Votre question

Avast et spybot ont disparus, impossible de les lancer manuellement

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Octobre 2009 14:16:31

bonjour a tous :hello: 

depuis hier soir avast et spybot ont disparu, impossible de les démarrés manuellement !
message d'erreur: "n'est pas une application win32 valide"

je me suis donc documenté et utilisé combofix,
(que j'ai renommé "bibitte" car impossible sinon a exécuter)
mais c'est un peu du charabia pour moi. :pt1cable: 
merci d'avance pour votre aide.
voici donc le rapport:

ComboFix 09-10-19.01 - Fabrice 20/10/2009 11:13.1.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.702 [GMT 2:00]
Lancé depuis: c:\documents and settings\Fabrice\Bureau\bibitte.exe
AV: avast! antivirus 4.8.1356 [VPS 091019-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Fabrice\Application Data\drivers\downld
c:\documents and settings\Fabrice\Application Data\drivers\downld\142578.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\145968.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\149359.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\165328.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\168750.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\200468.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\210328.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\220812.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\237703.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\245859.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\263109.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\317312.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\318593.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\351156.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\355062.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\357984.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\358390.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\358406.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\381812.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\382218.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\382406.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\382421.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\382515.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\382593.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\397578.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\398390.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\398453.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\409828.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\411484.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\412359.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\421015.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\422046.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\422578.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\450812.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\451093.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\451140.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\451406.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\451718.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\451906.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\452578.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\452671.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\453015.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\453703.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\453765.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\469234.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\469468.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\469609.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\469656.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\470203.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\470343.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\507921.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\509281.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\517062.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\518859.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\519375.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\529859.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\531593.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\531609.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\540109.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\545718.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\546531.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\548171.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\576421.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\607718.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\649093.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\650718.exe
c:\documents and settings\Fabrice\Application Data\drivers\downld\651062.exe
c:\documents and settings\Fabrice\Application Data\drivers\srosa2.sys
c:\documents and settings\Fabrice\Application Data\drivers\wfsintwq.sys
c:\documents and settings\Fabrice\Application Data\drivers\winupgro.exe
c:\documents and settings\Fabrice\Application Data\hidires
c:\documents and settings\Fabrice\Application Data\hidires\config\AC_BootstrapIPs.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\AC_SearchStrings.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\AC_ServerMetURLs.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\cancelled.met
c:\documents and settings\Fabrice\Application Data\hidires\config\clients.met
c:\documents and settings\Fabrice\Application Data\hidires\config\clients.met.bak
c:\documents and settings\Fabrice\Application Data\hidires\config\cryptkey.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\emfriends.met
c:\documents and settings\Fabrice\Application Data\hidires\config\key_index.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\known.met
c:\documents and settings\Fabrice\Application Data\hidires\config\known2_64.met
c:\documents and settings\Fabrice\Application Data\hidires\config\load_index.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\nodes.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\preferences.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\preferences.ini
c:\documents and settings\Fabrice\Application Data\hidires\config\preferencesKad.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\server.met
c:\documents and settings\Fabrice\Application Data\hidires\config\server_met.old
c:\documents and settings\Fabrice\Application Data\hidires\config\shareddir.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\src_index.dat
c:\documents and settings\Fabrice\Application Data\hidires\config\statistics.ini
c:\documents and settings\Fabrice\Application Data\hidires\config\StoredSearches.met
c:\documents and settings\Fabrice\Application Data\hidires\downloads.bak
c:\documents and settings\Fabrice\Application Data\hidires\downloads.txt
c:\documents and settings\Fabrice\Application Data\hidires\file.exe
c:\documents and settings\Fabrice\Application Data\hidires\flec003.exe
c:\documents and settings\Fabrice\Application Data\hidires\names.txt
c:\documents and settings\Fabrice\Application Data\hidires\server.txt
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\1st NTFS Recovery 2.1 (Key+Serial).zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\1st Virtual Desktop 1.0 Crack.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\3CX Phone System for Windows Free 3.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\3D Four Seasons Screensaver 1.0 [KeyGen].zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\3D Interstellar Voyager 1.3.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\AddFlow ActiveX Control 5.4.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\AdventNet QEngine WebTest 6.8.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\AirEQ 1.2.3.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Albion StopNow! 3.5.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Album Tracker 4.0 Crack.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\AllCalc 2.20.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Amadis Video Converter 1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\ApecSoft 3GP Flash Converter 1.11 build 37.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Apple Ipod touch nano DVD Converter 3.22.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Atomic Cannon 2.5.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\AVG.Antivirus by Max.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Battlefield 1942 - Iwo Jima Supply Point minimap.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Battlefield Vietnam River Bend map.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\BBDict 2.1.5.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Beyond Search 3.4.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\BFTelnet Telnet Server 1.5.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Birthday reminder 1.21.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\BMW Z3 Screensaver.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Cake Press for Palm OS 1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Calculate My Loan 1.00 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Chilkat IMAP C++ Library 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Cool Captions 3.1 [With Crack].zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\DailyWoot 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\DDBQ 1.2.1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Debt Reducer 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Delicious Submit 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Dovada student calculator 1.2.2 Key.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\DrWeb.v4.32.key.26-02-2005.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\dTV Grid 1.2.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\DVDStyler Portable Edition 1.5b5.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\EffeTech HTTP Sniffer 3.6 [Key].zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Electrical Motor Control Circuits 2.5.0.8 [Key+Serial].zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Email Spider 1.01.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\EMS PostgreSQL Manager Professional for Windows 3.6.0.1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\EncryptDrop Free Edition 1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Family Database 2008 1.0.0.2 Key+Serial.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Fasta Video Converter 3.0.0.2.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Fedora Linux.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Gatecomb 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Gemini 6.010.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Gospel Parallels 1.06.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Honestech DVD Encoding+ Pro 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\House MD Screensaver 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\HP LaserJet Standard PCL Drivers G1.30.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Installing a scanner 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\International Dialing Codes 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Invez 3.013.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\iPod ImageExtractor 1.0.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\JukeBox Tools 4.1 (Patch).zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Keyoti RapidSpell Desktop .Net 3.7.0 Crack.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\kFundraising Enterprise 3.1 Key+Serial.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\LanDial 1.03.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\LingoLite German 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\LingvoSoft Learning Voice 2007 Dutch Romanian 2.3.86.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\LingvoSoft Talking Dictionary 2007 English - Hebrew 4.0.22.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\LuckyPhoto 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\M3USync 1.0.5.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Magentic 1.2.2.0453.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\McAfee AntiSpyware v2.1.112.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\MCEBuddy 1.0.8.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\MindVisualizer Standard 1.4.4.0 (Serial).zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Miraplacid Text Driver 2008 5.3.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Motto Search 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Mp3Resizer Express 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\MPL 1.1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Multicom OEM 2.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\MuvAudio 2.9.1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\MyMappeR 1.2.1.4 Serial.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Mysterious Forest ScreenSaver 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\NewsMac 3.1.3.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\No More Spam 3.0 build 5.822 (With Crack).zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\NovaMind 3.3.7.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Octane eBay Team toolbar for Firefox 1.5.0.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\One Vision - Church Membership Software 5.17.62.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Open Video Joiner 3.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Opus Creator 5.5.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Passfaces Personal 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Paste Email 2.1.2.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\PC-Com Basic 8.0 Beta.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\PeetaReader 1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Picture Viewer Pro 2.0.0.215.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Plagiarism-Finder 1.2.3 (Patch).zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Playa!TraX 1.77.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\PLT Import for SolidWorks 1.0 (Cracked).zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Point Tweaker 2.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Portidy 0.9.1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\PQ DVD to iPod Video Converter Suite 2.6 build 01.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Quake Ultimate Deathmatch Mod 1.9.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\QuickOpen 1.06.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Recovery Mechanic 3.0 (Patch).zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Refined Elliot Trader 1.0.9.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\RemindU 1.0.1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Remote Task Manager 3.8.2.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\SannySoft Perl Editor Lite 2006.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Selida 2.1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Share Outlook Calendar 2.5.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\SoftCare Notes Manager CS2 2.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Speed Reader 1.1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Stained Glass Christmas Screen Saver 1.0 [Crack].zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Star Wars Empire at War Assault on Echo Base map.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Suited for Speed 1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Sunbowsoft Secure Storage(3S) 1.0.8.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\SuperAVConverter 9.13.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Ten Amazing Fruits 2.1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\The Sims 2 Naruto Uniform skin.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\The Travel Wizard 2.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\TimeRecorder 4.25.3.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Toggle AD Hunter 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Turbo7 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\TweakDB 3.0 beta 1.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Ugolki 1.7.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Uninstall Manager 4.3.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Unison 1.7.6.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Warcraft III - Humans vs. Deserters vs. Orcs map.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Web Flash Catcher 1.0.9 build 163.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\web2py 1.59.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Word Error Repair 1.0.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\WordFIX Data Recovery 5.11.zip
c:\documents and settings\Fabrice\Application Data\hidires\WDIR\Zoho Virtual Office 3 build 3010 Cracked.zip
c:\documents and settings\Fabrice\Application Data\m
c:\documents and settings\Fabrice\Application Data\m\data.oct
c:\documents and settings\Fabrice\Application Data\m\flec006.exe
c:\documents and settings\Fabrice\Application Data\m\list.oct
c:\documents and settings\Fabrice\Application Data\m\shared\321Soft DVD Ripper 1.01.zip
c:\documents and settings\Fabrice\Application Data\m\shared\3D_Interactive_Kwanza_Candles_1.0_(Cracked).zip
c:\documents and settings\Fabrice\Application Data\m\shared\Actual Window Menu 5.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Advanced Command Line PDF Splitter 1.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\AfreeCodecVT_2.0.82.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Agogo FLV to iPod Converter 7.21.zip
c:\documents and settings\Fabrice\Application Data\m\shared\All Audio Converter 2.20.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Ancient Clock Screensaver 1.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Any Logo Screensaver Creator 2.6.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Any Media To PS3 5.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Apple_PowerBook_150_Update_1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Ashampoo_AntiSpyWare_2.00.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Ashampoo_AudioCD_MP3_Studio_3.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Backup_Manager_2.5.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Batch_To_Exe_Converter_1.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\betterbugzilla 0.3.4.zip
c:\documents and settings\Fabrice\Application Data\m\shared\bitdefender_prof_v9.by.corx.incl.serie.nr.zip
c:\documents and settings\Fabrice\Application Data\m\shared\BitKinex_2.7.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Calgary Traffic Cam 1.3.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Causerie_Messenger_2.08.zip
c:\documents and settings\Fabrice\Application Data\m\shared\CCAutoSoft_3.04.11_(Serial).zip
c:\documents and settings\Fabrice\Application Data\m\shared\Clipboard_Viewer_1.0.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Clock_Guard_4.1.0_[With_Crack].zip
c:\documents and settings\Fabrice\Application Data\m\shared\cpTracker Professional 2.2.7 build 117.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Create_short_URLs_0.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Crystal_Wizard_1.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Digijoe CD Labeler 1.6.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Digital_Darkroom_1.2.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Discover_Your_Favorite.com_1.4.607.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Donar Player 1.4.3.zip
c:\documents and settings\Fabrice\Application Data\m\shared\DrillBoard 1.0.4.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Drivers_Log_3.18_(With_Crack).zip
c:\documents and settings\Fabrice\Application Data\m\shared\EasyMail_.Net_Edition_2.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Envolk_Clipboard_1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Equation graph plotter - EqPlot 1.3.3.zip
c:\documents and settings\Fabrice\Application Data\m\shared\EtherScout_1.01.zip
c:\documents and settings\Fabrice\Application Data\m\shared\ezNZB 2.0.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\FaxNow!_5.02_build_799_[Key].zip
c:\documents and settings\Fabrice\Application Data\m\shared\FilePro 1.0 build 66.zip
c:\documents and settings\Fabrice\Application Data\m\shared\FlowMaker_0.5.17.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Folder_Monitor_4.600.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Fotomat_-_Digital_Foto_Manager_3.5.1.04.zip
c:\documents and settings\Fabrice\Application Data\m\shared\FotoMonster_3.0_b25.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Free Teen Bible Browser 2.7.zip
c:\documents and settings\Fabrice\Application Data\m\shared\GeneXproTools_4.0.969.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Goa Trip Screensaver 2.3.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Google Video Downloader 1.8.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Grand_Theft_Auto_Vice_City_Long_Night_mod_0.2.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Graphcat 6.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Heart_of_India_toolbar_for_IE_4.5.126.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\HelpMaker_7.3.23.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Hero DVD Player 3.0.8.zip
c:\documents and settings\Fabrice\Application Data\m\shared\HQ_BoxShot_1.12_[Key+Serial].zip
c:\documents and settings\Fabrice\Application Data\m\shared\HTML Text Extractor 1.5.zip
c:\documents and settings\Fabrice\Application Data\m\shared\ID Startup Cleaner 1.2.zip
c:\documents and settings\Fabrice\Application Data\m\shared\iPhox 2.0.189.zip
c:\documents and settings\Fabrice\Application Data\m\shared\IView_Lite_Inventory_Manager_3.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\JPEG Resampler 3.4.zip
c:\documents and settings\Fabrice\Application Data\m\shared\JQuitMeter 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\KFSensor_4.2.zip
c:\documents and settings\Fabrice\Application Data\m\shared\KingHost_Screensaver_1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Klient 2.2.1.2989.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Konvertor_xxx2swf_DLL_1.07.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Langmuir 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Laptop_Anti-Theft_1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Las Vegas Screensaver 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\LingvoSoft Dictionary 2007 English - Japanese Kanji Romaji 4.0.22.zip
c:\documents and settings\Fabrice\Application Data\m\shared\LingvoSoft Learning PhraseBook 2008 Dutch - Arabic 2.3.91.zip
c:\documents and settings\Fabrice\Application Data\m\shared\LiveSpy_2.0_Key+Serial.zip
c:\documents and settings\Fabrice\Application Data\m\shared\LogDigger 0.2.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Logitech_MouseWare_9.79.zip
c:\documents and settings\Fabrice\Application Data\m\shared\MacPerl_5.2.0r4.zip
c:\documents and settings\Fabrice\Application Data\m\shared\MemoryCleaner_1.38.zip
c:\documents and settings\Fabrice\Application Data\m\shared\MIDCOMPR_1.2.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Mortgage_Info_1.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Mp3Rec 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\NiceGallery 1.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\NOD32.Antivirus.System.2.51.26.[Phoenix76.Essential.-.Applications].zip
c:\documents and settings\Fabrice\Application Data\m\shared\O&O_MediaRecovery_4.1.1334.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Ornament_Organizer_1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Paraben's_Network_E-mail_Examiner_2.0.290_(Cracked).zip
c:\documents and settings\Fabrice\Application Data\m\shared\PasswordsPro 1.5.zip
c:\documents and settings\Fabrice\Application Data\m\shared\PDF Creator Plus 3.0.003.zip
c:\documents and settings\Fabrice\Application Data\m\shared\PDF Stamper ActiveX 2.0.2008.118.zip
c:\documents and settings\Fabrice\Application Data\m\shared\PDF2Raster 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Perfect Office Icons 2009.4.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Periodic_Table_Mini_3.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\PingCOPA Ping and Traceroute 2.01 Key.zip
c:\documents and settings\Fabrice\Application Data\m\shared\PocketBible 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Points Import for AutoCAD 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Press_3.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\QuadRate 1.10.zip
c:\documents and settings\Fabrice\Application Data\m\shared\RadarLoop20x 7.0.5.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Read_Genius_3.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Real_Estate_Notebook_2.21_[Serial].zip
c:\documents and settings\Fabrice\Application Data\m\shared\ReferenceChecker 2.08.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Remobo 0.20.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Reverse Number Look Up Software 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Rhythm Rascal 2.1.2353.zip
c:\documents and settings\Fabrice\Application Data\m\shared\RiskyProject Lite 2.1.4.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Roosl's All-in-One Text Utility 2.6.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Salery 1.0.4.zip
c:\documents and settings\Fabrice\Application Data\m\shared\SkimID3 1.10.zip
c:\documents and settings\Fabrice\Application Data\m\shared\SQL_Balance_for_SQLBase_1.2.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\SuperSmith 2.06.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Symantec.Norton.WinDoctor.2006.zip
c:\documents and settings\Fabrice\Application Data\m\shared\TreeView_1.8.83_KeyGen.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Tropical Waters Wallpaper 1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\TVGuide Maxthon Plugin 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\TVU_Broadcast_Software_1.0.3.2_build_190.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Type In Image Buddy 2.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Unreal Tournament 2003 - Optimized Weapons Sounds.zip
c:\documents and settings\Fabrice\Application Data\m\shared\VFSJFileChooser 0.0.2 Beta.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Vimidi 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\shared\VS.Php for Visual Studio 2008 2.6.4.5645.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Warcraft III - Spider City Part 1 map.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Web_Designers_Color_Tool_3.0.0_[Crack].zip
c:\documents and settings\Fabrice\Application Data\m\shared\WebCopier Pro 4.5.zip
c:\documents and settings\Fabrice\Application Data\m\shared\WebFoil_2.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\WinRescue Vista 1.08.44.zip
c:\documents and settings\Fabrice\Application Data\m\shared\WinUtilities 6.6.zip
c:\documents and settings\Fabrice\Application Data\m\shared\WireFusion SDK 5.0.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Wondershare_DVD_Slideshow_Builder_2.zip
c:\documents and settings\Fabrice\Application Data\m\shared\WordBanker_VB_English_1.0.1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\wx12Ton 1.1.0 RC1.zip
c:\documents and settings\Fabrice\Application Data\m\shared\Yadabyte Notes 1.0.zip
c:\documents and settings\Fabrice\Application Data\m\srvlist.oct
c:\windows\config.ini
c:\windows\pack.epk
c:\windows\system32\attfd42.dll
c:\windows\system32\ban_list.txt
c:\windows\system32\mdelk.exe
c:\windows\system32\msvcsv60.dll
c:\windows\system32\urnnzizt.dat
c:\windows\system32\urnnzizt_nav.dat
c:\windows\system32\urnnzizt_navps.dat
c:\windows\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s


((((((((((((((((((((((((((((( Fichiers créés du 2009-09-20 au 2009-10-20 ))))))))))))))))))))))))))))))))))))
.

2009-10-19 22:05 . 2009-10-20 09:26 -------- d--h--w- c:\documents and settings\Fabrice\Application Data\drivers
2009-10-19 20:45 . 2009-10-19 20:45 -------- d-----w- c:\documents and settings\All Users\Application Data\IK Multimedia
2009-10-19 17:03 . 2009-10-19 17:03 -------- d-----w- c:\documents and settings\Fabrice\Library
2009-10-19 17:03 . 2009-10-19 17:03 -------- d-----w- c:\documents and settings\Fabrice\Application Data\com.adobe.ExMan
2009-10-19 11:22 . 2009-10-19 11:22 -------- d-----w- c:\documents and settings\Fabrice\Application Data\TIAB
2009-10-17 18:42 . 2009-10-17 19:09 -------- d-----w- c:\program files\PhotoScape
2009-10-17 15:19 . 2004-05-19 08:02 49152 ----a-w- c:\windows\system32\Xsusie.dll
2009-10-17 15:19 . 2004-05-27 14:46 872448 ----a-w- c:\windows\system32\libgfl211.dll
2009-10-17 15:19 . 2004-05-19 08:02 225280 ----a-w- c:\windows\system32\Xjp2.dll
2009-10-17 15:19 . 2004-05-19 08:02 114688 ----a-w- c:\windows\system32\Xjpegls.dll
2009-10-17 15:19 . 2004-05-19 08:01 81920 ----a-w- c:\windows\system32\Xjbig.dll
2009-10-17 15:19 . 2004-05-19 08:01 49152 ----a-w- c:\windows\system32\Xjng.dll
2009-10-17 15:19 . 2004-05-19 08:01 364544 ----a-w- c:\windows\system32\Xfpx.dll
2009-10-17 15:19 . 2004-02-04 04:33 307200 ----a-w- c:\windows\system32\libmng.dll
2009-10-10 07:59 . 2009-10-10 07:59 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-10-01 22:11 . 2009-10-01 22:11 -------- d-----w- c:\program files\National Instruments
2009-10-01 22:11 . 2009-10-01 22:11 -------- d-----w- c:\program files\Scope

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-19 23:56 . 2007-05-27 09:52 160 ----a-w- c:\windows\msocreg32.dat
2009-10-19 21:10 . 2007-05-27 12:47 -------- d-----w- c:\program files\Google
2009-10-19 20:47 . 2007-05-22 12:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-19 20:46 . 2007-05-27 09:42 -------- d-----w- c:\program files\IK Multimedia
2009-10-19 19:06 . 2008-03-26 16:52 26 -c--a-w- c:\windows\popcinfo.dat
2009-10-19 17:00 . 2007-05-22 14:08 104920 ----a-w- c:\documents and settings\Fabrice\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-19 15:43 . 2008-05-10 16:04 -------- d-----w- c:\documents and settings\Fabrice\Application Data\Notepad++
2009-10-19 15:05 . 2007-05-22 12:15 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-10-19 14:17 . 2008-12-02 11:36 -------- d-----w- c:\documents and settings\Fabrice\Application Data\dvdcss
2009-10-16 14:53 . 2003-04-24 12:00 85834 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-16 14:53 . 2003-04-24 12:00 512628 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-16 14:43 . 2008-08-24 18:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-13 09:31 . 2008-08-24 18:12 -------- d-----w- c:\program files\Microsoft Works
2009-10-11 19:23 . 2008-12-30 06:42 -------- d-----w- c:\documents and settings\All Users\Application Data\SIR
2009-10-11 19:23 . 2007-10-12 13:48 -------- d-----w- c:\program files\VstPlugins
2009-10-10 20:20 . 2009-05-08 08:48 -------- d-----w- c:\documents and settings\Fabrice\Application Data\uTorrent
2009-10-10 17:39 . 2009-08-28 11:05 230432 ----a-w- C:\PA207.DAT
2009-10-10 07:57 . 2007-06-11 14:35 -------- d-----w- c:\program files\Windows Live
2009-10-10 07:53 . 2008-12-31 06:44 -------- d-----w- c:\program files\Microsoft
2009-09-29 21:34 . 2008-04-20 07:16 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-22 14:32 . 2009-01-09 20:39 8 ----a-w- c:\windows\system32\nvModes.dat
2009-09-15 19:47 . 2009-09-15 19:47 -------- d-----w- c:\documents and settings\TEMP\Application Data\DivX
2009-09-15 19:35 . 2009-09-15 19:33 -------- d-----w- c:\documents and settings\TEMP\Application Data\Cakewalk
2009-09-15 19:28 . 2009-09-15 19:28 -------- d-----w- c:\documents and settings\TEMP\Application Data\Sony Ericsson
2009-09-15 19:25 . 2009-09-15 19:25 104920 ----a-w- c:\documents and settings\TEMP\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-15 10:59 . 2007-05-22 13:17 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-15 10:56 . 2007-05-22 13:17 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-09-15 10:53 . 2007-05-22 13:17 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-13 14:02 . 2009-09-13 14:02 -------- d-----w- c:\documents and settings\Valerie\Application Data\DivX
2009-09-12 14:44 . 2008-03-14 17:33 -------- d-----w- c:\program files\vanBasco's Karaoke Player
2009-09-11 21:46 . 2009-09-11 21:46 -------- d-----w- c:\documents and settings\Valerie\Application Data\Apple Computer
2009-09-11 21:45 . 2009-08-07 18:26 104920 ----a-w- c:\documents and settings\Valerie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-11 21:37 . 2009-09-11 21:37 -------- d-----w- c:\documents and settings\Valerie\Application Data\vlc
2009-09-11 14:18 . 2003-04-24 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-08 13:31 . 2007-05-22 12:20 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-09-08 12:07 . 2009-06-08 10:59 -------- d-----w- c:\documents and settings\All Users\Application Data\BVRP Software
2009-09-04 21:04 . 2003-04-24 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 16:59 . 2009-08-26 16:59 -------- d-----w- c:\program files\Fichiers communs\PAC207
2009-08-26 16:59 . 2009-08-26 16:59 -------- d-----w- c:\program files\Trust
2009-08-26 08:01 . 2003-04-24 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-06 17:24 . 2007-05-22 11:47 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2007-05-22 11:47 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2007-05-22 11:47 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2005-05-26 02:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2007-05-22 11:29 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2003-04-24 12:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2007-05-22 11:47 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2008-03-20 12:27 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 17:23 . 2008-03-20 12:27 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 17:23 . 2007-05-22 11:29 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:00 . 2007-05-22 12:13 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 17:27 . 2003-04-24 12:00 2147328 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 17:27 . 2002-08-29 11:42 2025984 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-25 03:23 . 2008-11-26 11:33 411368 ----a-w- c:\windows\system32\deploytk.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-10-20 909312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-10-20 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2009-10-20 319488]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"AdobeCS4ServiceManager"="c:\program files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-03 1630208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SetDefaultMIDI"=MIDIDef.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
"H2O"=c:\program files\SyncroSoft\Pos\H2O\cledx.exe
"mumservice"=c:\program files\Motorola\Software Update\mumservice.exe
"NeroFilterCheck"=c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe
"CTHelper"=CTHELPER.EXE
"CTxfiHlp"=CTXFIHLP.EXE
"Dit"=Dit.exe
"EoEngine"=
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe"
"LogitechQuickCamRibbon"="c:\program files\Labtec\WebCam10\WebCam10.exe" /hide
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"nwiz"=nwiz.exe /install
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
"UpdReg"=c:\windows\UpdReg.EXE
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Resolume 2.41\\resolume.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [26/05/2007 23:15 11264]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [27/05/2007 10:24 33792]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [20/03/2008 17:23 98328]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.SYS [14/05/2007 10:26 508288]
R3 Tetris;Tetris driver;c:\windows\system32\drivers\Tetris.sys [12/10/2007 03:06 48928]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 gupdate1ca2d815724a672;Service Google Update (gupdate1ca2d815724a672);c:\program files\Google\Update\GoogleUpdate.exe [04/09/2009 19:01 133104]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [20/03/2008 17:23 98328]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [20/03/2008 17:36 171032]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [20/03/2008 17:36 171032]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [20/03/2008 17:23 528920]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [20/03/2008 17:23 528920]
S3 CTEAPSFX.SYS;CTEAPSFX.SYS;c:\windows\system32\drivers\CTEAPSFX.sys [20/03/2008 17:26 163352]
S3 CTEAPSFX;CTEAPSFX;c:\windows\system32\drivers\CTEAPSFX.sys [20/03/2008 17:26 163352]
S3 CTEDSPFX.SYS;CTEDSPFX.SYS;c:\windows\system32\drivers\CTEDSPFX.sys [20/03/2008 17:32 259096]
S3 CTEDSPFX;CTEDSPFX;c:\windows\system32\drivers\CTEDSPFX.sys [20/03/2008 17:32 259096]
S3 CTEDSPIO.SYS;CTEDSPIO.SYS;c:\windows\system32\drivers\CTEDSPIO.sys [20/03/2008 17:38 134168]
S3 CTEDSPIO;CTEDSPIO;c:\windows\system32\drivers\CTEDSPIO.sys [20/03/2008 17:38 134168]
S3 CTEDSPSY.SYS;CTEDSPSY.SYS;c:\windows\system32\drivers\CTEDSPSY.sys [20/03/2008 17:37 309784]
S3 CTEDSPSY;CTEDSPSY;c:\windows\system32\drivers\CTEDSPSY.sys [20/03/2008 17:37 309784]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [20/03/2008 17:36 99352]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [20/03/2008 17:36 99352]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [20/03/2008 17:40 1324056]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [20/03/2008 17:40 1324056]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [20/03/2008 17:37 72728]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [20/03/2008 17:37 72728]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [20/03/2008 17:25 534040]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [20/03/2008 17:25 534040]
S3 MagixASIODrv;MAGIX_ASIO_BoostDriver;c:\program files\Magix\Samplitude_10\mxasio.sys [03/05/2008 10:59 4899]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys --> c:\windows\system32\DRIVERS\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys --> c:\windows\system32\DRIVERS\motccgpfl.sys [?]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys --> c:\windows\system32\DRIVERS\motodrv.sys [?]
S3 MPUSens;MPUSens;c:\windows\system32\drivers\MPUSens.sys [01/10/2007 22:10 381056]
S3 Philipscam1;Caméra numérique Philips 645 ; Vidéo;c:\windows\system32\drivers\philcam1.sys [24/07/2007 18:02 75776]
S3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;c:\windows\system32\drivers\WlanUZXP.sys [07/05/2009 11:03 260608]
S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\c:\windows\system32\ZDCndis5.SYS --> c:\windows\system32\ZDCndis5.SYS [?]
.
Contenu du dossier 'Tâches planifiées'

2009-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-04 17:01]

2009-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-04 17:01]

2009-10-20 c:\windows\Tasks\User_Feed_Synchronization-{056D5DED-19A0-4DE4-9EC7-4B3E90068604}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://lo.st
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/
IE: Choisir comme avatar pour &Messenger - c:\program files\MSN Pictures Displayer\AddIEPicture.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: {73BCEA84-9FF9-4133-9D74-CA407BABA457} = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Fabrice\Application Data\Mozilla\Firefox\Profiles\y9jw1bil.default\
FF - component: c:\documents and settings\Fabrice\Application Data\Mozilla\Firefox\Profiles\y9jw1bil.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - component: c:\documents and settings\Fabrice\Application Data\Mozilla\Firefox\Profiles\y9jw1bil.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: c:\documents and settings\Fabrice\Application Data\Mozilla\Firefox\Profiles\y9jw1bil.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\documents and settings\Fabrice\Application Data\Mozilla\Firefox\Profiles\y9jw1bil.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\documents and settings\Fabrice\Application Data\Mozilla\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-flec003.exe - c:\documents and settings\Fabrice\Application Data\hidires\flec003.exe
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
AddRemove-Index.dat Analyzer_is1 - c:\program files\Index.dat



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-20 11:55
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1060284298-616249376-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D0BEEABF-36ED-A272-46C3-27087F2CBC7F}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"jakcnkneknboibbnhllg"=hex:6b,61,6f,66,67,6e,6b,68,63,6e,62,67,62,62,64,65,6e,
68,6d,70,6f,68,00,00
"iaadpnikgdjhemedlg"=hex:6b,61,6f,66,67,6e,6b,68,63,6e,62,67,62,62,64,65,6e,68,
6d,70,6f,68,00,00

[HKEY_USERS\S-1-5-21-1060284298-616249376-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:c3,7b,ce,d6,5a,b3,bb,ad,98,6f,4e,17,a3,fd,e5,77,0b,15,d5,bb,33,
6f,2d,b9,52,61,e8,d4,30,0a,ff,bb,5d,bf,79,69,15,55,dd,ab,b0,e9,79,78,99,74,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2E29FD1C-8E93-4d17-8893-DD18E3D36851}\Version*Version]
"Version"=hex:8a,34,f4,59,db,59,ae,eb,e3,4a,a6,67,69,43,3d,f9,4b,11,f8,5d,b5,
bf,78,6e,b2,5c,0d,fa,71,b9,26,68,f4,94,d8,dc,91,8c,a4,fe,55,62,01,f2,4a,6b,\

[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\discWelder BRONZE\Version*Version]
"Version"=hex:8a,34,f4,59,db,59,ae,eb,e3,4a,a6,67,69,43,3d,f9,4b,11,f8,5d,b5,
bf,78,6e,b2,5c,0d,fa,71,b9,26,68,f4,94,d8,dc,91,8c,a4,fe,55,62,01,f2,4a,6b,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(764)
c:\program files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(2760)
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\eappprxy.dll
c:\program files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\Crypserv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\bibitte\CF11496.exe
.
**************************************************************************
.
Heure de fin: 2009-10-20 12:11 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-20 10:11

Avant-CF: 8 952 188 928 octets libres
Après-CF: 8 977 293 312 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

- - End Of File - - 4E6B0691A2900B149CD274526B99F287

Autres pages sur : avast spybot disparus impossible lancer manuellement

a c 296 8 Sécurité
20 Octobre 2009 18:35:20

Bonjour,

C'est une infection Bagle.

  • Télécharge FindyKill (de Chiquitine29 & C_XX) sur ton Bureau.
  • Double-clique sur FindyKill présent sur ton Bureau.
  • Choisis F pour Français.
  • Au menu principal, choisis l'option 1 (Recherche).
  • Poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
    20 Octobre 2009 18:50:05

    bonsoir Destrio5 :bounce: 

    ...et merci d'avance pour ton aide. :sarcastic: 

    voici le rapport FindyKill:

    ############################## | FindyKill V5.014 |

    # User : Fabrice (Administrateurs) # HOMESTUDIO
    # Update on 20/10/2009 by Chiquitine29
    # Start at: 18:43:44 | 20/10/2009
    # Website : http://pagesperso-orange.fr/NosTools/index.html
    # Contact : FindyKill.Contact@gmail.com

    # Intel(R) Pentium(R) 4 CPU 3.20GHz
    # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 8.0.6001.18702
    # Windows Firewall Status : Enabled
    # AV : avast! antivirus 4.8.1356 [VPS 091019-0] 4.8.1356 [ Enabled | Updated ]

    # A:\ # Lecteur de disquettes 3 ½ pouces
    # C:\ # Disque fixe local # 96,23 Go (8,35 Go free) [EXPLOITATION] # NTFS
    # D:\ # Disque fixe local # 232,88 Go (139,07 Go free) [ARCHIVES] # NTFS
    # E:\ # Disque fixe local # 90,08 Go (50,19 Go free) [PARTITION] # NTFS
    # F:\ # Disque amovible
    # G:\ # Disque CD-ROM
    # H:\ # Disque amovible
    # I:\ # Disque amovible
    # J:\ # Disque CD-ROM
    # K:\ # Disque CD-ROM # 4,11 Go (0 Mo free) [Noah juillet 200] # CDFS
    # L:\ # Disque CD-ROM
    # N:\ # Disque amovible

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | C: |


    ################## | C:\WINDOWS |

    Présent ! C:\WINDOWS\Prefetch\FLEC006.EXE-1A5B0745.pf

    ################## | C:\WINDOWS\system32 |


    ################## | C:\WINDOWS\system32\drivers |


    ################## | C:\Documents and Settings\Fabrice\Application Data |

    Présent ! C:\Documents and Settings\Fabrice\Application Data\drivers

    ################## | Temporary Internet Files |


    ################## | Registre / Clés infectieuses |

    Présent ! [HKCU\Software\Local AppWizard-Generated Applications\patch]
    Présent ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]
    Présent ! [HKU\S-1-5-21-1060284298-616249376-725345543-1004\Software\Local AppWizard-Generated Applications\patch]
    Présent ! [HKU\S-1-5-21-1060284298-616249376-725345543-1004\Software\Local AppWizard-Generated Applications\winupgro]
    Présent ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
    Présent ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
    Présent ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
    Présent ! [HKLM\software\microsoft\security center] "FirewallOverride"
    Présent ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"
    Présent ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"

    ################## | Etat / Services / Informations |

    # Affichage des fichiers cachés : OK

    # Mode sans echec : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
    # (!) Ip6Fw -> Start = 4 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )


    ################## | Cracks / Keygens / Serials |


    ################## | ! Fin du rapport # FindyKill V5.014 ! |

    Contenus similaires
    a c 296 8 Sécurité
    20 Octobre 2009 18:55:05

  • Supprime le fichier qui t'a infecté (Crack par exemple).
  • Double-clique sur FindyKill présent sur ton Bureau.
  • Au menu principal, choisis l'option 2 (Suppression).

    /!\ Il y aura un redémarrage, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

  • Ensuite, poste le rapport FindyKill.txt

    Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
    20 Octobre 2009 19:53:52

    Re coucou

    c'est encore moi... ;) 
    voila le rapport après la manipulation:


    ############################## | FindyKill V5.014 |

    # User : Fabrice (Administrateurs) # HOMESTUDIO
    # Update on 20/10/2009 by Chiquitine29
    # Start at: 19:18:40 | 20/10/2009
    # Website : http://pagesperso-orange.fr/NosTools/index.html
    # Contact : FindyKill.Contact@gmail.com

    # Intel(R) Pentium(R) 4 CPU 3.20GHz
    # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 8.0.6001.18702
    # Windows Firewall Status : Enabled
    # AV : avast! antivirus 4.8.1356 [VPS 091019-0] 4.8.1356 [ Enabled | Updated ]

    # A:\ # Lecteur de disquettes 3 ½ pouces
    # C:\ # Disque fixe local # 96,23 Go (8,36 Go free) [EXPLOITATION] # NTFS
    # D:\ # Disque fixe local # 232,88 Go (139,07 Go free) [ARCHIVES] # NTFS
    # E:\ # Disque fixe local # 90,08 Go (50,19 Go free) [PARTITION] # NTFS
    # F:\ # Disque amovible
    # G:\ # Disque CD-ROM
    # H:\ # Disque amovible
    # I:\ # Disque amovible
    # J:\ # Disque CD-ROM
    # K:\ # Disque CD-ROM # 4,11 Go (0 Mo free) [Noah juillet 200] # CDFS
    # L:\ # Disque CD-ROM
    # N:\ # Disque amovible

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\WINDOWS\system32\logonui.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\Program Files\Alwil Software\Avast4\setup\avast.setup

    ################## | C: |


    ################## | C:\WINDOWS |

    Supprimé ! C:\WINDOWS\Prefetch\FLEC006.EXE-1A5B0745.pf
    Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-17681AA8.pf

    ################## | C:\WINDOWS\system32 |


    ################## | C:\WINDOWS\system32\drivers |


    ################## | C:\Documents and Settings\Fabrice\Application Data |

    Supprimé ! C:\Documents and Settings\Fabrice\Application Data\drivers

    ################## | Références de comparaison Bagle MD5 : |

    File : C:\Qoobox\Quarantine\C\Documents and Settings\Fabrice\Application Data\drivers\winupgro.exe.vir
    -> Crc32 : 66d98647 | Md5 : a86a1511f683375bc625e29d2d5feed2


    ################## | Autres suppression ... |


    ################## | Temporary Internet Files |


    ################## | Registre / Clés infectieuses |

    Supprimé ! [HKCU\Software\Local AppWizard-Generated Applications\patch]
    Supprimé ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]
    Supprimé ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
    Supprimé ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
    Supprimé ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
    Supprimé ! [HKLM\software\microsoft\security center] "FirewallOverride"
    Supprimé ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"
    Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"

    ################## | Etat / Services / Informations |

    # Mode sans echec : OK


    # Affichage des fichiers cachés : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
    # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | PEH ... |

    Corrompu : C:\Program Files\AbsoluteLab\AbsoluteTetris\register.exe
    [Offset = 000000EC - Valeur = 0x0001]

    Corrompu : C:\Program Files\Alwil Software\Avast4\copyx64.exe
    [Offset = 000000CC - Valeur = 0x0001]

    Corrompu : C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    [Offset = 0000011C - Valeur = 0x0001]

    Corrompu : C:\Program Files\Steinberg\VstPlugins\Voxengo Analogflux Suite\Register.exe
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Steinberg\VstPlugins\Voxengo CurveEQ VST\Register.exe
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Steinberg\VstPlugins\Voxengo GlissEQ VST\Register.exe
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Steinberg\VstPlugins\Voxengo HarmoniEQ VST\Register.exe
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Steinberg\VstPlugins\Voxengo Marquis Compressor VST\Register.exe
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Steinberg\VstPlugins\Voxengo Voxformer VST\Register.exe
    [Offset = 00000104 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    [Offset = 000000C4 - Valeur = 0x0001]

    Corrompu : C:\Program Files\Unlocker\UnlockerAssistant.exe
    [Offset = 000000E4 - Valeur = 0x0001]

    Corrompu : C:\WINDOWS\PixArt\PAC207\Monitor.exe
    [Offset = 000000FC - Valeur = 0x0001]

    Tentative de réparation...
    Sauvegarde : Monitor.exe.REN
    [Offset = 000000FC - Nouvelle valeur = 0x4C01]
    Fichier réparé avec succès.



    ################## | Cracks / Keygens / Serials |


    ################## | ! Fin du rapport # FindyKill V5.014 ! |

    :bounce:  :bounce:  :bounce:  :bounce:  :bounce:  :bounce:  :bounce: 
    a c 296 8 Sécurité
    20 Octobre 2009 20:16:14

  • Relance FindyKill et choisis l'option 4 pour le désinstaller.

    Tu tiens à garder Avast ?
    20 Octobre 2009 22:02:18


    ok pour l'option 4 de findykill... merci pour ton aide :sweat: 

    je ne tiens pas spécialement a garder avast... que propose tu ?
    j'utilise spybot également.
    je ne peux absolument pas investir de l'argent pour me protéger ! :sarcastic: 
    d'autre part, dans mon gestionnaire de taches de windows, je trouve qu'il y a beaucoup de processus qui me sert a rien qui tourne en tache de fond... :heink:  comment faire pour y remédier

    merci pour ta patience...

    a c 296 8 Sécurité
    21 Octobre 2009 00:21:34

  • Désinstalle Avast.

  • Installe AntiVir et mets-le à jour.
  • Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.
  • Dans AntiVir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.
  • Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

    Tutoriel : Scanner le(s) disque(s) dur(s)
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS