    Event Description:
    Un certificat n'a pas été trouvé. Les connexions qui utilisent le protocole L2TP sur IPSec
    nécessitent l'installation d'un certificat d'ordinateur.
    Aucun appel L2TP ne sera accepté.

    -- End of Deckard's System Scanner: finished at 2008-07-26 12:50:23 ------------
    0
  20. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Télécharge sur le Bureau http://siri.urz.free.fr/Fix/SmitfraudFix.exe
    => Double clic sur SmitfraudFix.zip
    => Extraire tout
    => Double clic sur SmitfraudFix
    => Double Clic sur SmitfraudFix.cmd
    => Choisir Option 1
    => poste le rapport
    @+
    0
  21. mehdidu75_9
     
    SmitFraudFix v2.331

    Rapport fait à 14:25:12,39, 26/07/2008
    Executé à partir de C:\Documents and Settings\reda\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est FAT32
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» Process

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\BVRP Connection Manager\Nomad.exe
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe
    C:\Program Files\BVRP Connection Manager\NomadSvr.exe
    C:\Program Files\Neuf\Widget Neuf\9widget.exe
    C:\Program Files\Neuf\Media Center\MediaCenter.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\igfxext.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\DOCUME~1\reda\LOCALS~1\Temp\RtkBtMnt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\Program Files\Shareaza\Shareaza.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    C:\WINDOWS\system32\DllHost.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Documents and Settings\reda\Bureau\SmitfraudFix\Policies.exe
    C:\WINDOWS\system32\cmd.exe

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    »»»»»»»»»»»»»»»»»»»»»»»» C:\

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\reda

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\reda\Application Data

    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\reda\Favoris

    »»»»»»»»»»»»»»»»»»»»»»»» Bureau

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Ma page d'accueil"

    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» VACFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    "System"=""

    »»»»»»»»»»»»»»»»»»»»»»»» Rustock

    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    Description: Atheros AR5005G Wireless Network Adapter - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 192.168.1.1

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{60945AF5-A85C-4FC5-927F-530770932DB3}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{60945AF5-A85C-4FC5-927F-530770932DB3}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{60945AF5-A85C-4FC5-927F-530770932DB3}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

    »»»»»»»»»»»»»»»»»»»»»»»» Fin
    0
  • 1
  • 2