Sujet Précédent Sujet Suivant

Infecté par adware et cheval de troie

Fermé
mehdi75_9 Messages postés 2 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 25 juillet 2008 - 25 juil. 2008 à 21:08
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 - 26 juil. 2008 à 14:49
Bonjour,
Sa fait 2 jours que j'arrête pas de recevoir un message d'alerte de avast comme quoi j'ai des adwares cheval de troie trojan et je sais pas comment m'en débarrassé pouvez vous m'aidez. Merci d'avance
Voilà mon rapport d'erreur:

Malwarebytes' Anti-Malware 1.23
Version de la base de données: 992
Windows 5.1.2600 Service Pack 2

20:38:58 25/07/2008
mbam-log-7-25-2008 (20-38-58).txt

Type de recherche: Examen rapide
Eléments examinés: 43187
Temps écoulé: 18 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 12
Fichier(s) infecté(s): 12

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xbtb01621.ietoolbar (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.ietoolbar.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.xbtb01621 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xbtb01621.xbtb01621.1 (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcr1cj0er1q (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcr1cj0er1q (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\qndsfmao.bvqe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\qndsfmao.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\VCLSDCompression.class (Rogue.Installer) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcv1cj0er1q (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\evgratsm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\kvxqmtre (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\rhcr1cj0er1q (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\rhcr1cj0er1q\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\reda\Local Settings\Application Data\ficaaerxa_navps.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Local Settings\Application Data\ficaaerxa_nav.dat (Adware.Navipromo) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\rhcr1cj0er1q.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcr1cj0er1q\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\reda\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
A voir également:

21 réponses

  • 1
  • 2
Réponse 1 / 21
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
25 juil. 2008 à 21:13
Bonsoir
Malwarebytest à supprimé pas mal de saloperies ;)

pour vérification

Télécharge sur le Bureau HijackThis

http://download.hijackthis.eu/HJTInstall.exe

= Double-clique sur dessus pour l'installer
= Clique sur Do a system scan and save the log
= Colle le rapport
si problème voir l'aide
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

@+
0
Réponse 2 / 21
mehdi75_9 Messages postés 2 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 25 juillet 2008
25 juil. 2008 à 21:18
Voila ce que sa me donne.
Merci davoir répondu aussi vite

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:17:25, on 25/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\BVRP Connection Manager\NomadSvr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\BVRP Connection Manager\Nomad.exe
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe
C:\Program Files\Neuf\Widget Neuf\9widget.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Neuf\Media Center\MediaCenter.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Neuf\Media Center\httpd\httpd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Neuf\Media Center\httpd\httpd.exe
C:\DOCUME~1\reda\LOCALS~1\Temp\RtkBtMnt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0066c54a-c6a5-4eaa-a7fd-b82efaa223b9} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {1206D4D5-390A-4EF5-ABD6-4C44D9B3BD69} - (no file)
O2 - BHO: (no name) - {2C5EF120-D431-4628-ACC7-6ED529743FBC} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {6A10732F-BDB9-48B3-9DF7-622478AD74FC} - C:\WINDOWS\system32\jkkHAtrs.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {78529661-4C15-4A68-B80A-8C49BC3F344D} - C:\WINDOWS\system32\qoMfeBtr.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /normal-run2
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WiFiSiStr] C:\Program Files\DNsoft.be\DNsoft.be WiFi SiStr\WiFi SiStr.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [VMCL] C:\Program Files\vodafone\vmclite\DongleEnumerator.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [ficaaerxa] c:\documents and settings\reda\local settings\application data\ficaaerxa.exe ficaaerxa
O4 - HKCU\..\Run: [Widget Neuf] "C:\Program Files\Neuf\Widget Neuf\9widget.exe"
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"
O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\reda\APPLIC~1\ELSEPL~1\AXISNEW.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: jkkHAtrs - jkkHAtrs.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Connection Manager (Nomad) - Unknown owner - C:\Program Files\BVRP Connection Manager\NomadSvr.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
0
Réponse 3 / 21
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
25 juil. 2008 à 21:23
Bon tu es belle et bien infecté :(

mais ne t'inquiète pas je vais t'aider à nettoyer tout ça ;)

C'est partit

1/ Télécharge LOP S&D d'Eric71 ici https://sites.google.com/site/eric71mespages/lop.sd.exe

Double-clique dessus pour lancer l'installation.
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan.
Poste le rapport généré (situé aussi ici C:\lopR.txt )

( Si le Bureau ne réapparaît pas, lance le gestionnaire des tâches en cliquant sur Ctrl + Alt + Suppr , puis Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )


2 / Télécharge Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Avant de lancer le téléchargement
Clique droit sur le lien et tu choisis "enregistrer la cible du lien sous"
et tu le renomme par outil

=> /!\déconnecte toi d'internet et ferme toutes tes applications./!\

=>/!\ désactive tes protections (antivirus, parefeu,antispyware) provisoirement et seulement le temps de l'utilisation de ComboFix,/!\

=> Double-clic sur outil,

=> /!\Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi./!\

=> Attends que combofix ait terminé, un rapport sera créé.

=> réactive ton parefeu, ton antivirus, la garde de ton antispyware

=> copie/colle le rapport C:\ComboFix.txt

=> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.





0
Réponse 4 / 21
mehdidi75_9
25 juil. 2008 à 21:32
Voilà le premier rapport
--------------------\\ Lop S&D 4.2.2-4 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : reda ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 25/07/2008 | 21:28:33,78 ] [ PC : ACER-4CCBBC5D09 ]
[ MAJ : 25-07-2008 | 17:45 ]

--------------------\\ Listing des dossiers dans APPLIC~1

[25/08/2006|06:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Acer
[25/08/2006|05:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[25/08/2006|06:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[25/08/2006|05:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[25/08/2006|06:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acer
[05/12/2007|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/04/2008|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/04/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[14/05/2007|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[21/04/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[20/02/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[07/01/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[06/02/2007|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[25/08/2006|05:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[15/04/2008|11:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[22/05/2008|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[23/07/2008|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[27/01/2008|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[25/07/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[04/03/2007|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[25/08/2006|05:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/07/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
[14/01/2008|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[30/06/2008|13:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[09/04/2008|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
[21/12/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[19/02/2007|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[23/07/2008|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[25/07/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[25/08/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[23/07/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[12/02/2007|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/02/2007|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[16/12/2007|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/02/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[07/02/2007|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[25/08/2006|05:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[14/05/2007|21:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[25/08/2006|05:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/05/2008|09:59] C:\DOCUME~1\reda\APPLIC~1\$_hpcst$.hpc
[12/06/2008|17:28] C:\DOCUME~1\reda\APPLIC~1\{B2A6EEBC-1184-4D6D-AC68-F354C811A6F9}
[25/08/2006|06:35] C:\DOCUME~1\reda\APPLIC~1\Acer
[27/02/2007|22:23] C:\DOCUME~1\reda\APPLIC~1\Adobe
[05/03/2007|19:04] C:\DOCUME~1\reda\APPLIC~1\AdobeUM
[20/04/2008|14:37] C:\DOCUME~1\reda\APPLIC~1\Apple Computer
[14/05/2007|21:13] C:\DOCUME~1\reda\APPLIC~1\AVG7
[21/04/2008|12:23] C:\DOCUME~1\reda\APPLIC~1\AVS4YOU
[19/02/2007|20:05] C:\DOCUME~1\reda\APPLIC~1\CyberLink
[25/08/2006|05:55] C:\DOCUME~1\reda\APPLIC~1\desktop.ini
[15/12/2007|06:22] C:\DOCUME~1\reda\APPLIC~1\DivX
[22/04/2008|23:26] C:\DOCUME~1\reda\APPLIC~1\dvdcss
[07/01/2008|17:12] C:\DOCUME~1\reda\APPLIC~1\Else plus
[18/04/2007|17:52] C:\DOCUME~1\reda\APPLIC~1\Google
[06/02/2007|17:02] C:\DOCUME~1\reda\APPLIC~1\Help
[25/08/2006|06:16] C:\DOCUME~1\reda\APPLIC~1\Identities
[06/02/2007|21:44] C:\DOCUME~1\reda\APPLIC~1\Macromedia
[27/03/2008|21:33] C:\DOCUME~1\reda\APPLIC~1\Macrovision
[25/07/2008|19:56] C:\DOCUME~1\reda\APPLIC~1\Malwarebytes
[25/08/2006|05:55] C:\DOCUME~1\reda\APPLIC~1\Microsoft
[10/11/2007|16:38] C:\DOCUME~1\reda\APPLIC~1\Mozilla
[27/12/2007|17:54] C:\DOCUME~1\reda\APPLIC~1\MSN Pictures Displayer
[23/07/2008|01:32] C:\DOCUME~1\reda\APPLIC~1\Opera
[29/05/2008|09:45] C:\DOCUME~1\reda\APPLIC~1\Real
[15/12/2007|14:37] C:\DOCUME~1\reda\APPLIC~1\Samsung
[04/03/2007|21:04] C:\DOCUME~1\reda\APPLIC~1\Screenshot Sender
[19/02/2007|20:21] C:\DOCUME~1\reda\APPLIC~1\Skype
[02/09/2007|21:54] C:\DOCUME~1\reda\APPLIC~1\Sun
[25/07/2008|19:44] C:\DOCUME~1\reda\APPLIC~1\SUPERAntiSpyware.com
[02/12/2007|23:09] C:\DOCUME~1\reda\APPLIC~1\vlc
[26/06/2007|00:37] C:\DOCUME~1\reda\APPLIC~1\V-Safe
[18/12/2007|20:15] C:\DOCUME~1\reda\APPLIC~1\Yahoo!

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/07/2008 14:11][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[25/07/2008 20:43][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[25/07/2008 20:13][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[06/02/2007|21:37] C:\Program Files\Acer
[25/08/2006|06:21] C:\Program Files\Acer Inc
[25/08/2006|06:22] C:\Program Files\Adobe
[14/07/2008|19:06] C:\Program Files\adslTV
[25/07/2008|19:39] C:\Program Files\AdwareSpywareScannerDeleter
[30/11/2007|14:34] C:\Program Files\Alwil Software
[08/07/2008|20:42] C:\Program Files\Apple Software Update
[16/04/2008|08:35] C:\Program Files\AskTBar
[08/04/2007|13:36] C:\Program Files\Athan
[20/05/2008|00:37] C:\Program Files\AvantGo Connect
[08/03/2007|20:49] C:\Program Files\AVI MPEG RM WMV Joiner
[21/04/2008|12:22] C:\Program Files\AVS4YOU
[20/04/2008|14:36] C:\Program Files\Bonjour
[27/01/2008|11:30] C:\Program Files\Boonty
[27/01/2008|11:30] C:\Program Files\BoontyGames
[20/02/2008|23:34] C:\Program Files\BVRP Connection Manager
[07/01/2008|17:09] C:\Program Files\Circle Developement
[20/05/2008|00:37] C:\Program Files\Common Files
[25/08/2006|06:03] C:\Program Files\ComPlus Applications
[25/08/2006|06:18] C:\Program Files\CONEXANT
[25/08/2006|06:23] C:\Program Files\CyberLink
[07/06/2007|00:11] C:\Program Files\Dial-Messenger
[15/12/2007|06:11] C:\Program Files\DivX
[03/12/2007|23:18] C:\Program Files\DNsoft.be
[15/04/2008|11:25] C:\Program Files\DVD Shrink
[30/06/2008|03:38] C:\Program Files\Else plus
[07/02/2007|13:00] C:\Program Files\eMule
[25/08/2006|05:55] C:\Program Files\Fichiers communs
[30/11/2007|14:25] C:\Program Files\FileZilla
[30/11/2007|12:14] C:\Program Files\Free
[20/12/2007|15:26] C:\Program Files\Freeplayer
[10/03/2007|18:03] C:\Program Files\Google
[14/05/2007|21:12] C:\Program Files\Grisoft
[23/07/2008|22:32] C:\Program Files\Hitman Pro
[15/04/2007|21:39] C:\Program Files\iMesh Applications
[25/08/2006|06:17] C:\Program Files\InstallShield Installation Information
[25/08/2006|06:11] C:\Program Files\Intel
[25/08/2006|06:03] C:\Program Files\Internet Explorer
[20/04/2008|14:37] C:\Program Files\iPod
[20/04/2008|14:36] C:\Program Files\iTunes
[02/09/2007|21:53] C:\Program Files\Java
[25/02/2007|03:31] C:\Program Files\K-Lite Codec Pack
[06/02/2007|21:40] C:\Program Files\Launch Manager
[23/07/2008|00:09] C:\Program Files\Lavasoft
[25/07/2008|19:56] C:\Program Files\Malwarebytes' Anti-Malware
[25/08/2006|06:02] C:\Program Files\Messenger
[04/03/2007|21:02] C:\Program Files\Messenger Plus! Live
[04/04/2008|15:15] C:\Program Files\MeuhMeuhTV Alpha
[20/05/2008|00:36] C:\Program Files\Microsoft ActiveSync
[10/05/2007|03:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[25/08/2006|06:05] C:\Program Files\microsoft frontpage
[16/12/2007|23:14] C:\Program Files\Microsoft SQL Server Compact Edition
[25/08/2006|06:03] C:\Program Files\Movie Maker
[10/11/2007|16:37] C:\Program Files\Mozilla Firefox
[25/08/2006|06:02] C:\Program Files\MSN
[25/08/2006|06:02] C:\Program Files\MSN Gaming Zone
[27/12/2007|17:52] C:\Program Files\MSN Pictures Displayer
[07/02/2007|00:36] C:\Program Files\MSXML 4.0
[20/12/2007|15:29] C:\Program Files\MyFreeTV
[25/08/2006|06:03] C:\Program Files\NetMeeting
[18/06/2008|11:17] C:\Program Files\Neuf
[18/06/2008|11:23] C:\Program Files\neuf Talk
[25/08/2006|06:26] C:\Program Files\NewTech Infosystems
[25/08/2006|06:02] C:\Program Files\Online Services
[23/07/2008|01:31] C:\Program Files\Opera
[25/08/2006|06:03] C:\Program Files\Outlook Express
[15/12/2007|06:13] C:\Program Files\Picasa2
[20/05/2008|11:03] C:\Program Files\POI-Warner SONY Edition
[20/04/2008|14:35] C:\Program Files\QuickTime
[29/05/2008|09:46] C:\Program Files\Real
[25/08/2006|06:17] C:\Program Files\Realtek
[22/07/2008|19:59] C:\Program Files\RegCleaner
[15/12/2007|13:45] C:\Program Files\Samsung
[06/02/2007|22:02] C:\Program Files\Securitoo
[25/08/2006|06:04] C:\Program Files\Services en ligne
[19/02/2007|20:19] C:\Program Files\Skype
[23/07/2008|00:17] C:\Program Files\Spybot - Search & Destroy
[25/07/2008|19:44] C:\Program Files\SUPERAntiSpyware
[25/08/2006|22:14] C:\Program Files\Symantec
[25/08/2006|06:20] C:\Program Files\Synaptics
[02/04/2008|09:36] C:\Program Files\temp
[25/07/2008|21:17] C:\Program Files\Trend Micro
[25/08/2006|06:16] C:\Program Files\Uninstall Information
[02/12/2007|23:03] C:\Program Files\VideoLAN
[12/06/2008|17:29] C:\Program Files\VIRTUELSOFT
[06/02/2007|16:52] C:\Program Files\Wanadoo
[11/06/2007|10:25] C:\Program Files\Windows Live
[02/12/2007|01:25] C:\Program Files\Windows Live Favorites
[10/02/2007|17:39] C:\Program Files\Windows Live Toolbar
[22/02/2007|17:44] C:\Program Files\Windows Media Connect 2
[25/08/2006|06:02] C:\Program Files\Windows Media Player
[16/06/2008|22:35] C:\Program Files\Windows Mobile Device Handbook
[25/08/2006|06:02] C:\Program Files\Windows NT
[25/08/2006|06:04] C:\Program Files\WindowsUpdate
[27/01/2008|11:36] C:\Program Files\WinRAR
[25/08/2006|06:05] C:\Program Files\xerox
[06/02/2007|21:44] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/12/2007|16:04] C:\Program Files\Fichiers communs\Adobe
[20/04/2008|14:34] C:\Program Files\Fichiers communs\Apple
[21/04/2008|12:22] C:\Program Files\Fichiers communs\AVSMedia
[04/04/2008|11:22] C:\Program Files\Fichiers communs\Blizzard Entertainment
[27/06/2008|15:40] C:\Program Files\Fichiers communs\GTK
[25/08/2006|06:17] C:\Program Files\Fichiers communs\InstallShield
[02/09/2007|21:52] C:\Program Files\Fichiers communs\Java
[25/08/2006|06:27] C:\Program Files\Fichiers communs\LightScribe
[25/08/2006|05:55] C:\Program Files\Fichiers communs\Microsoft Shared
[25/08/2006|06:04] C:\Program Files\Fichiers communs\MSSoap
[25/08/2006|06:27] C:\Program Files\Fichiers communs\muvee Technologies
[25/08/2006|06:26] C:\Program Files\Fichiers communs\NewTech Infosystems
[25/08/2006|05:55] C:\Program Files\Fichiers communs\ODBC
[29/05/2008|09:46] C:\Program Files\Fichiers communs\Real
[25/08/2006|06:04] C:\Program Files\Fichiers communs\Services
[19/02/2007|20:21] C:\Program Files\Fichiers communs\Skype
[25/08/2006|05:55] C:\Program Files\Fichiers communs\SpeechEngines
[25/08/2006|22:13] C:\Program Files\Fichiers communs\Symantec Shared
[25/08/2006|06:03] C:\Program Files\Fichiers communs\System
[16/12/2007|23:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[25/07/2008|19:44] C:\Program Files\Fichiers communs\Wise Installation Wizard
[29/05/2008|09:46] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 72 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\reda\APPLIC~1\ELSE PLUS
C:\Program Files\ELSE PLUS
C:\Program Files\Circle Developement
C:\DOCUME~1\reda\Cookies\reda@directinet.advertserve[1].txt
C:\DOCUME~1\reda\Cookies\reda@advertising[2].txt
C:\DOCUME~1\reda\Cookies\reda@bigpoint[1].txt
C:\DOCUME~1\reda\Cookies\reda@fr.bigpoint[1].txt
C:\DOCUME~1\reda\Cookies\reda@adin.bigpoint[2].txt
C:\DOCUME~1\reda\Cookies\reda@adin.bigpoint[3].txt
C:\DOCUME~1\reda\Cookies\reda@bigpoint[2].txt
C:\DOCUME~1\reda\Cookies\reda@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\reda\Cookies\reda@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\reda\Cookies\reda@cotedazurpalace[1].txt
C:\DOCUME~1\reda\Cookies\reda@banner.cotedazurpalace[2].txt
C:\DOCUME~1\reda\Cookies\reda@cotedazurpalace[3].txt
C:\DOCUME~1\reda\Cookies\reda@pacificpoker[1].txt
C:\DOCUME~1\reda\Cookies\reda@pacificpoker[2].txt
C:\DOCUME~1\reda\Cookies\reda@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\reda\Cookies\reda@vegas-millions[2].txt
C:\DOCUME~1\reda\Cookies\reda@www.2xmoinscher[2].txt
C:\DOCUME~1\reda\Cookies\reda@2xmoinscher[1].txt
C:\DOCUME~1\reda\Cookies\reda@www.2xmoinscher[1].txt
C:\DOCUME~1\reda\Cookies\reda@888[2].txt
C:\DOCUME~1\reda\Cookies\reda@888[3].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

/!\ 1 Not 127.0.0.1 !!

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-25 21:30:24
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ficaaerxa"="c:\\documents and settings\\reda\\local settings\\application data\\ficaaerxa.exe ficaaerxa"

[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

=> C:\DOCUME~1\reda\Local Settings\Application Data\Shareaza\Incomplete\(ECHOS) mutlu 1 (Crack) Album.wma
=> C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(ECHOS) mutlu 1 (Crack) Album.wma.xml
=> C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(DONE) cheb hafid rabani rabani _crack_ (Front).wma.xml


[F:73][D:13]-> C:\DOCUME~1\reda\LOCALS~1\Temp
[F:801][D:0]-> C:\DOCUME~1\reda\Cookies
[F:1057][D:40]-> C:\DOCUME~1\reda\LOCALS~1\TEMPOR~1\content.IE5
[F:8][D:0]-> C:\Recycled

--------------------\\ Fin du rapport a 21:31:24,29
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 21
mehdidi75_9
25 juil. 2008 à 21:51
J'ai effectuer le test avec combo sans rien toucher mais je n'est eu aucun rapport.
0
Réponse 6 / 21
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
25 juil. 2008 à 21:57
Regarde dans C: tu doit trouver Combofix.txt
0
Réponse 7 / 21
mehdidi75_9
25 juil. 2008 à 22:19
ComboFix 08-07-24.6 - reda 2008-07-25 21:37:16.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.313 [GMT 2:00]
Endroit: C:\Documents and Settings\reda\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\_000007_.tmp.dll
C:\WINDOWS\system32\_000008_.tmp.dll
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\_000012_.tmp.dll
C:\WINDOWS\system32\_000013_.tmp.dll
C:\WINDOWS\system32\_000014_.tmp.dll
C:\WINDOWS\system32\iwohfoti.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\rtBefMoq.ini
C:\WINDOWS\system32\rtBefMoq.ini2

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-25 to 2008-07-25 ))))))))))))))))))))))))))))))))))))
.

2008-07-25 21:27 . 2008-07-25 21:27 <REP> d-------- C:\Lop SD
2008-07-25 21:17 . 2008-07-25 21:17 <REP> d-------- C:\Program Files\Trend Micro
2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Documents and Settings\reda\Application Data\Malwarebytes
2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-25 19:56 . 2008-07-23 20:09 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-25 19:56 . 2008-07-23 20:09 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Program Files\SUPERAntiSpyware
2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Documents and Settings\reda\Application Data\SUPERAntiSpyware.com
2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-25 19:39 . 2008-07-25 19:39 <REP> d-------- C:\Program Files\AdwareSpywareScannerDeleter
2008-07-23 22:33 . 2008-07-23 22:33 <REP> d-------- C:\WINDOWS\system32\GroupPolicy
2008-07-23 22:32 . 2008-07-23 22:32 <REP> d-------- C:\Program Files\Hitman Pro
2008-07-23 19:37 . 2008-07-23 19:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-23 01:31 . 2008-07-23 01:31 <REP> d-------- C:\Program Files\Opera
2008-07-23 01:20 . 2008-07-23 13:21 400 --a------ C:\WINDOWS\wininit.ini
2008-07-23 00:39 . 2008-07-23 00:39 0 --a------ C:\WINDOWS\system32\3C.tmp
2008-07-23 00:17 . 2008-07-23 00:17 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-23 00:17 . 2008-07-23 00:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-23 00:08 . 2008-07-23 00:09 <REP> d-------- C:\Program Files\Lavasoft
2008-07-23 00:08 . 2008-07-23 00:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-22 19:59 . 2008-07-22 19:59 <REP> d-------- C:\Program Files\RegCleaner
2008-07-22 18:40 . 2008-07-23 19:09 44,122 ---hs---- C:\WINDOWS\system32\xkmsfari.ini
2008-07-14 19:06 . 2008-07-14 19:06 <REP> d-------- C:\Program Files\adslTV
2008-07-08 20:42 . 2008-07-08 20:42 <REP> d-------- C:\Program Files\Apple Software Update
2008-06-30 13:27 . 2008-06-30 13:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2008-06-30 03:38 . 2008-06-30 03:38 <REP> d-------- C:\Program Files\Else plus
2008-06-27 15:40 . 2008-06-27 15:40 <REP> d-------- C:\Program Files\Fichiers communs\GTK

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-18 09:23 --------- d-----w C:\Program Files\neuf Talk
2008-06-18 09:17 --------- d-----w C:\Program Files\Neuf
2008-06-16 20:35 --------- d-----w C:\Program Files\Windows Mobile Device Handbook
2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-12 15:29 --------- d-----w C:\Program Files\VIRTUELSOFT
2008-06-12 15:28 --------- d-----w C:\Documents and Settings\reda\Application Data\{B2A6EEBC-1184-4D6D-AC68-F354C811A6F9}
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-05-29 07:46 --------- d-----w C:\Program Files\Real
2008-05-29 07:46 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-05-29 07:46 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-20 09:03 372,736 ----a-w C:\WINDOWS\suinsta4001.exe
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-02 07:36 32,768 ------w C:\Program Files\temp
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-11-06 19:51 3810544]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]
"Connection Manager"="C:\Program Files\BVRP Connection Manager\Nomad.exe" [2006-01-23 10:25 49152]
"ISUSPM"="C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe" [2007-03-29 15:41 222128]
"Widget Neuf"="C:\Program Files\Neuf\Widget Neuf\9widget.exe" [2008-04-30 10:34 722160]
"Neuf Media Center"="C:\Program Files\Neuf\Media Center\MediaCenter.exe" [2007-10-15 17:57 1025264]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 12:17 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 12:13 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 12:17 118784]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 15:02 53248]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 13:07 761946]
"ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 11:15 45056]
"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 16:45 2462208]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 15:50 69632]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 05:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2006-08-09 22:29 151552]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 19:29 352256]
"Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 12:54 3080704]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-07-20 22:15 593920]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 18:00 397312]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 13:08 61440]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22 517768]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-05-29 09:46 185896]
"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2008-03-18 18:47 287984]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:55 110592 C:\WINDOWS\system32\bthprops.cpl]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 14:54 16248320 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 18:04 2879488 C:\WINDOWS\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]
"Connection Manager"="C:\Program Files\BVRP Connection Manager\Nomad.exe" [2006-01-23 10:25 49152]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\MSNMSGR.EXE"=
"C:\\WINDOWS\\System32\\dpnsvr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"= C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R1 OsaFsLoc;OsaFsLoc;C:\WINDOWS\system32\drivers\OsaFsLoc.sys [2005-10-15 18:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 BVRPNDIS;BVRPNDIS Protocol Driver U/I;C:\Program Files\BVRP Connection Manager\BVRPNDIS.SYS [2004-06-02 16:56]
R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
R2 Nomad;Connection Manager;C:\Program Files\BVRP Connection Manager\NomadSvr.exe [2005-12-15 11:58]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
R3 NdisFilt;OSA NdisFilter Protocol;C:\WINDOWS\system32\Drivers\NdisFilt.sys [2005-09-13 15:34]
R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 16:23]
S3 FileObjInfo;STFileDriver;C:\Documents and Settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys []
S3 hitmanpro2;Hitman Pro 2 Driver;C:\Program Files\Hitman Pro\hitmanpro2.sys [2006-11-03 13:03]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
S3 TV_551805_Sp50;TV_551805_Sp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\TV_551805_Sp50.sys [2008-04-09 13:47]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f2d3474-fce6-11dc-b139-0016d465f2ed}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f2d3476-fce6-11dc-b139-0016cfc8bf0d}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbd00-fbf3-11dc-b136-0016d465f2ed}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbd01-fbf3-11dc-b136-0016d465f2ed}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8666916c-da03-11db-b035-0016d465f2ed}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebd5df0a-fcdd-11dc-b138-0016d465f2ed}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebd5df0b-fcdd-11dc-b138-0016d465f2ed}]
\Shell\AutoRun\command - F:\StartVMCLite.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-07-25 19:43:54 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
0
Réponse 8 / 21
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
25 juil. 2008 à 22:40
selectionne ceci


File::
C:\WINDOWS\system32\3C.tmp
C:\WINDOWS\system32\xkmsfari.ini




* Copie le texte sélectionné (CTRL+C).
* Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
* Veille à ce que Retour à la ligne ne soit pas coché dans Format.
* Colle le texte copié dans ce bloc-notes (CTRL+V).
* Sauvegarde ce fichier sous le nom de CFScript.txt
* Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme ceci
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
* Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt 


Note: Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur.
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.




ensuite repasse LOP S&D d'Eric71 en mode 2
et poste le rapport
0
Réponse 9 / 21
mehdidi75_9
25 juil. 2008 à 22:49
je tiens a te remercier pour ton aide avant tout
Voilà le rapport

ComboFix 08-07-24.6 - reda 2008-07-25 22:44:53.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.442 [GMT 2:00]
Endroit: C:\Documents and Settings\reda\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\reda\Mes documents\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\WINDOWS\system32\3C.tmp
C:\WINDOWS\system32\xkmsfari.ini
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\3C.tmp
C:\WINDOWS\system32\xkmsfari.ini
.
---- Previous Run -------
.
C:\WINDOWS\system32\_000007_.tmp.dll
C:\WINDOWS\system32\_000008_.tmp.dll
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\_000012_.tmp.dll
C:\WINDOWS\system32\_000013_.tmp.dll
C:\WINDOWS\system32\_000014_.tmp.dll
C:\WINDOWS\system32\iwohfoti.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\rtBefMoq.ini
C:\WINDOWS\system32\rtBefMoq.ini2

.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-25 to 2008-07-25 ))))))))))))))))))))))))))))))))))))
.

2008-07-25 21:27 . 2008-07-25 21:27 <REP> d-------- C:\Lop SD
2008-07-25 21:17 . 2008-07-25 21:17 <REP> d-------- C:\Program Files\Trend Micro
2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Documents and Settings\reda\Application Data\Malwarebytes
2008-07-25 19:56 . 2008-07-25 19:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-25 19:56 . 2008-07-23 20:09 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-25 19:56 . 2008-07-23 20:09 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Program Files\SUPERAntiSpyware
2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Documents and Settings\reda\Application Data\SUPERAntiSpyware.com
2008-07-25 19:44 . 2008-07-25 19:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-25 19:39 . 2008-07-25 19:39 <REP> d-------- C:\Program Files\AdwareSpywareScannerDeleter
2008-07-23 22:33 . 2008-07-23 22:33 <REP> d-------- C:\WINDOWS\system32\GroupPolicy
2008-07-23 22:32 . 2008-07-23 22:32 <REP> d-------- C:\Program Files\Hitman Pro
2008-07-23 19:37 . 2008-07-23 19:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-23 01:31 . 2008-07-23 01:31 <REP> d-------- C:\Program Files\Opera
2008-07-23 01:20 . 2008-07-23 13:21 400 --a------ C:\WINDOWS\wininit.ini
2008-07-23 00:17 . 2008-07-23 00:17 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-23 00:17 . 2008-07-23 00:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-23 00:08 . 2008-07-23 00:09 <REP> d-------- C:\Program Files\Lavasoft
2008-07-23 00:08 . 2008-07-23 00:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-22 19:59 . 2008-07-22 19:59 <REP> d-------- C:\Program Files\RegCleaner
2008-07-14 19:06 . 2008-07-14 19:06 <REP> d-------- C:\Program Files\adslTV
2008-07-08 20:42 . 2008-07-08 20:42 <REP> d-------- C:\Program Files\Apple Software Update
2008-06-30 13:27 . 2008-06-30 13:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2008-06-30 03:38 . 2008-06-30 03:38 <REP> d-------- C:\Program Files\Else plus
2008-06-27 15:40 . 2008-06-27 15:40 <REP> d-------- C:\Program Files\Fichiers communs\GTK

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-18 09:23 --------- d-----w C:\Program Files\neuf Talk
2008-06-18 09:17 --------- d-----w C:\Program Files\Neuf
2008-06-16 20:35 --------- d-----w C:\Program Files\Windows Mobile Device Handbook
2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-12 15:29 --------- d-----w C:\Program Files\VIRTUELSOFT
2008-06-12 15:28 --------- d-----w C:\Documents and Settings\reda\Application Data\{B2A6EEBC-1184-4D6D-AC68-F354C811A6F9}
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-05-29 07:46 --------- d-----w C:\Program Files\Real
2008-05-29 07:46 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-05-29 07:46 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-20 09:03 372,736 ----a-w C:\WINDOWS\suinsta4001.exe
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-02 07:36 32,768 ------w C:\Program Files\temp
.

((((((((((((((((((((((((((((( snapshot@2008-07-25_21.44.31.90 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-25 15:57:42 1,852 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{2DF143DB-A92C-4B90-BF9A-B9183C2B0E5D}.bin
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6A10732F-BDB9-48B3-9DF7-622478AD74FC}]
C:\WINDOWS\system32\jkkHAtrs.dll [BU]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78529661-4C15-4A68-B80A-8C49BC3F344D}]
C:\WINDOWS\system32\qoMfeBtr.dll [BU]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"WOOKIT"="C:\Program Files\Wanadoo\Shell.exe" [BU]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-11-06 19:51 3810544]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"WiFiSiStr"="C:\Program Files\DNsoft.be\DNsoft.be WiFi SiStr\WiFi SiStr.exe" [BU]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]
"Connection Manager"="C:\Program Files\BVRP Connection Manager\Nomad.exe" [2006-01-23 10:25 49152]
"ISUSPM"="C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe" [2007-03-29 15:41 222128]
"VMCL"="C:\Program Files\vodafone\vmclite\DongleEnumerator.exe" [BU]
"WINSOS VERIFY"="C:\Program Files\Winsos\WINSOS.EXE" [BU]
"Widget Neuf"="C:\Program Files\Neuf\Widget Neuf\9widget.exe" [2008-04-30 10:34 722160]
"Neuf Media Center"="C:\Program Files\Neuf\Media Center\MediaCenter.exe" [2007-10-15 17:57 1025264]
"book ante"="C:\DOCUME~1\reda\APPLIC~1\ELSEPL~1\AXISNEW.exe" [BU]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 12:17 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 12:13 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 12:17 118784]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 15:02 53248]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 13:07 761946]
"ntiMUI"="C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 11:15 45056]
"ADMTray.exe"="C:\Acer\Empowering Technology\admtray.exe" [2005-10-24 16:45 2462208]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 15:50 69632]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 05:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2006-08-09 22:29 151552]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 19:29 352256]
"Acer ePower Management"="C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 12:54 3080704]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-07-20 22:15 593920]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 18:00 397312]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 13:08 61440]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22 517768]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-05-29 09:46 185896]
"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2008-03-18 18:47 287984]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:55 110592 C:\WINDOWS\system32\bthprops.cpl]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 14:54 16248320 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 18:04 2879488 C:\WINDOWS\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]
"Connection Manager"="C:\Program Files\BVRP Connection Manager\Nomad.exe" [2006-01-23 10:25 49152]

C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{6A10732F-BDB9-48B3-9DF7-622478AD74FC}"= "C:\WINDOWS\system32\jkkHAtrs.dll" [BU]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkHAtrs]
jkkHAtrs.dll [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\MSNMSGR.EXE"=
"C:\\WINDOWS\\System32\\dpnsvr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"= C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R1 OsaFsLoc;OsaFsLoc;C:\WINDOWS\system32\drivers\OsaFsLoc.sys [2005-10-15 18:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 BVRPNDIS;BVRPNDIS Protocol Driver U/I;C:\Program Files\BVRP Connection Manager\BVRPNDIS.SYS [2004-06-02 16:56]
R2 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
R2 Nomad;Connection Manager;C:\Program Files\BVRP Connection Manager\NomadSvr.exe [2005-12-15 11:58]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2004-08-05 05:00]
R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
R3 NdisFilt;OSA NdisFilter Protocol;C:\WINDOWS\system32\Drivers\NdisFilt.sys [2005-09-13 15:34]
R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 16:23]
S3 FileObjInfo;STFileDriver;C:\Documents and Settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys []
S3 hitmanpro2;Hitman Pro 2 Driver;C:\Program Files\Hitman Pro\hitmanpro2.sys [2006-11-03 13:03]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
S3 TV_551805_Sp50;TV_551805_Sp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\TV_551805_Sp50.sys [2008-04-09 13:47]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f2d3474-fce6-11dc-b139-0016d465f2ed}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f2d3476-fce6-11dc-b139-0016cfc8bf0d}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbd00-fbf3-11dc-b136-0016d465f2ed}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbd01-fbf3-11dc-b136-0016d465f2ed}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8666916c-da03-11db-b035-0016d465f2ed}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebd5df0a-fcdd-11dc-b138-0016d465f2ed}]
\Shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebd5df0b-fcdd-11dc-b138-0016d465f2ed}]
\Shell\AutoRun\command - F:\StartVMCLite.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-07-25 20:43:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-07-12 12:11:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-25 22:46:25
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-07-25 22:47:04
ComboFix-quarantined-files.txt 2008-07-25 20:47:02

Pre-Run: 3,002,302,464 octets libres
Post-Run: 2,993,389,568 octets libres

248 --- E O F --- 2008-07-11 19:03:55
0
Réponse 10 / 21
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
25 juil. 2008 à 22:56
repasse LOP S&D d'Eric71 en mode 2
et poste le rapport ;)
0
Réponse 11 / 21
mehdidi75_9
25 juil. 2008 à 23:08
--------------------\\ Lop S&D 4.2.2-4 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : reda ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 25/07/2008 | 23:03:56,56 ] [ PC : ACER-4CCBBC5D09 ]
[ MAJ : 25-07-2008 | 17:45 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprime! - C:\DOCUME~1\reda\Cookies\reda@directinet.advertserve[1].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@advertising[2].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@bigpoint[1].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@fr.bigpoint[1].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@adin.bigpoint[3].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@bigpoint[2].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@fr1.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@cotedazurpalace[3].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@vegas-millions[2].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@www.2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@888[2].txt
Supprime! - C:\DOCUME~1\reda\Cookies\reda@888[3].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
Supprime! - C:\DOCUME~1\reda\APPLIC~1\ELSE PLUS
Supprime! - C:\Program Files\ELSE PLUS
Supprime! - C:\Program Files\Circle Developement

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[25/08/2006|06:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Acer
[25/08/2006|05:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[25/08/2006|06:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[25/08/2006|05:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[25/08/2006|06:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acer
[05/12/2007|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/04/2008|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/04/2008|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[14/05/2007|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[21/04/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[20/02/2008|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[06/02/2007|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[25/08/2006|05:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[15/04/2008|11:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[22/05/2008|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[23/07/2008|00:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[27/01/2008|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[25/07/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[04/03/2007|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[25/08/2006|05:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/07/2007|23:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy
[14/01/2008|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[30/06/2008|13:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[09/04/2008|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
[21/12/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[19/02/2007|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[23/07/2008|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[25/07/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[25/08/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[23/07/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[12/02/2007|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/02/2007|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[16/12/2007|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[20/02/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[07/02/2007|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[25/08/2006|05:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[14/05/2007|21:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[25/08/2006|05:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[20/05/2008|09:59] C:\DOCUME~1\reda\APPLIC~1\$_hpcst$.hpc
[12/06/2008|17:28] C:\DOCUME~1\reda\APPLIC~1\{B2A6EEBC-1184-4D6D-AC68-F354C811A6F9}
[25/08/2006|06:35] C:\DOCUME~1\reda\APPLIC~1\Acer
[27/02/2007|22:23] C:\DOCUME~1\reda\APPLIC~1\Adobe
[05/03/2007|19:04] C:\DOCUME~1\reda\APPLIC~1\AdobeUM
[20/04/2008|14:37] C:\DOCUME~1\reda\APPLIC~1\Apple Computer
[14/05/2007|21:13] C:\DOCUME~1\reda\APPLIC~1\AVG7
[21/04/2008|12:23] C:\DOCUME~1\reda\APPLIC~1\AVS4YOU
[19/02/2007|20:05] C:\DOCUME~1\reda\APPLIC~1\CyberLink
[25/08/2006|05:55] C:\DOCUME~1\reda\APPLIC~1\desktop.ini
[15/12/2007|06:22] C:\DOCUME~1\reda\APPLIC~1\DivX
[22/04/2008|23:26] C:\DOCUME~1\reda\APPLIC~1\dvdcss
[18/04/2007|17:52] C:\DOCUME~1\reda\APPLIC~1\Google
[06/02/2007|17:02] C:\DOCUME~1\reda\APPLIC~1\Help
[25/08/2006|06:16] C:\DOCUME~1\reda\APPLIC~1\Identities
[06/02/2007|21:44] C:\DOCUME~1\reda\APPLIC~1\Macromedia
[27/03/2008|21:33] C:\DOCUME~1\reda\APPLIC~1\Macrovision
[25/07/2008|19:56] C:\DOCUME~1\reda\APPLIC~1\Malwarebytes
[25/08/2006|05:55] C:\DOCUME~1\reda\APPLIC~1\Microsoft
[10/11/2007|16:38] C:\DOCUME~1\reda\APPLIC~1\Mozilla
[27/12/2007|17:54] C:\DOCUME~1\reda\APPLIC~1\MSN Pictures Displayer
[23/07/2008|01:32] C:\DOCUME~1\reda\APPLIC~1\Opera
[29/05/2008|09:45] C:\DOCUME~1\reda\APPLIC~1\Real
[15/12/2007|14:37] C:\DOCUME~1\reda\APPLIC~1\Samsung
[04/03/2007|21:04] C:\DOCUME~1\reda\APPLIC~1\Screenshot Sender
[19/02/2007|20:21] C:\DOCUME~1\reda\APPLIC~1\Skype
[02/09/2007|21:54] C:\DOCUME~1\reda\APPLIC~1\Sun
[25/07/2008|19:44] C:\DOCUME~1\reda\APPLIC~1\SUPERAntiSpyware.com
[02/12/2007|23:09] C:\DOCUME~1\reda\APPLIC~1\vlc
[26/06/2007|00:37] C:\DOCUME~1\reda\APPLIC~1\V-Safe
[18/12/2007|20:15] C:\DOCUME~1\reda\APPLIC~1\Yahoo!

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/07/2008 14:11][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[25/07/2008 21:41][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[06/02/2007|21:37] C:\Program Files\Acer
[25/08/2006|06:21] C:\Program Files\Acer Inc
[25/08/2006|06:22] C:\Program Files\Adobe
[14/07/2008|19:06] C:\Program Files\adslTV
[25/07/2008|19:39] C:\Program Files\AdwareSpywareScannerDeleter
[30/11/2007|14:34] C:\Program Files\Alwil Software
[08/07/2008|20:42] C:\Program Files\Apple Software Update
[16/04/2008|08:35] C:\Program Files\AskTBar
[08/04/2007|13:36] C:\Program Files\Athan
[20/05/2008|00:37] C:\Program Files\AvantGo Connect
[08/03/2007|20:49] C:\Program Files\AVI MPEG RM WMV Joiner
[21/04/2008|12:22] C:\Program Files\AVS4YOU
[20/04/2008|14:36] C:\Program Files\Bonjour
[27/01/2008|11:30] C:\Program Files\Boonty
[27/01/2008|11:30] C:\Program Files\BoontyGames
[20/02/2008|23:34] C:\Program Files\BVRP Connection Manager
[20/05/2008|00:37] C:\Program Files\Common Files
[25/08/2006|06:03] C:\Program Files\ComPlus Applications
[25/08/2006|06:18] C:\Program Files\CONEXANT
[25/08/2006|06:23] C:\Program Files\CyberLink
[07/06/2007|00:11] C:\Program Files\Dial-Messenger
[15/12/2007|06:11] C:\Program Files\DivX
[03/12/2007|23:18] C:\Program Files\DNsoft.be
[15/04/2008|11:25] C:\Program Files\DVD Shrink
[07/02/2007|13:00] C:\Program Files\eMule
[25/08/2006|05:55] C:\Program Files\Fichiers communs
[30/11/2007|14:25] C:\Program Files\FileZilla
[30/11/2007|12:14] C:\Program Files\Free
[20/12/2007|15:26] C:\Program Files\Freeplayer
[10/03/2007|18:03] C:\Program Files\Google
[14/05/2007|21:12] C:\Program Files\Grisoft
[23/07/2008|22:32] C:\Program Files\Hitman Pro
[15/04/2007|21:39] C:\Program Files\iMesh Applications
[25/08/2006|06:17] C:\Program Files\InstallShield Installation Information
[25/08/2006|06:11] C:\Program Files\Intel
[25/08/2006|06:03] C:\Program Files\Internet Explorer
[20/04/2008|14:37] C:\Program Files\iPod
[20/04/2008|14:36] C:\Program Files\iTunes
[02/09/2007|21:53] C:\Program Files\Java
[25/02/2007|03:31] C:\Program Files\K-Lite Codec Pack
[06/02/2007|21:40] C:\Program Files\Launch Manager
[23/07/2008|00:09] C:\Program Files\Lavasoft
[25/07/2008|19:56] C:\Program Files\Malwarebytes' Anti-Malware
[25/08/2006|06:02] C:\Program Files\Messenger
[04/03/2007|21:02] C:\Program Files\Messenger Plus! Live
[04/04/2008|15:15] C:\Program Files\MeuhMeuhTV Alpha
[20/05/2008|00:36] C:\Program Files\Microsoft ActiveSync
[10/05/2007|03:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[25/08/2006|06:05] C:\Program Files\microsoft frontpage
[16/12/2007|23:14] C:\Program Files\Microsoft SQL Server Compact Edition
[25/08/2006|06:03] C:\Program Files\Movie Maker
[10/11/2007|16:37] C:\Program Files\Mozilla Firefox
[25/08/2006|06:02] C:\Program Files\MSN
[25/08/2006|06:02] C:\Program Files\MSN Gaming Zone
[27/12/2007|17:52] C:\Program Files\MSN Pictures Displayer
[07/02/2007|00:36] C:\Program Files\MSXML 4.0
[20/12/2007|15:29] C:\Program Files\MyFreeTV
[25/08/2006|06:03] C:\Program Files\NetMeeting
[18/06/2008|11:17] C:\Program Files\Neuf
[18/06/2008|11:23] C:\Program Files\neuf Talk
[25/08/2006|06:26] C:\Program Files\NewTech Infosystems
[25/08/2006|06:02] C:\Program Files\Online Services
[23/07/2008|01:31] C:\Program Files\Opera
[25/08/2006|06:03] C:\Program Files\Outlook Express
[15/12/2007|06:13] C:\Program Files\Picasa2
[20/05/2008|11:03] C:\Program Files\POI-Warner SONY Edition
[20/04/2008|14:35] C:\Program Files\QuickTime
[29/05/2008|09:46] C:\Program Files\Real
[25/08/2006|06:17] C:\Program Files\Realtek
[22/07/2008|19:59] C:\Program Files\RegCleaner
[15/12/2007|13:45] C:\Program Files\Samsung
[06/02/2007|22:02] C:\Program Files\Securitoo
[25/08/2006|06:04] C:\Program Files\Services en ligne
[19/02/2007|20:19] C:\Program Files\Skype
[23/07/2008|00:17] C:\Program Files\Spybot - Search & Destroy
[25/07/2008|19:44] C:\Program Files\SUPERAntiSpyware
[25/08/2006|22:14] C:\Program Files\Symantec
[25/08/2006|06:20] C:\Program Files\Synaptics
[02/04/2008|09:36] C:\Program Files\temp
[25/07/2008|21:17] C:\Program Files\Trend Micro
[25/08/2006|06:16] C:\Program Files\Uninstall Information
[02/12/2007|23:03] C:\Program Files\VideoLAN
[12/06/2008|17:29] C:\Program Files\VIRTUELSOFT
[06/02/2007|16:52] C:\Program Files\Wanadoo
[11/06/2007|10:25] C:\Program Files\Windows Live
[10/02/2007|17:39] C:\Program Files\Windows Live Toolbar
[22/02/2007|17:44] C:\Program Files\Windows Media Connect 2
[25/08/2006|06:02] C:\Program Files\Windows Media Player
[16/06/2008|22:35] C:\Program Files\Windows Mobile Device Handbook
[25/08/2006|06:02] C:\Program Files\Windows NT
[25/08/2006|06:04] C:\Program Files\WindowsUpdate
[27/01/2008|11:36] C:\Program Files\WinRAR
[25/08/2006|06:05] C:\Program Files\xerox
[06/02/2007|21:44] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/12/2007|16:04] C:\Program Files\Fichiers communs\Adobe
[20/04/2008|14:34] C:\Program Files\Fichiers communs\Apple
[21/04/2008|12:22] C:\Program Files\Fichiers communs\AVSMedia
[04/04/2008|11:22] C:\Program Files\Fichiers communs\Blizzard Entertainment
[27/06/2008|15:40] C:\Program Files\Fichiers communs\GTK
[25/08/2006|06:17] C:\Program Files\Fichiers communs\InstallShield
[02/09/2007|21:52] C:\Program Files\Fichiers communs\Java
[25/08/2006|06:27] C:\Program Files\Fichiers communs\LightScribe
[25/08/2006|05:55] C:\Program Files\Fichiers communs\Microsoft Shared
[25/08/2006|06:04] C:\Program Files\Fichiers communs\MSSoap
[25/08/2006|06:27] C:\Program Files\Fichiers communs\muvee Technologies
[25/08/2006|06:26] C:\Program Files\Fichiers communs\NewTech Infosystems
[25/08/2006|05:55] C:\Program Files\Fichiers communs\ODBC
[29/05/2008|09:46] C:\Program Files\Fichiers communs\Real
[25/08/2006|06:04] C:\Program Files\Fichiers communs\Services
[19/02/2007|20:21] C:\Program Files\Fichiers communs\Skype
[25/08/2006|05:55] C:\Program Files\Fichiers communs\SpeechEngines
[25/08/2006|22:13] C:\Program Files\Fichiers communs\Symantec Shared
[25/08/2006|06:03] C:\Program Files\Fichiers communs\System
[16/12/2007|23:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[25/07/2008|19:44] C:\Program Files\Fichiers communs\Wise Installation Wizard
[29/05/2008|09:46] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 70 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-25 23:06:53
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

=> C:\DOCUME~1\reda\Local Settings\Application Data\Shareaza\Incomplete\(ECHOS) mutlu 1 (Crack) Album.wma
=> C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(ECHOS) mutlu 1 (Crack) Album.wma.xml
=> C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(DONE) cheb hafid rabani rabani _crack_ (Front).wma.xml


[F:10][D:3]-> C:\DOCUME~1\reda\LOCALS~1\Temp
[F:782][D:0]-> C:\DOCUME~1\reda\Cookies
[F:6][D:2]-> C:\DOCUME~1\reda\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

--------------------\\ Fin du rapport a 23:08:08,25
0
Réponse 12 / 21
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
25 juil. 2008 à 23:17
Supprime ces cracks ils sont infectès

=> C:\DOCUME~1\reda\Local Settings\Application Data\Shareaza\Incomplete\(ECHOS) mutlu 1 (Crack) Album.wma
=> C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(ECHOS) mutlu 1 (Crack) Album.wma.xml
=> C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(DONE) cheb hafid rabani rabani _crack_ (Front).wma.xml



ensuite
Télécharge malwarebytes
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Une aide pour l'installation
http://www.swl1f.net/viewtopic.php?f=14&t=68


=> Installe le
=> Ensuite va en mode sans echec


Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel


=> Lance malwarebytes
=> Coche "Executer un examen complet"
=> Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
=> Clique sur Supprimer la sélection
=> Pour poster le rapport Clique sur l'onglet Rapports/Logs, sélectionne celui t'intéresse et clique sur Ouvrir
=> Fait copier coller et poste le rapport

--------------------------

ensuite

* Télécharge CCleaner
https://filehippo.com/download_ccleaner/
=> Aide toi de ce tuto pour l'utiliser
http://www.swl1f.net/viewtopic.php?f=14&t=69

--------------------------

Ensuite refais un nouveau rapport HijackTis stp ;)
0
Réponse 13 / 21
mehdidi75_9
25 juil. 2008 à 23:38
comment je fais pour supprimer


=> C:\DOCUME~1\reda\Local Settings\Application Data\Shareaza\Incomplete\(ECHOS) mutlu 1 (Crack) Album.wma
=> C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(ECHOS) mutlu 1 (Crack) Album.wma.xml
=> C:\DOCUME~1\reda\Mes documents\Downloads\Metadata\(DONE) cheb hafid rabani rabani _crack_ (Front).wma.xml
0
Réponse 14 / 21
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
26 juil. 2008 à 00:34
Shareaza => P2P facteur de risques pour infections

Tu as télécharger des morceaux de musique et il sont infectés
Le P2P c'est source de nombreuses infections.
Le P2P est un système permettant la connexion directe d'ordinateurs les uns aux autres. En résumé, tu ouvre sur ton pc un accès à des millions d'internautes, donc des individus malveillants pourraient introduire virus, cheval de Troie ect..

Le mieux supprime Shareaza de ton PC car un album ça coute 15 euros un PC ça coute 500 euros ;)
Je pense qu'il faut réagir à ça :)

Pour le reste j'attends ton rapport de Malwarebytes

@+
0
Réponse 15 / 21
mehdidi75_9
26 juil. 2008 à 12:18
Voilà le rapport et je les déja supprimer shareaza et je les remis:

Malwarebytes' Anti-Malware 1.23
Version de la base de données: 993
Windows 5.1.2600 Service Pack 2

10:50:08 26/07/2008
mbam-log-7-26-2008 (10-50-08).txt

Type de recherche: Examen complet (C:\|D:\|E:\|G:\|)
Eléments examinés: 97144
Temps écoulé: 2 hour(s), 49 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 472

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\reda\Local Settings\Application Data\Mozilla\Firefox\Profiles\v6su6gn7.default\Cache(3)\348820F2d01 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.342.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.343.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.2.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.3.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.4.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.5.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.6.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.7.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.8.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.9.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.10.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.11.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.12.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.13.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.14.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.15.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.16.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.17.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.18.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.19.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.20.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.21.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.22.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.23.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.24.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.25.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.26.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.27.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.28.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.29.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.30.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.31.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.32.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.33.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.34.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.35.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.36.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.37.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.38.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.39.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.40.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.41.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.42.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.43.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.44.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.45.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.46.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.47.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.48.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.49.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.50.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.51.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.52.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.53.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.54.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.55.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.56.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.57.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.58.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.59.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.60.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.61.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.62.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.63.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.64.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.65.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.66.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.67.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.68.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.69.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.70.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.71.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.72.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.73.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.74.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.75.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.76.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.77.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.78.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.79.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.80.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.81.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.82.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.83.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.84.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.85.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.86.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.87.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.88.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.89.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.90.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.91.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.92.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.93.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.94.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.95.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.96.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.97.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.98.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.99.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.100.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.101.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.102.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.103.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.104.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.105.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.106.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.107.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.108.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.109.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.110.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.111.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.112.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.113.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.114.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.115.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.116.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.117.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.118.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.119.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.120.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.121.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.122.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.123.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.124.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.125.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.126.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.127.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.128.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.129.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.130.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.131.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.132.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.133.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.134.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.135.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.136.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.137.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.138.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.139.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.140.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.141.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.142.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.143.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.144.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.145.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.146.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.147.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.148.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.149.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.150.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.151.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.152.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.153.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.154.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.155.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.156.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.157.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.158.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.159.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.160.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.161.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.162.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.163.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.164.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.165.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.166.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.167.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.168.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.169.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.170.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.171.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.172.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.173.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.174.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.175.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.176.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.177.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.178.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.179.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.180.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.181.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.182.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.183.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.184.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.185.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.186.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.187.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.188.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.189.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.190.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.191.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.192.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.193.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.194.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.195.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.196.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.197.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.198.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.199.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.200.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.201.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.202.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.203.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.204.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.205.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.206.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.207.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.208.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.209.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.210.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.211.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.212.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.213.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.214.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.215.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.216.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.217.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.218.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.219.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.220.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.221.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.222.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.223.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.224.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.225.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.226.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.227.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.228.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.229.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.230.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.231.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.232.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.233.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.234.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.235.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.236.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.237.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.238.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.239.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.240.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.241.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.242.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.243.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.244.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.245.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.246.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.247.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.248.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.249.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.250.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.251.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.252.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.253.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.254.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.255.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.256.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.257.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.258.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.259.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.260.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.261.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.262.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.263.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.264.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.265.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.266.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.267.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.268.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.269.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.270.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.271.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.272.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.273.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.274.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.275.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.276.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.277.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.278.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.279.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.280.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.281.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.282.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.283.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.284.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.285.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.286.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.287.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.288.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.289.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.290.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.291.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.292.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.293.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.294.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.295.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.296.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.297.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.298.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.299.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.300.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.301.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.302.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.303.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.304.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.305.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.306.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.307.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.308.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.309.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.310.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.311.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.312.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.313.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.314.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.315.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.316.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.317.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.318.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.319.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.320.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.321.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.322.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.323.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.324.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.325.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.326.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.327.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.328.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.329.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.330.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.331.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.332.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.333.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.334.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.335.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.336.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.337.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.338.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.339.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.340.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.341.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.344.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.345.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.346.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.347.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.348.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.349.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.350.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.351.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.352.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.353.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.354.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.355.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.356.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.357.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.358.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.359.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.360.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.361.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.362.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.363.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.364.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.365.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.366.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.367.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.368.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.369.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.370.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.371.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.372.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.373.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.374.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.375.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.376.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.377.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.378.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.379.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.380.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.381.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.382.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.383.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.384.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.385.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.386.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.387.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.388.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.389.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.390.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.391.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.392.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.393.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.394.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.395.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.396.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.397.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.398.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.399.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.400.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.401.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.402.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.403.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.404.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.405.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.406.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.407.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.408.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.409.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.410.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.411.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.412.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.413.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.414.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.415.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.416.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.417.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.418.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.419.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.420.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.421.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.422.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.423.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.424.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.425.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.426.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.427.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.428.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.429.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.430.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.431.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.432.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.433.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.434.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.435.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.436.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.437.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\vav.cpl.438.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP334\A0110006.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP334\A0110010.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP342\A0110788.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP342\A0110789.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP342\A0110825.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP342\A0110826.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP342\A0110827.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP344\A0110979.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP344\A0110980.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP344\A0110981.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP344\A0111114.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP344\A0112144.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP345\A0112157.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP345\A0112344.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP345\A0112354.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP345\A0112381.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP345\A0112395.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP346\A0112460.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP347\A0112476.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP347\A0112623.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP347\A0112668.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP347\A0113707.DLL (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP347\A0113719.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP348\A0113798.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP348\A0114821.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP348\A0114843.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP348\A0114845.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{03F610A5-17ED-4F43-A985-7D9B4A9C3C3D}\RP348\A0114875.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_
0
Réponse 16 / 21
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
26 juil. 2008 à 12:39
Bonjour

Pour le P2P
je te conseil vivement de l'oublier
mais bon te feras comme tu voudras ;)

Pour continuer la recherche

Télécharge sur ton bureau DSS (ex Comboscan) de Deckard:

(choisis enregistrer, puis Bureau comme emplacement)

http://deckard.geekstogo.com/dss.exe

Ferme toutes les applications en cours.

Double-clic sur comboscan.exe pour lancer l'outil.

Une fenêtre s'ouvre, invitant à fermer toutes les applications, clique sur OK.

A la fin de l'analyse, une fenêtre s'ouvre, clique sur OK.

Le rapport Comboscan.txt va s'afficher, copie le dans ta prochaine réponse.
Si un rapport complémentaire a été créé, poste le aussi dans ta réponse.

@+
0
Réponse 17 / 21
mehdidu75_9
26 juil. 2008 à 12:52
donc le premier rapport merci beaucoup de prendre ton temps pour m'aider:

Deckard's System Scanner v20071014.68
Run by reda on 2008-07-26 12:48:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
45: 2008-07-26 10:48:07 UTC - RP363 - Deckard's System Scanner Restore Point
44: 2008-07-25 21:20:13 UTC - RP362 - Installed Windows Live
43: 2008-07-25 21:19:03 UTC - RP361 - Installé Windows Live installer
42: 2008-07-25 20:57:39 UTC - RP360 - Supprimé Windows Live installer
41: 2008-07-25 20:54:23 UTC - RP359 - Supprimé Windows Live Toolbar


-- First Restore Point --
1: 2008-07-22 00:15:15 UTC - RP319 - Point de vérification système


Backed up registry hives.
Performed disk cleanup.

[color=red]System Drive C: has 3.87 GiB (less than 15%) free.[/color]


-- HijackThis (run as reda.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:49:37, on 26/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\BVRP Connection Manager\Nomad.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe
C:\Program Files\BVRP Connection Manager\NomadSvr.exe
C:\Program Files\Neuf\Widget Neuf\9widget.exe
C:\Program Files\Neuf\Media Center\MediaCenter.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\DOCUME~1\reda\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\reda\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\reda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {6A10732F-BDB9-48B3-9DF7-622478AD74FC} - C:\WINDOWS\system32\jkkHAtrs.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {78529661-4C15-4A68-B80A-8C49BC3F344D} - C:\WINDOWS\system32\qoMfeBtr.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /normal-run2
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WiFiSiStr] C:\Program Files\DNsoft.be\DNsoft.be WiFi SiStr\WiFi SiStr.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [VMCL] C:\Program Files\vodafone\vmclite\DongleEnumerator.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [Widget Neuf] "C:\Program Files\Neuf\Widget Neuf\9widget.exe"
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: jkkHAtrs - jkkHAtrs.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Connection Manager (Nomad) - Unknown owner - C:\Program Files\BVRP Connection Manager\NomadSvr.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
0
Réponse 18 / 21
mehdidu75_9
26 juil. 2008 à 12:54
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French

CPU 0: Intel(R) Celeron(R) M CPU 420 @ 1.60GHz
Percentage of Memory in Use: 50%
Physical Memory (total/avail): 1014.04 MiB / 504.99 MiB
Pagefile Memory (total/avail): 2439.95 MiB / 1858.68 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1910.87 MiB

C: is Fixed (FAT32) - 34.57 GiB total, 3.88 GiB free.
D: is Fixed (FAT32) - 35.06 GiB total, 1.75 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - HTS541080G9AT00 - 74.53 GiB - 3 partitions
\PARTITION0 - Unknown - 4.88 GiB
\PARTITION1 (bootable) - Unknown - 34.58 GiB - C:
\PARTITION2 - Unknown - 35.07 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.

AV: avast! antivirus 4.8.1229 [VPS 080725-1] v4.8.1229 (ALWIL Software)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\System32\\dpnsvr.exe"="C:\\WINDOWS\\System32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Disabled:VLC media player"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Neuf\\Media Center\\httpd\\httpd.exe"="C:\\Program Files\\Neuf\\Media Center\\httpd\\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\reda\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=ACER-4CCBBC5D09
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\reda
LOGONSERVER=\\ACER-4CCBBC5D09
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\QuickTime\QTSystem;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\QuickTime\QTSystem;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
RNLOG_BASEKEY=Software\RealNetworks\RealPlayer\6.0\Preferences\BrowserRecordPluginLog
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\reda\LOCALS~1\Temp
TMP=C:\DOCUME~1\reda\LOCALS~1\Temp
USERDOMAIN=ACER-4CCBBC5D09
USERNAME=reda
USERPROFILE=C:\Documents and Settings\reda
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

reda [I](admin)/I


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13E613EF-BB55-11D9-9D77-000129760D75}\setup.exe" -uninstall
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.exe" -uninstall
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer Arcade --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
Acer eDataSecurity Management 1.00.26 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E431C518-2EE2-471E-9234-BE995C36D513}\setup.exe" -l0x40c -removeonly
Acer eLock Management --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}
Acer Empowering Technology framework --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{15B70821-7893-4607-805A-BB80F3EA8279}
Acer ePerformance Management --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DEE08946-40F0-4890-853E-60A6C3306041}
Acer ePower Management --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
Acer ePresentation Management --> C:\WINDOWS\UnInst32.exe AcerePrj.UNI
Acer eSettings Management --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}
Acer GridVista --> C:\WINDOWS\UnInst32.exe GridV.UNI
Acer OrbiCam --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\setup.exe" -l0x40c
Acer Screensaver --> MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe Shockwave Player --> C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\INSTALL.LOG
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVI/MPEG/RM/WMV Joiner 4.82 --> "C:\Program Files\AVI MPEG RM WMV Joiner\unins000.exe"
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
BVRP Connection Manager Lite --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2D88DF3-EF39-456E-A393-BF48037D985A}\setup.exe" -l0x40c -removeonly
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683) --> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB896256) --> "C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB909667) --> "C:\WINDOWS\$NtUninstallKB909667$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB918005) --> "C:\WINDOWS\$NtUninstallKB918005$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB935448) --> "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB885855 --> C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe
Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
Essai de World of Warcraft --> C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft Trial\Uninstall.exe
Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025007F\HXFSETUP.EXE -U -IWstAzlK.inf
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Documents and Settings\reda\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
iMesh MediaBar --> regsvr32 /u /s "C:\Program Files\iMesh applications\iMesh MediaBar\MediaBar.dll"
Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
L'Album de Bébé --> MsiExec.exe /I{FF1A5077-C7E9-442A-B57A-37C23606AEE4}
Launch Manager --> C:\WINDOWS\UnInst32.exe LManager.UNI
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Lop S&D --> C:\Lop SD\Uninstal.exe
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuel de l'appareil Windows Mobile® --> C:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe
Messenger Plus! Live & Sponsor (CiD) --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748) --> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB912945) --> "C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB932823-v3) --> "C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.16) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe
Neuf - Media Center --> C:\Program Files\Neuf\Media Center\uninstall.exe
Neuf - Widget Neuf --> C:\Program Files\Neuf\Widget Neuf\uninstall.exe
neuf Talk 1.4 --> C:\Program Files\neuf Talk\uninst.exe
NTI Backup NOW! 4.5 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B06B842F-2450-494F-BBDE-217CDC151A37}\setup.exe" -l0x9 -uninst -removeonly
NTI CD & DVD-Maker --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer --> C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
SAMSUNG CDMA Modem Driver Set --> C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Shareaza 2.3.1.0 --> "C:\Program Files\Shareaza\Uninstall\unins000.exe"
Skype 3.0 --> "C:\Program Files\Skype\Phone\unins000.exe"
Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
Skype Toolbar for Microsoft Office --> "C:\Program Files\Skype\toolbars\Skype for Microsoft Office\unins000.exe"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
VideoLAN VLC media player 0.8.6b --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Yahoo! Messenger --> C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar avec bloqueur de fenêtres pop-up --> C:\PROGRA~1\YAHOO!\common\unyt.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type27945 / Warning
Event Submitted/Written: 07/25/2008 08:11:30 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows ne peut pas décharger vos classes fichier de Registre - il est en cours d'utilisation par d'autres applications ou services. Le fichier sera déchargé quand il ne sera plus utilisé.

Event Record #/Type27917 / Error
Event Submitted/Written: 07/25/2008 06:21:22 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Détecteur d'erreurs 744394775.

Event Record #/Type27916 / Error
Event Submitted/Written: 07/25/2008 06:21:13 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Application bloquée 9widget.exe, version 8.4.29.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Event Record #/Type27879 / Error
Event Submitted/Written: 07/25/2008 02:19:57 PM
Event ID/Source: 5000 / Windows Live Messenger
Event Description:
msnmsgrdiagnosticmsnmsgr.exe8.5.1302login081000306NILNILNILNILNIL

Event Record #/Type27864 / Warning
Event Submitted/Written: 07/25/2008 02:04:56 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows ne peut pas décharger vos classes fichier de Registre - il est en cours d'utilisation par d'autres applications ou services. Le fichier sera déchargé quand il ne sera plus utilisé.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type178558 / Error
Event Submitted/Written: 07/26/2008 11:43:04 AM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Délai (30000 millisecondes) d'attente pour une réponse du service stisvc à une transaction.

Event Record #/Type178557 / Error
Event Submitted/Written: 07/26/2008 11:42:56 AM
Event ID/Source: 7 / Disk
Event Description:
Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Event Record #/Type178556 / Error
Event Submitted/Written: 07/26/2008 11:42:49 AM / 07/26/2008 11:42:56 AM
Event ID/Source: 7 / Disk
Event Description:
Le périphérique \Device\Harddisk1\D comporte un bloc défectueux.

Event Record #/Type178554 / Warning
Event Submitted/Written: 07/26/2008 11:15:36 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Event Record #/Type178546 / Warning
Event Submitted/Written: 07/26/2008 10:57:21 AM
Event ID/Source: 20192 / RemoteAccess
Event Description:
Un certificat n'a pas été trouvé. Les connexions qui utilisent le protocole L2TP sur IPSec
nécessitent l'installation d'un certificat d'ordinateur.
Aucun appel L2TP ne sera accepté.



-- End of Deckard's System Scanner: finished at 2008-07-26 12:50:23 ------------
0
Réponse 19 / 21
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
26 juil. 2008 à 13:38
Télécharge sur le Bureau http://siri.urz.free.fr/Fix/SmitfraudFix.exe
=> Double clic sur SmitfraudFix.zip
=> Extraire tout
=> Double clic sur SmitfraudFix
=> Double Clic sur SmitfraudFix.cmd
=> Choisir Option 1
=> poste le rapport
@+
0
Réponse 20 / 21
mehdidu75_9
26 juil. 2008 à 14:26
SmitFraudFix v2.331

Rapport fait à 14:25:12,39, 26/07/2008
Executé à partir de C:\Documents and Settings\reda\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\BVRP Connection Manager\Nomad.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\isuspm.exe
C:\Program Files\BVRP Connection Manager\NomadSvr.exe
C:\Program Files\Neuf\Widget Neuf\9widget.exe
C:\Program Files\Neuf\Media Center\MediaCenter.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\DOCUME~1\reda\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\reda\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\reda


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\reda\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\reda\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Atheros AR5005G Wireless Network Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{60945AF5-A85C-4FC5-927F-530770932DB3}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{60945AF5-A85C-4FC5-927F-530770932DB3}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{60945AF5-A85C-4FC5-927F-530770932DB3}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
0

Discussions similaires

adware.pokki
SuperFun -
SuperFun -

9 réponses
expressions francaises
bifaka -
lanonyme -

4 réponses
Virus détecté
Koony -
MisteryBean -

6 réponses
Présence ou non de cheval de troie ?
hunter55 -
Malekal_morte- -

14 réponses
infecté par des virus
Lisy59120 -
Lisy59120 -

5 réponses