Se connecter / S'enregistrer
Votre question

Aide sur hijackthis log

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Mai 2010 14:42:30

Bonjour,

depuis 3 jours je me bats avec mon ordi pour le remettre sur pied apres avoir chopé des spywares, malwares, virus...
Avira est fou depuis ces 2 derniers jours...il n'arrete pas de bipper et m'afficher que l'ordi est mal en point...
trojan et compagnie.
j'ai lancé un hijackthis pour regarder ce qui ne vas pas et effectivement il y qques trucs qui sont mauvais et d'autres un peu moins mais quand meme suspects.
Y aurait il qqu un pour m'aider a corriger les problemes ?
Je vous joins le .log
Merci d'avance du temps que vous me consacrerez :love: 
Fil

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:01, on 21/05/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sdra64.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe
C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\svchosty.exe
C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Ansys Inc\Shared Files\Licensing\intel\ansyslmd.exe
d:\Gehry Technologies\Digital Project V1,R3\DSB17\intel_a\code\bin\CATSysDemon.exe
C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\svchosty.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\svchosty.exe
C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\svchosty.exe
C:\WINDOWS\system32\hinsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\svchosty.exe
C:\Program Files\Fichiers communs\RbtProt\sgsrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\svchosty.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\svchosty.exe
C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\svchosty.exe
C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
C:\WePrint\WePrint Server.exe
C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\svchosty.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Sony Shared\Avlib\SSScsiSV.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\HPZinw12.exe
C:\WINDOWS\svc.exe
C:\WINDOWS\servicelayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\ctfmon.exe
C:\Documents and Settings\Philippe COELHO\Bureau\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vcl.vaio.sony.co.jp/eu/PforVAIO.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,
O1 - Hosts: HPC99E73 HP001B78C99E73
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre1.6.0_17\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [abvgiuyl] C:\Documents and Settings\Philippe COELHO\Local Settings\Application Data\rcikhkoni\fprrmcjtssd.exe
O4 - HKLM\..\Run: [lsass] C:\WINDOWS\lsass.exe
O4 - HKLM\..\Run: [netc] C:\WINDOWS\svc.exe
O4 - HKLM\..\Run: [C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\ope375.exe ] C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\ope375.exe
O4 - HKLM\..\Run: [efccywsys] rundll32.exe "vturpq.dll",DllRegisterServer
O4 - HKLM\..\Run: [C:\WINDOWS\TEMP\ope3F6.exe ] C:\WINDOWS\TEMP\ope3F6.exe
O4 - HKLM\..\Run: [netw] C:\WINDOWS\svw.exe
O4 - HKLM\..\Run: [ctfmon] C:\WINDOWS\ctfmon.exe
O4 - HKLM\..\Run: [fcyywtdrv] rundll32.exe "fccdcy.dll",s
O4 - HKLM\..\Run: [C:\WINDOWS\TEMP\ope423.exe ] C:\WINDOWS\TEMP\ope423.exe
O4 - HKLM\..\Run: [C:\WINDOWS\TEMP\ope10.exe ] C:\WINDOWS\TEMP\ope10.exe
O4 - HKLM\..\Run: [C:\WINDOWS\TEMP\ope4D.exe ] C:\WINDOWS\TEMP\ope4D.exe
O4 - HKLM\..\Run: [C:\WINDOWS\TEMP\ope140.exe ] C:\WINDOWS\TEMP\ope140.exe
O4 - HKLM\..\Run: [C:\WINDOWS\TEMP\ope142.exe ] C:\WINDOWS\TEMP\ope142.exe
O4 - HKLM\..\Run: [C:\WINDOWS\TEMP\opeBB.exe ] C:\WINDOWS\TEMP\opeBB.exe
O4 - HKLM\..\Run: [servicelayer] C:\WINDOWS\servicelayer.exe
O4 - HKLM\..\Run: [C:\WINDOWS\TEMP\ope83.exe ] C:\WINDOWS\TEMP\ope83.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [C:\WINDOWS\TEMP\opeD.exe ] C:\WINDOWS\TEMP\opeD.exe
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [PrepareYourVAIO] C:\Program Files\Sony\Prepare your VAIO\PYVAlert.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1161634837\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\RunServices: [BB114060Macrovision] C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\mjRA.exe
O4 - HKLM\..\RunServices: [aacdecdllMSVCR71] c:\program files\fichiers communs\sony shared\mp4lib\mpeg4visual.exe
O4 - HKLM\..\RunServices: [QuickTimeResourcesQuickTimeResources7.6.41327.73] c:\program files\quicktime\qtsystem\quicktimestreamingauthoring.resources\en.lproj\quicktimequicktimeresources.exe
O4 - HKLM\..\RunServices: [WibuShellExtWIBUSYSTEMS] c:\program files\wibu-systems\system\wibushellextwibushellext.exe
O4 - HKLM\..\RunServices: [swtwglwin323318Studio] c:\program files\azureus\swtawtwin323139swtgdipwin323232.exe
O4 - HKLM\..\RunServices: [MainrlangHomePlugin] c:\program files\fichiers communs\sonic shared\sonic central\home\mainrlanghomeplugin.exe
O4 - HKLM\..\RunServices: [DecoderMPEG43604726] c:\program files\fichiers communs\sony shared\mp4lib\mpeg4visual.exe
O4 - HKLM\..\RunServices: [WIBUSYSTEMSWibuShellExt] C:\program files\wibu-systems\system\wibushellextwibushellext.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhoneDaemon] C:\Documents and Settings\Philippe COELHO\Bureau\Iphone\iphone_pcsuite\iPhone PC Suite\PhoneDaemon.exe
O4 - HKCU\..\Run: [syiuu] "c:\documents and settings\philippe coelho\local settings\application data\syiuu.exe" syiuu
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [abvgiuyl] C:\Documents and Settings\Philippe COELHO\Local Settings\Application Data\rcikhkoni\fprrmcjtssd.exe
O4 - HKCU\..\Run: [rqppnndrv] rundll32.exe "fccdcy.dll",s
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [WinClicker.exe] "C:\Program Files\Salling Software AB\Salling Clicker\WinClicker.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AnumanLive] C:\Documents and Settings\Philippe COELHO\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
O4 - Startup: WePrint Server.lnk = C:\WePrint\WePrint Server.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://www.m6video.fr/1click/install/files/installer2.c...
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
O16 - DPF: {143B3E6F-2C70-4238-85A1-D4F414C792B8} (DemoShield DemoX Class) - http://www.isbat.fr/fr/demo_logiciel_git/des/demox.cab
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/59.19/uploader2.cab
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - http://contacts.orange.fr/wfr_webab/VoxsyncX.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMg...
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
O16 - DPF: {640373B0-6978-4FA5-A9FC-420ECBBC61C7} (Web Viewer Class) - file:///D:/ArchiFil/Clients/WEYGAND/Margny%20les%20Compiegnes/TRVX/PublicWeb/dll/zkitlib.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/Vide...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/curre...
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O21 - SSODL: SwUpdate - {003541A1-3BC0-1B1C-AAF3-040114001C01} - C:\Documents and Settings\All Users\Application Data\Macromedia\SwUpdate\swupdate.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: ANSYS FLEXlm license manager - Macrovision Corporation - C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe
O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - d:\Gehry Technologies\Digital Project V1,R3\DSB17\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hinsrv Service (Hinsrv) - Unknown owner - C:\WINDOWS\system32\hinsrv.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SoftGuard Service (SG_Service) - Unknown owner - C:\Program Files\Fichiers communs\RbtProt\sgsrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Avlib\SSScsiSV.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: Apache Tomcat (Tomcat5) - Apache Software Foundation - C:\Program Files\Apache Software Foundation\Tomcat 5.5\bin\tomcat5.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 23883 bytes

Autres pages sur : aide hijackthis log

a c 267 8 Sécurité
21 Mai 2010 16:19:27

Bonjour,

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    22 Mai 2010 10:54:20

    Bonjour Destrio,

    j'ai executé ce que tu m'as conseillé.
    Après la suppression, il m'a ouvert une box me disant qu'il n'avait pas reussi a tout supprimer, peut etre avait il besoin du reboot pour ça.
    voici donc le rapport.
    Qu'en penses tu ? a t il bien tout reparé?
    merci encore de ton attention
    Fil

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 4129

    Windows 5.1.2600 Service Pack 2
    Internet Explorer 8.0.6001.18702

    22/05/2010 10:35:56
    mbam-log-2010-05-22 (10-35-56).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 166056
    Temps écoulé: 18 minute(s), 59 seconde(s)

    Processus mémoire infecté(s): 3
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 51
    Valeur(s) du Registre infectée(s): 21
    Elément(s) de données du Registre infecté(s): 3
    Dossier(s) infecté(s): 15
    Fichier(s) infecté(s): 176

    Processus mémoire infecté(s):
    C:\WINDOWS\system32\sdra64.exe (Spyware.Zbot) -> Unloaded process successfully.
    C:\WINDOWS\ctfmon.exe (Trojan.Agent) -> Unloaded process successfully.
    C:\WINDOWS\servicelayer.exe (Backdoor.Bot) -> Unloaded process successfully.

    Module(s) mémoire infecté(s):
    C:\Documents and Settings\All Users\Application Data\Macromedia\SwUpdate\swupdate.dll (Spyware.Passwords) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{003541a1-3bc0-1b1c-aaf3-040114001c01} (Spyware.Passwords) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\OOO (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\OOO (Rogue.LivePlayer) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\syiuu (Trojan.Agent.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\swupdate (Spyware.Passwords) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c:\windows\temp\oped.exe (Trojan.Inject) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\abvgiuyl (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\abvgiuyl (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ctfmon (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\servicelayer (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rqppnndrv (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsass (Trojan.Alphabet) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netc (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netw (Trojan.Dropper) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fcyywtdrv (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fcyyywdrv (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fcyyywdrv (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\efccywsys (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ssrsttsys (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ssrsttsys (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\c:\windows\temp\ope10.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\c:\windows\temp\ope4d.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\c:\windows\temp\ope83.exe (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\windows\system32\sdra64.exe -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: system32\sdra64.exe -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Menu Démarrer\Programmes\BitDownload (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\Philippe COELHO\Local Settings\Application Data\syiuu_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Local Settings\Application Data\syiuu_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Local Settings\Application Data\syiuu.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Macromedia\SwUpdate\swupdate.dll (Spyware.Passwords) -> Delete on reboot.
    C:\WINDOWS\Temp\opeD.exe (Trojan.Inject) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\opeD.exe (Trojan.Inject) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\3.tmp (VirTool.Obfuscator) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Application Data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lowsec\user.ds.lll (Stolen.data) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sdra64.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Local Settings\Temp\60325cahp25ca0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\avto.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\ctfmon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\servicelayer.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\teste2_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\teste3_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Macromedia\SwUpdate\Local.dtd (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Macromedia\SwUpdate\Ui.dtd (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\1your_exe.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Philippe COELHO\Local Settings\Temp\svchosty.exe (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\Temp\svchosty.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    Contenus similaires
    22 Mai 2010 11:10:42

    Destrio,

    windows me propose de faire une mise a jour en service pack 3, est que je dois accepter? j'ai un vieux vaio vgn s5xp, est ce que ça en ameliorera ses performances ?
    merci encore
    Fil
    a c 267 8 Sécurité
    23 Mai 2010 03:47:30

    Il est préférable de tenir Windows à jour.

    Ça n'améliorera pas les performances.

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge OTL (de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    a c 267 8 Sécurité
    25 Mai 2010 01:28:19

    Il reste encore quelques cochonneries.

  • Télécharge UsbFix (par El Desaparecido & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    25 Mai 2010 12:59:14

    Salut Destrio,

    voici le rapport UsbFix.
    J'ai oublié de te demander pourquoi je me retrouve avec 5 lecteurs de disc/dvd. J'ai ça depuis que j'ai recupéré la main sur windows (c'est a dire, réparé xp avec le cd d'install).
    D'ailleurs pour pouvoir reparer windows, j'avais du installer un autre windows sur le disque D: comment puis je l'effacer maintenant?
    Merci
    Fil

    ############################## | UsbFix V6.114 |

    User : Philippe COELHO (Administrateurs) # VAIO
    Update on 17/05/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 12:39:06 | 25/05/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Pentium(R) M processor 2.00GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Disabled
    AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
    FW : Avira Pare-feu[ Enabled ]9.0.1.32

    C:\ -> Disque fixe local # 37,26 Go (2,42 Go free) [VAIO] # NTFS
    D:\ -> Disque fixe local # 48,91 Go (10,25 Go free) [VAIO] # NTFS
    E:\ -> Disque amovible
    F:\ -> Disque CD-ROM
    G:\ -> Disque CD-ROM
    H:\ -> Disque CD-ROM
    I:\ -> Disque CD-ROM
    J:\ -> Disque CD-ROM
    K:\ -> Disque amovible # 7,47 Go (1,86 Go free) [DEAR] # FAT32
    L:\ -> Disque fixe local # 372,52 Go (166,49 Go free) [PHIL_UP] # FAT32
    M:\ -> Disque amovible # 3,73 Go (3,01 Go free) [USB FIL] # FAT32

    ################## | Elements infectieux |

    C:\WINDOWS\System32\logon.exe
    K:\autorun.inf -> fichier appelé : "K:\autorun.exe" ( Absent ! )
    K:\autorun.inf

    ################## | Registre |

    [HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\policies\System] "DisableRegistryTools"
    [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\policies\System] "DisableRegistryTools"

    ################## | Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{090a0fba-e419-11db-bd6a-0013ce7edc9e}
    Shell\Auto\command =AdobeR.exe e
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    HKCU\..\..\Explorer\MountPoints2\{3372c51d-62bc-11df-b7bc-806d6172696f}
    Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe
    Shell\Explore\command =autorun.exe
    Shell\Open\command =autorun.exe

    HKCU\..\..\Explorer\MountPoints2\{8969d646-5816-11df-881c-0013ce7edc9e}
    Shell\AutoRun\command =H:\buildsoftcd.exe

    HKCU\..\..\Explorer\MountPoints2\{a05bc270-a0f6-11dd-8296-0013ce7edc9e}
    Shell\AutoRun\command =WD_Windows_Tools\Setup.exe

    ################## | Vaccin |


    ################## | ! Fin du rapport # UsbFix V6.114 ! |


    a c 267 8 Sécurité
    25 Mai 2010 17:24:33

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    25 Mai 2010 21:17:36

    Salut Destrio,

    voici le rapport usbFix.txt apres execution de l'option 2 (suppression).
    Pour le second windows sur D: est ce que je peux supprimer juste le dossier windows? et ça suffira ?
    Merci

    ############################## | UsbFix V6.114 |

    User : Philippe COELHO (Administrateurs) # VAIO
    Update on 17/05/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 20:57:04 | 25/05/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Pentium(R) M processor 2.00GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Disabled
    AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
    FW : Avira Pare-feu[ Enabled ]9.0.1.32

    C:\ -> Disque fixe local # 37,26 Go (2,32 Go free) [VAIO] # NTFS
    D:\ -> Disque fixe local # 48,91 Go (10,25 Go free) [VAIO] # NTFS
    E:\ -> Disque amovible
    F:\ -> Disque CD-ROM
    G:\ -> Disque CD-ROM
    H:\ -> Disque CD-ROM
    I:\ -> Disque CD-ROM
    K:\ -> Disque amovible # 7,47 Go (1,86 Go free) [DEAR] # FAT32
    L:\ -> Disque fixe local # 372,52 Go (166,49 Go free) [PHIL_UP] # FAT32
    M:\ -> Disque amovible # 3,73 Go (3,01 Go free) [USB FIL] # FAT32

    ################## | Elements infectieux |

    Supprimé ! C:\WINDOWS\System32\logon.exe
    Supprimé ! C:\Recycler\S-1-5-21-2052111302-2049760794-725345543-1003
    Supprimé ! C:\Recycler\S-1-5-21-2894258751-542884893-4023887976-1005
    Supprimé ! C:\Recycler\S-1-5-21-2894258751-542884893-4023887976-1006
    Supprimé ! C:\Recycler\S-1-5-21-2894258751-542884893-4023887976-500
    Supprimé ! C:\Recycler\S-1-5-21-4000055231-678991265-3457676799-500
    Supprimé ! D:\Recycler\S-1-5-21-2894258751-542884893-4023887976-1005
    Supprimé ! D:\Recycler\S-1-5-21-2894258751-542884893-4023887976-1006
    K:\autorun.inf -> fichier appelé : "K:\autorun.exe" ( Absent ! )
    K:\autorun.inf -> fichier appelé : "K:\autorun.exe" ( Absent ! )
    Supprimé ! K:\autorun.inf

    ################## | Registre |

    Supprimé ! [HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\policies\System] "DisableRegistryTools"

    ################## | Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{090a0fba-e419-11db-bd6a-0013ce7edc9e}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{8969d646-5816-11df-881c-0013ce7edc9e}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{a05bc270-a0f6-11dd-8296-0013ce7edc9e}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [30/06/2009 12:16|--a------|3659] C:\Afin.htm
    [08/08/2007 03:12|--a------|1602] C:\anumanlive.log
    [09/08/2005 13:02|--a------|0] C:\AUTOEXEC.BAT
    [20/05/2010 13:57|---hs----|212] C:\boot.ini
    [29/06/2006 16:45|-rahs----|4952] C:\Bootfont.bin
    [18/06/2009 13:42|--a------|177] C:\CielVideo.ini
    [09/08/2005 13:02|--a------|0] C:\CONFIG.SYS
    [09/12/2009 16:26|--a------|143] C:\ConverterVersion.xml
    [30/06/2009 12:07|--a------|855] C:\DearSign2.html
    [30/06/2009 12:25|--a------|710] C:\DearSign3.html
    [26/04/2010 14:38|--a------|1405] C:\DearSign4.html
    [21/02/2009 23:19|--a------|3532] C:\drmHeader.bin
    [14/11/2008 16:15|--a------|184] C:\drwtsn32.log
    [?|?|?] C:\hiberfil.sys
    [09/08/2005 13:02|-rahs----|0] C:\IO.SYS
    [30/06/2009 11:52|--a------|19471] C:\logoblanc.jpg
    [31/12/2009 12:04|--a------|16185] C:\logoblanc2.jpg
    [30/06/2009 12:25|--a------|19532] C:\logoblanc3.jpg
    [30/06/2009 12:52|--a------|19593] C:\logoblanc4.jpg
    [31/12/2009 12:13|--a------|17631] C:\logoExcel.jpg
    [18/02/2010 18:01|--a------|990] C:\lxctcomx.log
    [25/05/2010 16:29|--a------|317264] C:\mombi.log
    [09/08/2005 13:02|-rahs----|0] C:\MSDOS.SYS
    [03/08/2004 22:38|-rahs----|47564] C:\NTDETECT.COM
    [03/08/2004 22:59|-rahs----|251712] C:\ntldr
    [?|?|?] C:\pagefile.sys
    [12/12/2007 01:12|--a------|44501] C:\PokerStars.log.0
    [06/11/2007 01:15|--a------|50870] C:\PokerStars.log.1
    [19/09/2007 16:20|--a------|2787] C:\rapport.txt
    [30/06/2009 11:49|--a------|221] C:\sign.htm
    [31/10/2005 17:56|--a------|700416] C:\StubInstaller.exe
    [22/01/2008 00:18|--a------|63] C:\trace.txt
    [29/10/2008 11:32|--a------|510] C:\updatedatfix.log
    [25/05/2010 21:07|--a------|4000] C:\UsbFix.txt
    [20/02/2007 04:05|--ahs----|93] C:\_sg3bklhxbsg
    [?|?|?] D:\pagefile.sys
    [14/12/2009 11:49|--a------|376832] K:\WK141209.ahc

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
    # D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
    # K:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
    # L:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
    # M:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS