Se connecter / S'enregistrer
Votre question

Est-ce un backdoor ? comment l'enlever ? !

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
31 Août 2009 12:17:44

Bonjour,
J'espère que vous pourrez m'aider et je vous remercie d'avance !

Voilà le problème ! Hier midi un message windows me signal que mon par feu est désactivé, effectivement il a été désactivé je ne sais comment... Le temps de le réactiver que Avast me détecte un virus ! Il me dit que "sa mémoire de démarrage est infectée !" et il me conseil de redémarrer l'ordi puis d'effectuer un scan avant démarrage ... 2h après il me détecte moult virus qu'il éradique ... je regarde alors l'icone d'Avast en bas à droite et je me rends compte que le bouclier standard ne marche pas ! (Avast ne test aucun fichier ! même après plusieurs minutes !) les autres boucliers marchent ... trouvant ça bizarre je vais donc sur le net à la recherches d'infos ! Mais lorsque je tape mon problème sur google une page blanche s'affiche l'espace de 5 secondes puis les résultats google apparaissent... je clique alors sur le premier lien intéressant mais là je suis redirigé vers une page dangereuse (bloquée par Mac Afee site advisor !) bon bon ... j'ai trouvé la solution pour surfer sur le net, j'ouvre tout les liens de google dans un nouvel onglet (par pression sur la molette sous firefox) et alors la page s'affiche !

Après moult recherches sur le sujet je lance Malwarebytes' Anti-Malware et Spybot ! ... mais là encore un problème ! Ils ne se lancent tout simplement PAS ! ... quelque chose semble les bloquer !

Je télécharge alors Ad aware ... qui se lance mais qui après plusieurs minutes de scan ne trouve rien ! Windows Defender également ... Virtumondobegone de même ... J'ai nettoyer mes clées registres via Ccleaner et j'ai fait le nettoyage mais toujours le problème alors j'ai finalement opté pour vous poster mon log HiJackThis en espérant de tout coeur que vous pourriez m'aider !

le voici ! :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:17:24, on 31/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Pack Securite\Common\FSMA32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pack Securite\Common\FSMB32.EXE
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Pack Securite\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Program Files\Pack Securite\Common\FAMEH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pack Securite\FSPC\fspc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\MIC\HAWAII\Hawaii.exe
C:\Apps\Softex\OmniPass\scureapp.exe
C:\Program Files\Pack Securite\Common\FSM32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\atwtusb.exe
C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Pack Securite\FSAUA\program\fsus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Internet Explorer\Iexplore.exe
D:\Documents and Settings\n\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MM_MODULE] C:\Program Files\MIC\HAWAII\Hawaii.exe
O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Documents and Settings\n\Bureau\soluce\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgsta...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 15051 bytes

Autres pages sur : backdoor enlever

a c 295 8 Sécurité
31 Août 2009 14:59:43

Bonjour,

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    31 Août 2009 16:22:50

    Bonjour et merci pour ton aide ! Après l'utilisation de combofix le problème semble régler voilà le rapport :

    ComboFix 09-08-30.04 - n 31/08/2009 13:05.1.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.2046.1442 [GMT 2:00]
    Running from: d:\documents and settings\n\Bureau\scan.exe.exe
    AV: avast! antivirus 4.8.1351 [VPS 090830-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\recycler\S-1-5-21-1135394084-3572311358-522678530-500
    c:\recycler\S-1-5-21-3158106081-2075994238-2530972146-1005
    c:\recycler\S-1-5-21-3158106081-2075994238-2530972146-1006
    c:\windows\Installer\17aeba4.msi
    c:\windows\Installer\WMEncoder.msi
    c:\windows\kb913800.exe
    c:\windows\system32\drivers\Sonyhcp.dll
    c:\windows\system32\drivers\UACvdkmoxulto.sys
    c:\windows\system32\UACblfdiqtkwp.dll
    c:\windows\system32\uacinit.dll
    c:\windows\system32\UACpakcdoypqw.log
    c:\windows\system32\UACtbwyyrmtbm.dll
    c:\windows\system32\UACubrkromhhw.dat
    c:\windows\system32\UACuwswijbpjy.dll
    c:\windows\system32\UACxvkldaaowv.dll
    c:\windows\system32\UACyavyqwujno.db
    D:\install.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_UACd.sys
    -------\Legacy_UACd.sys


    ((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-31 )))))))))))))))))))))))))))))))
    .

    2009-08-30 20:05 . 2009-08-30 20:05 -------- d-----w- c:\windows\ERUNT
    2009-08-30 18:33 . 2009-08-30 18:20 15688 ----a-w- c:\windows\system32\lsdelete.exe
    2009-08-30 18:31 . 2009-08-30 18:31 -------- d-----w- d:\documents and settings\LocalService\Bureau
    2009-08-30 18:18 . 2009-01-18 21:43 2892112 -c--a-w- d:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
    2009-08-30 18:18 . 2009-08-30 18:18 -------- dc-h--w- d:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
    2009-08-30 18:18 . 2009-08-30 18:20 -------- d-----w- d:\documents and settings\All Users\Application Data\Lavasoft
    2009-08-30 13:03 . 2009-08-30 13:03 70144 ----a-w- c:\windows\system32\drivers\ncbvpesvmxecxvor.sys
    2009-08-30 12:53 . 2009-08-30 12:53 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
    2009-08-19 09:10 . 2009-08-19 09:10 -------- d-----w- C:\Fraps
    2009-08-13 17:01 . 2009-08-13 17:01 -------- d-----w- c:\windows\ServicePackFiles
    2009-08-13 08:49 . 2009-06-05 07:46 655872 ------w- c:\windows\system32\dllcache\mstscax.dll
    2009-08-05 09:06 . 2009-08-05 09:06 205312 ------w- c:\windows\system32\dllcache\mswebdvd.dll
    2009-08-03 21:58 . 2009-08-03 21:58 -------- d-----w- d:\documents and settings\n\Local Settings\Application Data\PCHealth
    2009-08-02 20:09 . 2009-08-02 20:09 -------- d-sh--w- d:\documents and settings\NetworkService\IETldCache
    2009-08-02 16:25 . 2009-08-02 17:11 -------- d-----w- C:\render
    2009-08-02 16:18 . 2009-08-02 16:18 -------- d-----w- d:\documents and settings\n\Application Data\Blender Foundation
    2009-08-02 15:59 . 2009-08-02 16:09 -------- d-----w- c:\program files\MagicISO
    2009-08-02 09:05 . 2009-08-02 09:05 -------- d-----w- d:\documents and settings\LocalService\Application Data\DivX
    2009-08-01 21:05 . 2009-08-01 21:05 -------- d-----w- c:\program files\CamStudio
    2009-08-01 17:06 . 2009-08-01 17:06 -------- d-----w- d:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
    2009-08-01 15:46 . 2006-10-17 20:29 487479 ----a-w- c:\windows\system32\SkinMagic.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-08-31 11:03 . 2007-05-23 14:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2009-08-31 10:48 . 2007-05-23 14:35 -------- d-----w- d:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2009-08-31 09:40 . 2008-08-26 17:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-08-30 18:18 . 2007-05-24 15:55 -------- d-----w- c:\program files\Lavasoft
    2009-08-30 17:38 . 2004-09-23 16:12 557450 ----a-w- c:\windows\system32\perfh00C.dat
    2009-08-30 17:38 . 2004-09-23 16:12 102648 ----a-w- c:\windows\system32\perfc00C.dat
    2009-08-30 17:03 . 2008-04-27 07:59 -------- d-----w- c:\program files\Microsoft SQL Server
    2009-08-27 17:55 . 2007-09-08 13:49 -------- d-----w- d:\documents and settings\n\Application Data\teamspeak2
    2009-08-25 18:37 . 2008-09-19 14:43 -------- d-----w- d:\documents and settings\n\Application Data\Audacity
    2009-08-25 17:48 . 2008-04-26 16:47 -------- d---a-w- d:\documents and settings\All Users\Application Data\TEMP
    2009-08-25 10:17 . 2007-08-19 17:26 -------- d-----w- d:\documents and settings\n\Application Data\OpenOffice.org2
    2009-08-22 09:33 . 2007-04-10 17:15 -------- d-----w- c:\program files\Lionhead Studios Ltd
    2009-08-17 16:10 . 2007-07-06 10:20 1279456 ----a-w- c:\windows\system32\aswBoot.exe
    2009-08-17 16:06 . 2007-07-06 10:20 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
    2009-08-17 16:06 . 2007-07-06 10:20 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
    2009-08-17 16:05 . 2008-04-05 20:01 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2009-08-17 16:05 . 2008-04-05 20:01 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2009-08-17 16:04 . 2007-07-06 10:20 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2009-08-17 16:04 . 2007-07-06 10:20 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2009-08-17 16:03 . 2007-07-06 10:20 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
    2009-08-17 16:02 . 2007-07-06 10:20 97480 ----a-w- c:\windows\system32\AvastSS.scr
    2009-08-05 09:06 . 2008-11-02 12:57 205312 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-08-03 14:30 . 2008-07-16 10:24 -------- d-----w- d:\documents and settings\n\Application Data\Apple Computer
    2009-08-03 11:36 . 2008-08-26 17:02 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-08-03 11:36 . 2008-08-26 17:02 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-08-01 21:31 . 2009-08-01 21:31 -------- d-----w- c:\program files\K-Lite Codec Pack
    2009-08-01 21:28 . 2006-10-09 06:26 -------- d-----w- c:\program files\Fichiers communs\Real
    2009-08-01 10:48 . 2009-08-01 10:48 -------- d-----w- c:\program files\bobyte
    2009-07-31 13:40 . 2009-07-31 13:40 -------- d-----w- c:\program files\Microsoft Silverlight
    2009-07-30 16:59 . 2009-04-24 17:56 -------- d-----w- d:\documents and settings\n\Application Data\HPAppData
    2009-07-17 18:56 . 2008-11-02 12:57 58880 ----a-w- c:\windows\system32\atl.dll
    2009-07-17 16:19 . 2009-05-15 19:46 139016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2009-07-17 16:18 . 2009-05-15 19:46 189488 ----a-w- c:\windows\system32\PnkBstrB.exe
    2009-07-17 13:43 . 2009-05-15 19:46 139152 ----a-w- d:\documents and settings\n\Application Data\PnkBstrK.sys
    2009-07-17 13:43 . 2009-05-15 19:46 139152 ----a-w- d:\documents and settings\n\Application Data\PnkBstrK.sys
    2009-07-17 13:43 . 2009-05-15 19:45 794408 ----a-w- c:\windows\system32\pbsvc.exe
    2009-07-13 21:43 . 2004-09-23 16:13 286208 ----a-w- c:\windows\system32\wmpdxm.dll
    2009-07-03 16:57 . 2004-09-23 16:11 915456 ----a-w- c:\windows\system32\wininet.dll
    2009-06-29 10:10 . 2007-08-23 11:35 211400 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
    2009-06-25 18:36 . 2008-11-02 12:57 517120 ----a-w- c:\windows\system32\mqsnap.dll
    2009-06-25 18:36 . 2008-11-02 12:57 123392 ----a-w- c:\windows\system32\mqrtdep.dll
    2009-06-25 18:36 . 2008-11-02 12:57 95744 ----a-w- c:\windows\system32\mqsec.dll
    2009-06-25 18:36 . 2008-11-02 12:57 661504 ----a-w- c:\windows\system32\mqqm.dll
    2009-06-25 18:36 . 2008-11-02 12:57 527360 ----a-w- c:\windows\system32\mqutil.dll
    2009-06-25 18:36 . 2008-11-02 12:57 48640 ----a-w- c:\windows\system32\mqupgrd.dll
    2009-06-25 18:36 . 2008-11-02 12:57 186880 ----a-w- c:\windows\system32\mqtrig.dll
    2009-06-25 18:36 . 2008-11-02 12:57 177152 ----a-w- c:\windows\system32\mqrt.dll
    2009-06-25 18:36 . 2008-11-02 12:57 225280 ----a-w- c:\windows\system32\mqoa.dll
    2009-06-25 18:36 . 2008-11-02 12:57 47104 ----a-w- c:\windows\system32\mqdscli.dll
    2009-06-25 18:36 . 2008-11-02 12:57 16896 ----a-w- c:\windows\system32\mqise.dll
    2009-06-25 18:36 . 2008-11-02 12:57 138240 ----a-w- c:\windows\system32\mqad.dll
    2009-06-25 14:36 . 2009-07-17 13:24 1291640 ----a-w- d:\documents and settings\n\Application Data\Mozilla\Firefox\Profiles\bewerzgr.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
    2009-06-25 14:36 . 2009-07-17 13:24 729088 ----a-w- d:\documents and settings\n\Application Data\Mozilla\Firefox\Profiles\bewerzgr.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
    2009-06-22 11:49 . 2008-11-02 12:57 19968 ----a-w- c:\windows\system32\mqbkup.exe
    2009-06-22 11:49 . 2008-11-02 12:57 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
    2009-06-22 11:49 . 2008-11-02 12:57 4608 ----a-w- c:\windows\system32\mqsvc.exe
    2009-06-22 11:48 . 2008-11-02 12:57 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
    2009-06-16 14:54 . 2008-11-02 12:57 82432 ----a-w- c:\windows\system32\fontsub.dll
    2009-06-16 14:54 . 2008-11-02 12:57 119808 ----a-w- c:\windows\system32\t2embed.dll
    2009-06-15 11:33 . 2008-11-02 12:57 78848 ----a-w- c:\windows\system32\telnet.exe
    2009-06-15 11:32 . 2008-11-02 12:57 82944 ----a-w- c:\windows\system32\tlntsess.exe
    2009-06-10 14:23 . 2008-11-02 12:57 85504 ----a-w- c:\windows\system32\avifil32.dll
    2009-06-10 06:30 . 2008-11-02 12:57 132096 ----a-w- c:\windows\system32\wkssvc.dll
    2009-06-06 16:57 . 2009-06-06 16:57 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
    2009-06-05 07:46 . 2008-11-02 12:57 655872 ----a-w- c:\windows\system32\mstscax.dll
    2009-06-03 19:24 . 2008-11-02 12:57 1297408 ----a-w- c:\windows\system32\quartz.dll
    2007-01-30 20:22 . 2007-01-30 20:22 408665 -c--a-w- c:\program files\instdb.inf
    2007-01-30 20:22 . 2007-01-30 20:22 52876 -c--a-w- c:\program files\setup.log
    2007-01-30 20:22 . 2007-01-30 20:22 773 ----a-w- c:\program files\OFFICE One 6.5.lnk
    2007-01-30 20:22 . 2007-01-30 20:22 761 ----a-w- c:\program files\OFFICE One Setup.lnk
    2004-03-08 05:00 . 2004-03-08 05:00 7 -c--a-w- c:\program files\ooversion.txt
    2004-03-08 05:00 . 2004-03-08 05:00 20680 -c--a-w- c:\program files\license.txt
    2004-03-08 05:00 . 2004-03-08 05:00 17 -c--a-w- c:\program files\license.html
    2004-03-08 05:00 . 2004-03-08 05:00 15 -c--a-w- c:\program files\readme.txt
    2004-03-08 05:00 . 2004-03-08 05:00 0 -c--a-w- c:\program files\readme.html
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-03-18 630784]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATSwpNav"="c:\program files\Fingerprint Sensor\ATSwpNav -run" [X]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
    "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
    "Vade Retro Outlook Express"="c:\progra~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 310272]
    "DetectorApp"="c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
    "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
    "MM_MODULE"="c:\program files\MIC\HAWAII\Hawaii.exe" [2005-11-16 121856]
    "OmniPass"="c:\apps\Softex\OmniPass\scureapp.exe" [2005-08-12 1859584]
    "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
    "F-Secure Manager"="c:\program files\Pack Securite\Common\FSM32.EXE" [2007-04-26 183208]
    "F-Secure TNB"="c:\program files\Pack Securite\FSGUI\TNBUtil.exe" [2007-04-26 740208]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-10-19 286720]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
    "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-10-11 31232]
    "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-08-30 520024]
    "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-18 16207872]
    "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
    "NECHotkey"="mHotkey.exe" - c:\windows\mHotkey.exe [2006-01-11 548864]
    "atwtusb"="atwtusb.exe" - c:\windows\system32\ATWTUSB.EXE [2005-09-21 290816]
    "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]
    "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

    d:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
    PHOTOfunSTUDIO -viewer-.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe [2009-6-28 40960]
    Picture Package Menu.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2008-4-5 151552]
    Picture Package VCD Maker.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2008-4-5 106496]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
    2005-08-12 15:01 49152 ----a-w- c:\apps\Softex\OmniPass\OPXPGina.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    SecurityProviders msapsspc.dll schannel.dll digest.dll msnsspc.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\D:^Documents and Settings^n^Menu Démarrer^Programmes^Démarrage^OFFICE One 6.5.lnk]
    path=d:\documents and settings\n\Menu Démarrer\Programmes\Démarrage\OFFICE One 6.5.lnk
    backup=c:\windows\pss\OFFICE One 6.5.lnkStartup

    [HKLM\~\startupfolder\D:^Documents and Settings^n^Menu Démarrer^Programmes^Démarrage^Yahoo! Widget Engine.lnk]
    path=d:\documents and settings\n\Menu Démarrer\Programmes\Démarrage\Yahoo! Widget Engine.lnk
    backup=c:\windows\pss\Yahoo! Widget Engine.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "d:\\JEUX 2\\empire of sport\\Empire of Sports\\NetworkDiagnostic.exe"=
    "d:\\JEUX 2\\empire of sport\\Empire of Sports\\EmpireOfSports.exe"=
    "d:\\Documents and Settings\\n\\Local Settings\\Application Data\\F4\\ClientUpdater\\ClientUpdater.exe"=
    "c:\\Program Files\\uTorrent\\utorrent.exe"=
    "d:\\JEUX 2\\arma\\ArmADemo\\ArmADemo.exe"=
    "d:\\JEUX 2\\Left 4 Dead\\Left 4 Dead\\left4dead.exe"=
    "d:\\JEUX 2\\BF 1942\\BF1942.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrB.exe"=

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [30/08/2009 20:20 64160]
    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [05/04/2008 22:01 114768]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [05/04/2008 22:01 20560]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [12/01/2009 23:04 210216]
    R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 19:19 13592]
    R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [09/10/2006 08:11 882688]
    R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [09/10/2006 08:13 7040]
    S1 aiptektp;HyperPen;c:\windows\system32\drivers\aiptektp.sys [26/12/2007 18:25 22272]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 1029456]
    S3 CrystalSysInfo;CrystalSysInfo;\??\c:\program files\MediaCoder\SysInfo.sys --> c:\program files\MediaCoder\SysInfo.sys [?]
    S3 MosIrUsb;MosIrUsb.sys;c:\windows\system32\drivers\MosIrUsb.sys [14/04/2004 14:52 20736]
    S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [10/02/2007 05:29 29178224]
    S3 USBModem000;LGE Mobile USB Modem TC;c:\windows\system32\drivers\usbser.sys [02/11/2008 14:57 25600]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    .
    Contents of the 'Scheduled Tasks' folder

    2009-08-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 18:20]

    2009-07-09 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]

    2009-08-31 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
    .
    - - - - ORPHANS REMOVED - - - -

    HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
    HKCU-Run-AdobeBridge - (no file)
    Notify-AtiExtEvent - (no file)
    Notify-dimsntfy - (no file)


    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://google.mini15.com
    uInternet Settings,ProxyOverride = *.local
    LSP: c:\program files\Pack Securite\FSPS\program\FSLSP.DLL
    Trusted Zone: localhost
    DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
    FF - ProfilePath - d:\documents and settings\n\Application Data\Mozilla\Firefox\Profiles\bewerzgr.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FF - prefs.js: browser.search.selectedEngine - Deezer
    FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npitunes.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npnul32.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\nppdf32.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\nppl3260.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin2.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin3.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin4.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin5.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin6.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin7.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\nprpjplug.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npyaxmpb.dll
    FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
    FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npitunes.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
    FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
    FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    FF - plugin: d:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll
    FF - plugin: d:\documents and settings\n\Application Data\Mozilla\Firefox\Profiles\bewerzgr.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-08-31 13:16
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\S-1-5-21-2406763803-1347832285-3105926710-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:9c,26,e4,b7,e2,0e,c6,88,9b,d7,37,60,f4,15,b8,72,c6,d9,60,51,bf,fd,87,
    ca,7f,74,d1,5f,2c,6e,f5,f0,24,3e,53,80,9e,67,9a,c4,d8,dd,bb,2c,15,98,07,ab,\
    "??"=hex:69,3e,43,58,9f,64,ba,75,fe,6b,77,07,2a,78,dd,74

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(844)
    c:\apps\Softex\OmniPass\opxpgina.dll

    - - - - - - - > 'lsass.exe'(904)
    c:\program files\Pack Securite\FSPS\program\FSLSP.DLL

    - - - - - - - > 'explorer.exe'(2852)
    c:\program files\RocketDock\RocketDock.dll
    c:\progra~1\GOTOSO~1\VADERE~1\VrOe_hook.dll
    c:\program files\McAfee\SiteAdvisor\saHook.dll
    c:\apps\Softex\OmniPass\SCUREDLL.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\windows\ehome\ehrecvr.exe
    c:\windows\ehome\ehSched.exe
    c:\program files\Pack Securite\Common\FSMA32.EXE
    c:\program files\Pack Securite\Common\FSMB32.EXE
    c:\program files\Pack Securite\Common\FCH32.EXE
    c:\windows\system32\nvsvc32.exe
    c:\apps\Softex\OmniPass\OmniServ.exe
    c:\windows\system32\PnkBstrA.exe
    c:\windows\system32\PnkBstrB.exe
    c:\program files\Pack Securite\Common\FAMEH32.EXE
    c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    c:\program files\Pack Securite\FSPC\fspc.exe
    c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
    c:\progra~1\COMMON~1\X10\Common\X10nets.exe
    c:\windows\ehome\mcrdsvc.exe
    c:\apps\Softex\OmniPass\OPXPApp.exe
    c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    c:\program files\Alwil Software\Avast4\ashWebSv.exe
    c:\windows\system32\dllhost.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Pack Securite\FSAUA\program\fsaua.exe
    c:\windows\system32\wbem\wmiapsrv.exe
    c:\program files\Pack Securite\FSAUA\program\fsus.exe
    c:\program files\Fingerprint Sensor\ATSwpNav.exe
    c:\program files\Pack Securite\FSGUI\fsguidll.exe
    c:\windows\system32\rundll32.exe
    c:\program files\HP\Digital Imaging\bin\hpqste08.exe
    c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
    c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
    c:\program files\Java\jre1.6.0_05\bin\jucheck.exe
    .
    **************************************************************************
    .
    Completion time: 2009-08-31 13:25 - machine was rebooted
    ComboFix-quarantined-files.txt 2009-08-31 11:25

    Pre-Run: 2 243 522 560 octets libres
    Post-Run: 2 361 311 232 octets libres

    370 --- E O F --- 2009-08-30 17:03



    Merci encore pour ton aide
    Contenus similaires
    a c 295 8 Sécurité
    31 Août 2009 16:25:47

    Bien.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    31 Août 2009 16:32:46

    J'avais passé un coup de mbam juste après combofix (vu qu'il remarchait et que je savais que c'était un très bon antimalware je me suis dit que ça ne pouvait pas faire de mal ... mauvaise initiative ? :/  )

    Il avait trouvé 3 fichiers infectés il a signalé les avoir bien éradiquer mais je n'avais pas fermé mes navigateurs ! (grave ?)

    Je ne trouve pas le rapport sais-tu où ils sont enregistrés ?

    Je refais un autre scan Mbam en ce moment même je t'envoie les résultat dès qu'il est terminé !
    Merci pour ton aide encore !



    Edit : voilà le résultat du second scan par Mbam ... il n'a rien trouvé !

    Malwarebytes' Anti-Malware 1.40
    Version de la base de données: 2721
    Windows 5.1.2600 Service Pack 2

    31/08/2009 16:33:55
    mbam-log-2009-08-31 (16-33-55).txt

    Type de recherche: Examen rapide
    Eléments examinés: 140022
    Temps écoulé: 5 minute(s), 31 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a c 295 8 Sécurité
    31 Août 2009 16:37:06

    Tu peux récupérer le rapport dans l'onglet Rapports/Logs de MBAM.
    31 Août 2009 16:39:31

    Ohh effectivement je l'ai trouvé ! le voici !


    ->

    Malwarebytes' Anti-Malware 1.40
    Version de la base de données: 2720
    Windows 5.1.2600 Service Pack 2

    31/08/2009 13:46:26
    mbam-log-2009-08-31 (13-46-26).txt

    Type de recherche: Examen rapide
    Eléments examinés: 139945
    Temps écoulé: 6 minute(s), 9 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\office one 450 fonts_is1 (Worm.Archive) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\meta4.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    a c 295 8 Sécurité
    31 Août 2009 16:49:52

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Fais analyser ce fichier : c:\windows\system32\drivers\ncbvpesvmxecxvor.sys

  • Sur VirusTotal et poste le lien de l'analyse.
    31 Août 2009 16:54:16

    Voilà ce que VirusTotal me dit :


    Le fichier a déjà été analysé:
    MD5: 25464c6a2a44f3c1f64fe18bb3a407df
    First received: 2006.12.22 14:53:17 UTC
    Date 2009.06.13 06:01:31 UTC [>79D]
    Résultats 0/40
    Permalink: analisis/160fe14a04c81fc94e208850df8283f9a3736840a418ca51babbd6f1056ffbcf-1244872891



    EDIT :j'ai fait l'option re-analyser maintenant et j'attends les résultats !
    31 Août 2009 16:57:55

    Voilà les résultats (en espérant que ça soit bien ça que tu voulais ?) :

    Fichier ncbvpesvmxecxvor.sys reçu le 2009.08.31 14:53:45 (UTC)
    Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
    Résultat: 0/33 (0%)
    en train de charger les informations du serveur...
    Votre fichier est dans la file d'attente, en position: 1.
    L'heure estimée de démarrage est entre 43 et 62 secondes.
    Ne fermez pas la fenêtre avant la fin de l'analyse.
    L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
    Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
    Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
    les résultats seront affichés au fur et à mesure de leur génération.
    Formaté Formaté
    Impression des résultats Impression des résultats
    Votre fichier a expiré ou n'existe pas.
    Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

    Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
    Email:

    Antivirus Version Dernière mise à jour Résultat
    a-squared 4.5.0.24 2009.08.31 -
    AhnLab-V3 5.0.0.2 2009.08.29 -
    AntiVir 7.9.1.7 2009.08.31 -
    Antiy-AVL 2.0.3.7 2009.08.31 -
    Authentium 5.1.2.4 2009.08.31 -
    BitDefender 7.2 2009.08.31 -
    CAT-QuickHeal None 2009.08.31 -
    ClamAV 0.94.1 2009.08.31 -
    Comodo 2124 2009.08.31 -
    DrWeb 5.0.0.12182 2009.08.31 -
    eSafe 7.0.17.0 2009.08.30 -
    eTrust-Vet 31.6.6712 2009.08.31 -
    F-Prot None 2009.08.29 -
    F-Secure 8.0.14470.0 2009.08.31 -
    GData 19 2009.08.31 -
    Ikarus T3.1.1.68.0 2009.08.31 -
    K7AntiVirus 7.10.832 2009.08.31 -
    Kaspersky 7.0.0.125 2009.08.31 -
    McAfee 5725 2009.08.30 -
    McAfee+Artemis 5725 2009.08.30 -
    Microsoft None 2009.08.31 -
    NOD32 4384 2009.08.31 -
    nProtect 2009.1.8.0 2009.08.31 -
    Prevx 3.0 2009.08.31 -
    Rising 21.45.04.00 2009.08.31 -
    Sophos 4.45.0 None.. -
    Sunbelt 3.2.1858.2 2009.08.31 -
    Symantec 1.4.4.12 2009.08.31 -
    TheHacker 6.3.4.3.393 2009.08.31 -
    TrendMicro 8.950.0.1094 2009.08.30 -
    VBA32 None 2009.08.30 -
    ViRobot 2009.8.31.1909 2009.08.31 -
    VirusBuster 4.6.5.0 2009.08.30 -
    Information additionnelle
    File size: 70144 bytes
    MD5...: 25464c6a2a44f3c1f64fe18bb3a407df
    SHA1..: 1b625a1f95cd1e156375953943d6ef1f43bb9915
    SHA256: 160fe14a04c81fc94e208850df8283f9a3736840a418ca51babbd6f1056ffbcf
    ssdeep: 3::
    PEiD..: -
    PEInfo: -
    RDS...: NSRL Reference Data Set
    -
    pdfid.: -
    trid..: OpenGL object (29.2%)
    Lotus 123 Worksheet (generic) (14.6%)
    HSC music composer song (9.2%)
    Game Music Creator Music (8.2%)
    MacBinary 1 header (7.5%)



    EDIT : j'ai réalisé que tu parlais de lien ? donc plutôt un truc genre -> http://www.virustotal.com/fr/analisis/160fe14a04c81fc94...

    ?
    31 Août 2009 17:12:35

    Voilà le fichier est envoyé ! Tu penses qu'il est nocif ?
    Une fois le fichier envoyé sur Mad que faire ?
    a c 295 8 Sécurité
    31 Août 2009 17:18:38

    Citation :
    Voilà le fichier est envoyé ! Tu penses qu'il est nocif ?
    Une fois le fichier envoyé sur Mad que faire ?

    --> On verra si MAD confirme ce que je pense. Supprime le fichier.

    Tu as deux antivirus, il faut en retirer un.

    Plus de souci ?
    31 Août 2009 17:30:48

    Le fichier ne veut pas se supprimer il est déjà utilisé par un tiers programme ! :( 

    Sinon tu me dis que j'ai 2 antivirus ? Pourtant je n'ai installé que Avast ! (quel est l'autre antivirus ? je sais que mon ordi était fournit avec Norton mais je l'avais (mal ?) enlevé !)

    Sinon tout semble bien remarcher je n'ose pas encore faire énormément de choses dans l'attente de ton avis sur la chose.

    Mais je peux d'ors et déjà dire que Avast n'est plus bloqué (il n'est plus question de "mémoire de démarrage infectée" et son bouclier standard rescanne comme auparavant)
    Mbam remarche
    Je ne suis plus redirigé vers de mauvaises pages internet

    Et j'avais également remarqué qu'un processus Iexplorer (pour internet explorer je pense ? ^^) était systématiquement lancé dans le tab processus du gestionnaire de tâches ! j'avais beau y mettre fin il revenait systématiquement ! n'utilisant pas IE (mais firefox) j'ai alors lancé IE qui m'a demandé si je voulais ou non restaurer mes dernières pages ... j'ai eu le malheur de mettre oui résultat -> 137 pages IE ouvertes d'un seul cup et plantage pécé !

    Mais depuis combofix plus de processus Iexplorer et plus de problèmes avec IE !

    Donc tout m'a l'air clean ! Tu en penses quoi ? Faut-il supprimer le fichier que tu penses dangereux ? Comment faire vu qu'un tiers y accède ?
    a c 295 8 Sécurité
    31 Août 2009 17:40:13

    Citation :
    Sinon tu me dis que j'ai 2 antivirus ? Pourtant je n'ai installé que Avast ! (quel est l'autre antivirus ? je sais que mon ordi était fournit avec Norton mais je l'avais (mal ?) enlevé !)

    --> F-Secure.

    Citation :
    Faut-il supprimer le fichier que tu penses dangereux ?

    --> On peut attendre MAD (Réponse dans la soirée normalement).
    31 Août 2009 17:43:16

    F-secure doit être l'antivirus de mon FAI ! je vais tenter de le supprimer !
    Merci encore pour ton aide et okay attendons la réponse de Mad !

    D'après toi c'est sans risques de me connecter à msn ? Car j'ai une discussion importante mais je ne veux quand même pas tenter le diable !
    a c 295 8 Sécurité
    31 Août 2009 17:50:24

    Citation :
    F-secure doit être l'antivirus de mon FAI ! je vais tenter de le supprimer !

    --> Oui sûrement. Par contre, Avast pas top, mieux vaut avoir AntiVir.
    31 Août 2009 18:05:20

    Impossible d'enlever F-Secure je ne trouve rien pour !

    Edit : au passage j'ai réussis à supprimer le fichier que tu suspectais auparavant !
    a c 295 8 Sécurité
    31 Août 2009 19:12:56

    /!\ Seul simant peut suivre cette procédure /!\

    Désactive toute protection résidente (Antivirus...) !

    ---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :

    KillAll::

    Driver::
    FSAUA
    FSMA

    File::
    c:\windows\system32\drivers\ncbvpesvmxecxvor.sys

    Folder::
    c:\program files\Pack Securite

    Registry::
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "F-Secure Manager"=-
    "F-Secure TNB"=-

    ---> Ouvre le Bloc-notes : Démarrer > Tous les programmes > Accessoires > Bloc-notes.

    - Colle (CTRL+V) le texte dans le Bloc-notes.
    - Enregistre ce fichier dans : Bureau
    - Nom du fichier : CFScript
    - Type du fichier : tous les fichiers !!
    - Clique sur Enregistrer.
    - Quitte le Bloc-notes.

    ---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



  • Cela va relancer Combofix : au message qui apparaît, accepte.
  • Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !
  • Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.
  • Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

    ;) 
    1 Septembre 2009 11:55:46

    Bonjour ! Voilà la manip' est effectuée ! Je ne sais pas si le rapport de Combofix dit que le fichier ncbvpesvmxecxvor.sys est supprimé ou pas mais je tient juste à signaler que j'avais réussis à le supprimer finalement hier !

    voilà le rapport et merci encore pour ton aide ! :


    ComboFix 09-08-30.04 - n 01/09/2009 11:27.2.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.2046.1364 [GMT 2:00]
    Running from: d:\documents and settings\n\Bureau\scan.exe.exe
    Command switches used :: d:\documents and settings\n\Bureau\CFScript.txt
    AV: avast! antivirus 4.8.1351 [VPS 090831-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

    FILE ::
    "c:\windows\system32\drivers\ncbvpesvmxecxvor.sys"
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\program files\Pack Securite\Common\admin.pub
    c:\program files\Pack Securite\Common\ALERTS\a26.tmp
    c:\program files\Pack Securite\Common\ALERTS\a3D.tmp
    c:\program files\Pack Securite\Common\ALERTS\a42.tmp
    c:\program files\Pack Securite\Common\ALERTS\a5.tmp
    c:\program files\Pack Securite\Common\ALERTS\a9.tmp
    c:\program files\Pack Securite\Common\AMEHEVN.DLL
    c:\program files\Pack Securite\Common\AMEHLOG.DLL
    c:\program files\Pack Securite\Common\AMEHSMT.DLL
    c:\program files\Pack Securite\Common\AMEHTVL.DLL
    c:\program files\Pack Securite\Common\commdir\commdir.cfg
    c:\program files\Pack Securite\Common\crypto.ini
    c:\program files\Pack Securite\Common\custom\custom1\common\gres.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\advanced\fsavauires.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-cht.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-csy.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-dan.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-deu.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-ell.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-eng.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-esn.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-eti.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-fin.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-fra.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-hun.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-ita.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-nld.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-nor.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-plk.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-ptb.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-ptg.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-rom.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-rus.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-slv.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-sve.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-trk.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres-zhh.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\password\pcpwdres.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\scan_clean\fsavures.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\dialogs\securitynews\fsavvnres.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\flyer\flyer.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-cht.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-csy.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-dan.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-deu.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-ell.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-eng.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-esn.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-eti.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-fin.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-fra.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-hun.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-ita.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-jpn.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-nld.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-nor.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-plk.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-ptb.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-ptg.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-rom.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-rus.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-slv.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-sve.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-trk.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\main\fsavgres-zhh.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\parental\fshttps.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\parental\fspchres.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\parental\fspcinst.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\parental\fspcmsie.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\parental\webroot\images\bmp_pc_arrow.png
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\parental\webroot\images\bmp_pc_flogo.png
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\parental\webroot\images\bmp_pc_shadow.png
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\parental\webroot\pc-ie-kid.htm
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\parental\webroot\pc-ie-teen.htm
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\parental\webroot\pctl-profile.htm
    c:\program files\Pack Securite\Common\custom\custom1\fsgui\plugins\spam\fsscmso.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-csy.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-dan.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-deu.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-ell.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-eng.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-esn.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-fin.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-fra.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-hun.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-ita.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-nld.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-nor.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-plk.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-ptb.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-ptg.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-slv.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-sve.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres-trk.custom
    c:\program files\Pack Securite\Common\custom\custom1\fsma\fsmres.custom
    c:\program files\Pack Securite\Common\custom\custom1\help\helpinst.custom
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_all.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_CriticalWarning.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Errorstate.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_fsdiagui.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Info.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Install.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_ispnews.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_newsmessage.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Progress_100.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Progress_15.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Progress_30.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Progress_45.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Progress_60.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Progress_75.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Progress_90.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_uninstall.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Unloaded.ico
    c:\program files\Pack Securite\Common\custom\custom1\icons\ico_Warning.ico
    c:\program files\Pack Securite\Common\custom\custom1\isp news\ispnews.custom
    c:\program files\Pack Securite\Common\custom\custom1\pics\background.bmp_380x392.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_advanced_591x59.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_advanced_788x72.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_email_scan_rprt_582x60.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_ispnews.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_level_369x60.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_level_492x74.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_main_563x60.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_main_750x74.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_setup_370x60.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_setup_492x74.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_start-up_563x60.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_start-up_750x74.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_tnb_458x60.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_tnb_610x74.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_virus_news_422x60.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_vs_common_422x60.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\banner_wizard_634x90.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\bmp_about_406x259.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\bmp_progressicon_16x16.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\bmp_splash_208x320.bmp
    c:\program files\Pack Securite\Common\custom\custom1\pics\f-securelogo.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\f_icon.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\f_icon_errorstate.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\f_icon_installing.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\f_icon_unloaded.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\f_icon_warning.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\f_icona.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\splash.jpg
    c:\program files\Pack Securite\Common\custom\custom1\pics\sys_tray.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\systray_icon_critical_warning.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\systray_icon_download_progress.gif
    c:\program files\Pack Securite\Common\custom\custom1\pics\tooltip.gif
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-cht.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-csy.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-dan.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-deu.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-ell.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-eng.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-esn.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-eti.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-fin.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-fra.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-hun.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-ita.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-jpn.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-nld.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-nor.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-plk.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-ptb.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-ptg.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-rom.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-rus.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-slv.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-sve.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-trk.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\fsguiins-zhh.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-cht.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-csy.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-dan.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-deu.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-ell.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-eng.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-esn.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-eti.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-fin.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-fra.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-hun.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-ita.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-jpn.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-nld.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-nor.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-plk.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-ptb.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-ptg.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-rom.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-rus.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-slv.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-sve.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-trk.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\setup-zhh.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-csy.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-dan.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-deu.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-ell.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-eng.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-esn.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-fin.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-fra.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-hun.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-ita.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-jpn.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-nld.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-nor.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-plk.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-ptb.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-ptg.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-slv.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-sve.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres-trk.custom
    c:\program files\Pack Securite\Common\custom\custom1\setup\strres.custom
    c:\program files\Pack Securite\Common\custom\custom1\splash\aboutres.custom
    c:\program files\Pack Securite\Common\custom\custom1\start-up wizard\fsswgres.custom
    c:\program files\Pack Securite\Common\custom\custom1\tnb\tnbres.custom
    c:\program files\Pack Securite\Common\custom\uninst.log
    c:\program files\Pack Securite\Common\dfuninst.log
    c:\program files\Pack Securite\Common\FAMEH32.EXE
    c:\program files\Pack Securite\Common\FCH32.EXE
    c:\program files\Pack Securite\Common\filemap.log
    c:\program files\Pack Securite\Common\fs.cr
    c:\program files\Pack Securite\Common\fs_tm.cr
    c:\program files\Pack Securite\Common\FSABOUT.DLL
    c:\program files\Pack Securite\Common\FSABTRES.eng
    c:\program files\Pack Securite\Common\fsav.ini
    c:\program files\Pack Securite\Common\FSAVCS.dpf
    c:\program files\Pack Securite\Common\fsavcsin.dll
    c:\program files\Pack Securite\Common\fsavcsin.log
    c:\program files\Pack Securite\Common\fsbw.dpf
    c:\program files\Pack Securite\Common\FSDIAG.exe
    c:\program files\Pack Securite\Common\fsdiag_fsgui.ini
    c:\program files\Pack Securite\Common\fsdiag_help.ini
    c:\program files\Pack Securite\Common\FSDIAGIN.dll
    c:\program files\Pack Securite\Common\fsdiags.log
    c:\program files\Pack Securite\Common\fsdiagun.log
    c:\program files\Pack Securite\Common\FSEXC.DLL
    c:\program files\Pack Securite\Common\fsfc.ini
    c:\program files\Pack Securite\Common\fsfix.pub
    c:\program files\Pack Securite\Common\FSHDLL32.EXE
    c:\program files\Pack Securite\Common\FSHOTFIX.eng
    c:\program files\Pack Securite\Common\FSHOTFIX.EXE
    c:\program files\Pack Securite\Common\fslapi.dll
    c:\program files\Pack Securite\Common\fslapi64.dll
    c:\program files\Pack Securite\Common\FSLAUNCH.EXE
    c:\program files\Pack Securite\Common\fsld.log
    c:\program files\Pack Securite\Common\fsldin.dll
    c:\program files\Pack Securite\Common\FSM32.EXE
    c:\program files\Pack Securite\Common\FSMA.DPF
    c:\program files\Pack Securite\Common\FSMA_64.DLL
    c:\program files\Pack Securite\Common\FSMA32.DLL
    c:\program files\Pack Securite\Common\FSMA32.EXE
    c:\program files\Pack Securite\Common\FSMA32S.DLL
    c:\program files\Pack Securite\Common\fsmaeng.cnt
    c:\program files\Pack Securite\Common\fsmaeng.hlp
    c:\program files\Pack Securite\Common\FSMAINST.DLL
    c:\program files\Pack Securite\Common\FSMAINST.ENG
    c:\program files\Pack Securite\Common\FSMARES.eng
    c:\program files\Pack Securite\Common\FSMAUI32.DLL
    c:\program files\Pack Securite\Common\FSMAUNIN.DLL
    c:\program files\Pack Securite\Common\FSMAURES.eng
    c:\program files\Pack Securite\Common\FSMB32.EXE
    c:\program files\Pack Securite\Common\FSMRES.eng
    c:\program files\Pack Securite\Common\fsms.ini
    c:\program files\Pack Securite\Common\fspc.cr
    c:\program files\Pack Securite\Common\FSPC.dpf
    c:\program files\Pack Securite\Common\fspc.ini
    c:\program files\Pack Securite\Common\fspcres.ENG
    c:\program files\Pack Securite\Common\fspcres.ENG.xml
    c:\program files\Pack Securite\Common\fspm95.vxd
    c:\program files\Pack Securite\Common\FSPMAPI.DLL
    c:\program files\Pack Securite\Common\FSPMAPI_64.DLL
    c:\program files\Pack Securite\Common\FSPMENG.DLL
    c:\program files\Pack Securite\Common\fssc.ini
    c:\program files\Pack Securite\Common\fsws.bar
    c:\program files\Pack Securite\Common\fswscs.dll
    c:\program files\Pack Securite\Common\History\ha.bpf
    c:\program files\Pack Securite\Common\History\index.txt
    c:\program files\Pack Securite\Common\ILAUNCHR.EXE
    c:\program files\Pack Securite\Common\LogFile.log
    c:\program files\Pack Securite\Common\policy.bpf
    c:\program files\Pack Securite\Common\policy.ipf
    c:\program files\Pack Securite\Common\policy.ipf.bak
    c:\program files\Pack Securite\Common\POLUTIL.EXE
    c:\program files\Pack Securite\Common\support.ini
    c:\program files\Pack Securite\Common\teceif.tvl
    c:\program files\Pack Securite\config.xml.P00000424
    c:\program files\Pack Securite\DAAS\ca.pub
    c:\program files\Pack Securite\DAAS\daas.dll
    c:\program files\Pack Securite\DAAS\daasinst.dll
    c:\program files\Pack Securite\DAAS\daasinst.log
    c:\program files\Pack Securite\DAAS\fsclm.dll
    c:\program files\Pack Securite\FSAUA\bwstate__80
    c:\program files\Pack Securite\FSAUA\bwstate_neuf.sp.f-secure.com_80
    c:\program files\Pack Securite\FSAUA\content\60PolicyUpdate_PSC7AFA\1\1.bpf
    c:\program files\Pack Securite\FSAUA\content\60PolicyUpdate_PSC7AFA\1\info.iad
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\config.xml
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\info.iad
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\META-INF\admin.dfs
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\META-INF\admin.sf
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\META-INF\MANIFEST.MF
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\package.ini
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\common\gres.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\custinfo.ini
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\custinstall.exe
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\custsetup.exe
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\advanced\fsavauires.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-cht.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-csy.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-dan.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-deu.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-ell.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-eng.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-esn.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-eti.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-fin.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-fra.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-hun.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-ita.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-nld.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-nor.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-plk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-ptb.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-ptg.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-rom.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-rus.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-slv.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-sve.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-trk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres-zhh.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\password\pcpwdres.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\scan_clean\fsavures.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\dialogs\securitynews\fsavvnres.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\flyer\flyer.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-cht.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-csy.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-dan.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-deu.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-ell.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-eng.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-esn.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-eti.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-fin.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-fra.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-hun.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-ita.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-jpn.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-nld.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-nor.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-plk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-ptb.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-ptg.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-rom.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-rus.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-slv.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-sve.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-trk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\main\fsavgres-zhh.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\parental\fshttps.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\parental\fspchres.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\parental\fspcinst.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\parental\fspcmsie.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\parental\webroot\images\bmp_pc_arrow.png
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\parental\webroot\images\bmp_pc_flogo.png
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\parental\webroot\images\bmp_pc_shadow.png
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\parental\webroot\pc-ie-kid.htm
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\parental\webroot\pc-ie-teen.htm
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\parental\webroot\pctl-profile.htm
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsgui\plugins\spam\fsscmso.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsisu.dll
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsisu95.dll
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsisunt.dll
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-csy.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-dan.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-deu.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-ell.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-eng.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-esn.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-fin.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-fra.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-hun.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-ita.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-nld.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-nor.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-plk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-ptb.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-ptg.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-slv.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-sve.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres-trk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\fsma\fsmres.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\help\helpinst.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_all.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_CriticalWarning.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Errorstate.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_fsdiagui.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Info.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Install.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_ispnews.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_newsmessage.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Progress_100.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Progress_15.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Progress_30.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Progress_45.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Progress_60.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Progress_75.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Progress_90.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_uninstall.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Unloaded.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\icons\ico_Warning.ico
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\isp news\ispnews.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\background.bmp_380x392.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_advanced_591x59.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_advanced_788x72.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_email_scan_rprt_582x60.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_ispnews.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_level_369x60.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_level_492x74.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_main_563x60.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_main_750x74.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_setup_370x60.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_setup_492x74.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_start-up_563x60.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_start-up_750x74.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_tnb_458x60.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_tnb_610x74.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_virus_news_422x60.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_vs_common_422x60.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\banner_wizard_634x90.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\bmp_about_406x259.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\bmp_progressicon_16x16.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\bmp_splash_208x320.bmp
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\f-securelogo.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\f_icon.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\f_icon_errorstate.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\f_icon_installing.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\f_icon_unloaded.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\f_icon_warning.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\f_icona.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\splash.jpg
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\sys_tray.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\systray_icon_critical_warning.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\systray_icon_download_progress.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\pics\tooltip.gif
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\prodsett.ini
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-cht.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-csy.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-dan.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-deu.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-ell.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-eng.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-esn.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-eti.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-fin.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-fra.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-hun.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-ita.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-jpn.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-nld.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-nor.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-plk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-ptb.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-ptg.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-rom.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-rus.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-slv.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-sve.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-trk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\fsguiins-zhh.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-cht.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-csy.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-dan.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-deu.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-ell.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-eng.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-esn.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-eti.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-fin.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-fra.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-hun.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-ita.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-jpn.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-nld.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-nor.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-plk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-ptb.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-ptg.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-rom.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-rus.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-slv.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-sve.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-trk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\setup-zhh.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-csy.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-dan.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-deu.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-ell.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-eng.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-esn.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-fin.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-fra.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-hun.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-ita.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-jpn.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-nld.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-nor.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-plk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-ptb.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-ptg.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-slv.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-sve.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres-trk.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\setup\strres.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\splash\aboutres.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\start-up wizard\fsswgres.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\tnb\tnbres.custom
    c:\program files\Pack Securite\FSAUA\content\70CustomResources_PSC7AFA\1\program\tnbconf.ini
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\bootstrap\fsihcomp.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\bootstrap\fsihs.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\bootstrap\fstnb.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\bootstrap\ih8.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\bootstrap\ih8run.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\bootstrap\kleztool.com
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\bootstrap\qklez.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\bootstrap\setup.bmp
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\config.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\aawrm.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\cscozarm.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\dfwunin.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\fsavunin.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\fsprodrm.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\fsremoval.ini
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\fssg.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\fssg.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\fssg_cfg.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\fssgsup.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\fsssinst.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\igpsdet.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\mcafeerm.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\nicrm.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\sophosrm.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\symav9.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\symav9_10.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\trendrm.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\fssg\vsrm.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\preconfig.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\customref.ini
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\fslapi.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\fssetup.customref.ini
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\gres.dll
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.chs.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.cht.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.csy.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.dan.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.deu.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.ell.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.eng.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.esn.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.eti.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.fin.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.fra.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.hun.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.ita.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.jpn.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.nld.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.nor.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.plk.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.ptb.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.ptg.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.rom.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.rus.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.slv.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.sve.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.trk.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\license.zhh.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUI.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIMngr.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.chs.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.cht.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.csy.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.dan.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.deu.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.ell.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.eng
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.eng.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.esn.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.eti.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.fin.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.fra.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.hun.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.ita.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.jpn.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.nld.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.nor.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.plk.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.ptb.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.ptg.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.rom.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.rus.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.slv.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.sve.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.trk.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\setupgui\SetupGUIres.zhh.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\wil.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\configuration\writespid.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\info.iad
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\config.xml
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\info.iad
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\META-INF\admin.dfs
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\META-INF\admin.sf
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\META-INF\MANIFEST.MF
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\package.ini
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\common\gres.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\custinfo.ini
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\custinstall.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\custsetup.exe
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\advanced\fsavauires.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-cht.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-csy.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-dan.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-deu.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-ell.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-eng.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-esn.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-eti.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-fin.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-fra.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-hun.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-ita.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-nld.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-nor.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-plk.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-ptb.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-ptg.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-rom.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-rus.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-slv.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-sve.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-trk.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres-zhh.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\password\pcpwdres.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\scan_clean\fsavures.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\dialogs\securitynews\fsavvnres.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\flyer\flyer.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-cht.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-csy.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-dan.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-deu.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-ell.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-eng.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-esn.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-eti.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-fin.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-fra.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-hun.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-ita.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-jpn.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-nld.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-nor.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-plk.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-ptb.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-ptg.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-rom.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-rus.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-slv.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-sve.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-trk.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\main\fsavgres-zhh.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\plugins\parental\fshttps.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\plugins\parental\fspchres.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\plugins\parental\fspcinst.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\plugins\parental\fspcmsie.custom
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\plugins\parental\webroot\images\bmp_pc_arrow.png
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\plugins\parental\webroot\images\bmp_pc_flogo.png
    c:\program files\Pack Securite\FSAUA\content\70Software_PSC7AFA\1\infopaks\customization\program\fsgui\plugins\parental\webroot\images\bmp_pc_shado
    1 Septembre 2009 12:00:05

    bon bon il est trop long pour le message donc je post la fin ici ...

    (ça va faire encore trop long du coup je ne mets pas le reste de la suppression du dossier pack sécurité ... elle s'est bien passée !)

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_FSAUA
    -------\Legacy_FSMA
    -------\Service_FSAUA
    -------\Service_FSMA


    ((((((((((((((((((((((((( Files Created from 2009-08-01 to 2009-09-01 )))))))))))))))))))))))))))))))
    .

    2009-08-31 15:53 . 2009-08-31 15:53 -------- d-----w- C:\rsit
    2009-08-30 20:05 . 2009-08-30 20:05 -------- d-----w- c:\windows\ERUNT
    2009-08-30 18:33 . 2009-08-30 18:20 15688 ----a-w- c:\windows\system32\lsdelete.exe
    2009-08-30 18:31 . 2009-08-30 18:31 -------- d-----w- d:\documents and settings\LocalService\Bureau
    2009-08-30 18:18 . 2009-01-18 21:43 2892112 -c--a-w- d:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
    2009-08-30 18:18 . 2009-08-30 18:18 -------- dc-h--w- d:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
    2009-08-30 18:18 . 2009-08-30 18:20 -------- d-----w- d:\documents and settings\All Users\Application Data\Lavasoft
    2009-08-30 12:53 . 2009-08-30 12:53 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
    2009-08-19 09:10 . 2009-08-19 09:10 -------- d-----w- C:\Fraps
    2009-08-13 17:01 . 2009-08-13 17:01 -------- d-----w- c:\windows\ServicePackFiles
    2009-08-13 08:49 . 2009-06-05 07:46 655872 ------w- c:\windows\system32\dllcache\mstscax.dll
    2009-08-05 09:06 . 2009-08-05 09:06 205312 ------w- c:\windows\system32\dllcache\mswebdvd.dll
    2009-08-03 21:58 . 2009-08-03 21:58 -------- d-----w- d:\documents and settings\n\Local Settings\Application Data\PCHealth
    2009-08-02 20:09 . 2009-08-02 20:09 -------- d-sh--w- d:\documents and settings\NetworkService\IETldCache
    2009-08-02 16:25 . 2009-08-02 17:11 -------- d-----w- C:\render
    2009-08-02 16:18 . 2009-08-02 16:18 -------- d-----w- d:\documents and settings\n\Application Data\Blender Foundation
    2009-08-02 15:59 . 2009-08-02 16:09 -------- d-----w- c:\program files\MagicISO

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-09-01 09:40 . 2007-07-02 12:03 -------- d-----w- c:\program files\Pack Securite
    2009-08-31 16:57 . 2008-04-27 07:59 -------- d-----w- c:\program files\Microsoft SQL Server
    2009-08-31 11:03 . 2007-05-23 14:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2009-08-31 10:48 . 2007-05-23 14:35 -------- d-----w- d:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2009-08-31 09:40 . 2008-08-26 17:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-08-30 18:18 . 2007-05-24 15:55 -------- d-----w- c:\program files\Lavasoft
    2009-08-30 17:38 . 2004-09-23 16:12 557450 ----a-w- c:\windows\system32\perfh00C.dat
    2009-08-30 17:38 . 2004-09-23 16:12 102648 ----a-w- c:\windows\system32\perfc00C.dat
    2009-08-27 17:55 . 2007-09-08 13:49 -------- d-----w- d:\documents and settings\n\Application Data\teamspeak2
    2009-08-25 18:37 . 2008-09-19 14:43 -------- d-----w- d:\documents and settings\n\Application Data\Audacity
    2009-08-25 17:48 . 2008-04-26 16:47 -------- d---a-w- d:\documents and settings\All Users\Application Data\TEMP
    2009-08-25 10:17 . 2007-08-19 17:26 -------- d-----w- d:\documents and settings\n\Application Data\OpenOffice.org2
    2009-08-22 09:33 . 2007-04-10 17:15 -------- d-----w- c:\program files\Lionhead Studios Ltd
    2009-08-17 16:10 . 2007-07-06 10:20 1279456 ----a-w- c:\windows\system32\aswBoot.exe
    2009-08-17 16:06 . 2007-07-06 10:20 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
    2009-08-17 16:06 . 2007-07-06 10:20 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
    2009-08-17 16:05 . 2008-04-05 20:01 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2009-08-17 16:05 . 2008-04-05 20:01 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2009-08-17 16:04 . 2007-07-06 10:20 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2009-08-17 16:04 . 2007-07-06 10:20 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2009-08-17 16:03 . 2007-07-06 10:20 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
    2009-08-17 16:02 . 2007-07-06 10:20 97480 ----a-w- c:\windows\system32\AvastSS.scr
    2009-08-05 09:06 . 2008-11-02 12:57 205312 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-08-03 14:30 . 2008-07-16 10:24 -------- d-----w- d:\documents and settings\n\Application Data\Apple Computer
    2009-08-03 11:36 . 2008-08-26 17:02 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-08-03 11:36 . 2008-08-26 17:02 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-08-02 09:05 . 2009-08-02 09:05 -------- d-----w- d:\documents and settings\LocalService\Application Data\DivX
    2009-08-01 21:31 . 2009-08-01 21:31 -------- d-----w- c:\program files\K-Lite Codec Pack
    2009-08-01 21:28 . 2006-10-09 06:26 -------- d-----w- c:\program files\Fichiers communs\Real
    2009-08-01 21:05 . 2009-08-01 21:05 -------- d-----w- c:\program files\CamStudio
    2009-08-01 10:48 . 2009-08-01 10:48 -------- d-----w- c:\program files\bobyte
    2009-07-31 13:40 . 2009-07-31 13:40 -------- d-----w- c:\program files\Microsoft Silverlight
    2009-07-30 16:59 . 2009-04-24 17:56 -------- d-----w- d:\documents and settings\n\Application Data\HPAppData
    2009-07-17 18:56 . 2008-11-02 12:57 58880 ----a-w- c:\windows\system32\atl.dll
    2009-07-17 16:19 . 2009-05-15 19:46 139016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2009-07-17 16:18 . 2009-05-15 19:46 189488 ----a-w- c:\windows\system32\PnkBstrB.exe
    2009-07-17 13:43 . 2009-05-15 19:46 139152 ----a-w- d:\documents and settings\n\Application Data\PnkBstrK.sys
    2009-07-17 13:43 . 2009-05-15 19:46 139152 ----a-w- d:\documents and settings\n\Application Data\PnkBstrK.sys
    2009-07-17 13:43 . 2009-05-15 19:45 794408 ----a-w- c:\windows\system32\pbsvc.exe
    2009-07-13 21:43 . 2004-09-23 16:13 286208 ----a-w- c:\windows\system32\wmpdxm.dll
    2009-07-03 16:57 . 2004-09-23 16:11 915456 ------w- c:\windows\system32\wininet.dll
    2009-06-29 10:10 . 2007-08-23 11:35 211400 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
    2009-06-25 18:36 . 2008-11-02 12:57 517120 ----a-w- c:\windows\system32\mqsnap.dll
    2009-06-25 18:36 . 2008-11-02 12:57 123392 ----a-w- c:\windows\system32\mqrtdep.dll
    2009-06-25 18:36 . 2008-11-02 12:57 95744 ----a-w- c:\windows\system32\mqsec.dll
    2009-06-25 18:36 . 2008-11-02 12:57 661504 ----a-w- c:\windows\system32\mqqm.dll
    2009-06-25 18:36 . 2008-11-02 12:57 527360 ----a-w- c:\windows\system32\mqutil.dll
    2009-06-25 18:36 . 2008-11-02 12:57 48640 ----a-w- c:\windows\system32\mqupgrd.dll
    2009-06-25 18:36 . 2008-11-02 12:57 186880 ----a-w- c:\windows\system32\mqtrig.dll
    2009-06-25 18:36 . 2008-11-02 12:57 177152 ----a-w- c:\windows\system32\mqrt.dll
    2009-06-25 18:36 . 2008-11-02 12:57 225280 ----a-w- c:\windows\system32\mqoa.dll
    2009-06-25 18:36 . 2008-11-02 12:57 47104 ----a-w- c:\windows\system32\mqdscli.dll
    2009-06-25 18:36 . 2008-11-02 12:57 16896 ----a-w- c:\windows\system32\mqise.dll
    2009-06-25 18:36 . 2008-11-02 12:57 138240 ----a-w- c:\windows\system32\mqad.dll
    2009-06-25 14:36 . 2009-07-17 13:24 1291640 ----a-w- d:\documents and settings\n\Application Data\Mozilla\Firefox\Profiles\bewerzgr.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
    2009-06-25 14:36 . 2009-07-17 13:24 729088 ----a-w- d:\documents and settings\n\Application Data\Mozilla\Firefox\Profiles\bewerzgr.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
    2009-06-25 08:18 . 2008-11-02 12:57 56320 ----a-w- c:\windows\system32\secur32.dll
    2009-06-25 08:18 . 2008-11-02 12:57 59392 ----a-w- c:\windows\system32\wdigest.dll
    2009-06-25 08:18 . 2008-11-02 12:57 168448 ----a-w- c:\windows\system32\schannel.dll
    2009-06-25 08:18 . 2008-11-02 12:57 136192 ----a-w- c:\windows\system32\msv1_0.dll
    2009-06-25 08:18 . 2008-11-02 12:57 736256 ----a-w- c:\windows\system32\lsasrv.dll
    2009-06-25 08:18 . 2008-11-02 12:57 301568 ----a-w- c:\windows\system32\kerberos.dll
    2009-06-22 11:49 . 2008-11-02 12:57 19968 ----a-w- c:\windows\system32\mqbkup.exe
    2009-06-22 11:49 . 2008-11-02 12:57 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
    2009-06-22 11:49 . 2008-11-02 12:57 4608 ----a-w- c:\windows\system32\mqsvc.exe
    2009-06-22 11:48 . 2008-11-02 12:57 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
    2009-06-22 11:35 . 2008-11-02 12:57 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2009-06-16 14:54 . 2008-11-02 12:57 82432 ----a-w- c:\windows\system32\fontsub.dll
    2009-06-16 14:54 . 2008-11-02 12:57 119808 ----a-w- c:\windows\system32\t2embed.dll
    2009-06-15 11:33 . 2008-11-02 12:57 78848 ----a-w- c:\windows\system32\telnet.exe
    2009-06-15 11:32 . 2008-11-02 12:57 82944 ----a-w- c:\windows\system32\tlntsess.exe
    2009-06-10 14:23 . 2008-11-02 12:57 85504 ----a-w- c:\windows\system32\avifil32.dll
    2009-06-10 06:30 . 2008-11-02 12:57 132096 ----a-w- c:\windows\system32\wkssvc.dll
    2009-06-06 16:57 . 2009-06-06 16:57 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
    2009-06-05 07:46 . 2008-11-02 12:57 655872 ----a-w- c:\windows\system32\mstscax.dll
    2009-06-03 19:24 . 2008-11-02 12:57 1297408 ----a-w- c:\windows\system32\quartz.dll
    2007-01-30 20:22 . 2007-01-30 20:22 408665 -c--a-w- c:\program files\instdb.inf
    2007-01-30 20:22 . 2007-01-30 20:22 52876 -c--a-w- c:\program files\setup.log
    2007-01-30 20:22 . 2007-01-30 20:22 773 ----a-w- c:\program files\OFFICE One 6.5.lnk
    2007-01-30 20:22 . 2007-01-30 20:22 761 ----a-w- c:\program files\OFFICE One Setup.lnk
    2004-03-08 05:00 . 2004-03-08 05:00 7 -c--a-w- c:\program files\ooversion.txt
    2004-03-08 05:00 . 2004-03-08 05:00 20680 -c--a-w- c:\program files\license.txt
    2004-03-08 05:00 . 2004-03-08 05:00 17 -c--a-w- c:\program files\license.html
    2004-03-08 05:00 . 2004-03-08 05:00 15 -c--a-w- c:\program files\readme.txt
    2004-03-08 05:00 . 2004-03-08 05:00 0 -c--a-w- c:\program files\readme.html
    .

    ((((((((((((((((((((((((((((( SnapShot@2009-08-31_11.16.52 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2009-09-01 08:58 . 2009-09-01 08:58 16384 c:\windows\Temp\Perflib_Perfdata_f8.dat
    - 2009-08-31 11:14 . 2009-08-31 11:14 16384 c:\windows\Temp\Perflib_Perfdata_714.dat
    + 2009-09-01 09:41 . 2009-09-01 09:41 16384 c:\windows\Temp\Perflib_Perfdata_714.dat
    + 2009-06-25 08:18 . 2009-06-25 08:18 59392 c:\windows\system32\dllcache\wdigest.dll
    + 2009-02-03 20:10 . 2009-06-25 08:18 56320 c:\windows\system32\dllcache\secur32.dll
    + 2009-06-22 11:35 . 2009-06-22 11:35 92544 c:\windows\system32\dllcache\ksecdd.sys
    + 2008-11-02 12:57 . 2009-02-06 18:46 408064 c:\windows\system32\netlogon.dll
    + 2008-11-02 12:57 . 2009-06-25 08:18 168448 c:\windows\system32\dllcache\schannel.dll
    + 2009-02-06 18:46 . 2009-02-06 18:46 408064 c:\windows\system32\dllcache\netlogon.dll
    + 2009-06-25 08:18 . 2009-06-25 08:18 136192 c:\windows\system32\dllcache\msv1_0.dll
    + 2008-11-02 12:57 . 2009-06-25 08:18 736256 c:\windows\system32\dllcache\lsasrv.dll
    + 2009-06-25 08:18 . 2009-06-25 08:18 301568 c:\windows\system32\dllcache\kerberos.dll
    + 2009-08-31 16:55 . 2009-08-31 16:55 817152 c:\windows\Installer\119bb9e.msi
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-03-18 630784]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATSwpNav"="c:\program files\Fingerprint Sensor\ATSwpNav -run" [X]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
    "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
    "Vade Retro Outlook Express"="c:\progra~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 310272]
    "DetectorApp"="c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
    "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
    "MM_MODULE"="c:\program files\MIC\HAWAII\Hawaii.exe" [2005-11-16 121856]
    "OmniPass"="c:\apps\Softex\OmniPass\scureapp.exe" [2005-08-12 1859584]
    "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-10-19 286720]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
    "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-10-11 31232]
    "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-08-30 520024]
    "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-18 16207872]
    "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
    "NECHotkey"="mHotkey.exe" - c:\windows\mHotkey.exe [2006-01-11 548864]
    "atwtusb"="atwtusb.exe" - c:\windows\system32\ATWTUSB.EXE [2005-09-21 290816]
    "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]
    "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

    d:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
    PHOTOfunSTUDIO -viewer-.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe [2009-6-28 40960]
    Picture Package Menu.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2008-4-5 151552]
    Picture Package VCD Maker.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2008-4-5 106496]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
    2005-08-12 15:01 49152 ----a-w- c:\apps\Softex\OmniPass\OPXPGina.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\D:^Documents and Settings^n^Menu Démarrer^Programmes^Démarrage^OFFICE One 6.5.lnk]
    path=d:\documents and settings\n\Menu Démarrer\Programmes\Démarrage\OFFICE One 6.5.lnk
    backup=c:\windows\pss\OFFICE One 6.5.lnkStartup

    [HKLM\~\startupfolder\D:^Documents and Settings^n^Menu Démarrer^Programmes^Démarrage^Yahoo! Widget Engine.lnk]
    path=d:\documents and settings\n\Menu Démarrer\Programmes\Démarrage\Yahoo! Widget Engine.lnk
    backup=c:\windows\pss\Yahoo! Widget Engine.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "d:\\JEUX 2\\empire of sport\\Empire of Sports\\NetworkDiagnostic.exe"=
    "d:\\JEUX 2\\empire of sport\\Empire of Sports\\EmpireOfSports.exe"=
    "d:\\Documents and Settings\\n\\Local Settings\\Application Data\\F4\\ClientUpdater\\ClientUpdater.exe"=
    "c:\\Program Files\\uTorrent\\utorrent.exe"=
    "d:\\JEUX 2\\arma\\ArmADemo\\ArmADemo.exe"=
    "d:\\JEUX 2\\Left 4 Dead\\Left 4 Dead\\left4dead.exe"=
    "d:\\JEUX 2\\BF 1942\\BF1942.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "c:\\WINDOWS\\system32\\PnkBstrB.exe"=

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [30/08/2009 20:20 64160]
    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [05/04/2008 22:01 114768]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [05/04/2008 22:01 20560]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34 1029456]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [12/01/2009 23:04 210216]
    R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 19:19 13592]
    R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [09/10/2006 08:11 882688]
    R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [09/10/2006 08:13 7040]
    S1 aiptektp;HyperPen;c:\windows\system32\drivers\aiptektp.sys [26/12/2007 18:25 22272]
    S3 CrystalSysInfo;CrystalSysInfo;\??\c:\program files\MediaCoder\SysInfo.sys --> c:\program files\MediaCoder\SysInfo.sys [?]
    S3 MosIrUsb;MosIrUsb.sys;c:\windows\system32\drivers\MosIrUsb.sys [14/04/2004 14:52 20736]
    S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [10/02/2007 05:29 29178224]
    S3 USBModem000;LGE Mobile USB Modem TC;c:\windows\system32\drivers\usbser.sys [02/11/2008 14:57 25600]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    .
    Contents of the 'Scheduled Tasks' folder

    2009-08-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 18:20]

    2009-07-09 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]

    2009-09-01 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://google.mini15.com
    uInternet Settings,ProxyOverride = *.local
    Trusted Zone: localhost
    DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
    FF - ProfilePath - d:\documents and settings\n\Application Data\Mozilla\Firefox\Profiles\bewerzgr.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FF - prefs.js: browser.search.selectedEngine - Deezer
    FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npitunes.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npnul32.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\nppdf32.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\nppl3260.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin2.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin3.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin4.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin5.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin6.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin7.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\nprpjplug.dll
    FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npyaxmpb.dll
    FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
    FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npitunes.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
    FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
    FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    FF - plugin: d:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll
    FF - plugin: d:\documents and settings\n\Application Data\Mozilla\Firefox\Profiles\bewerzgr.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-01 11:43
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\S-1-5-21-2406763803-1347832285-3105926710-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:9c,26,e4,b7,e2,0e,c6,88,9b,d7,37,60,f4,15,b8,72,c6,d9,60,51,bf,fd,87,
    ca,7f,74,d1,5f,2c,6e,f5,f0,24,3e,53,80,9e,67,9a,c4,d8,dd,bb,2c,15,98,07,ab,\
    "??"=hex:69,3e,43,58,9f,64,ba,75,fe,6b,77,07,2a,78,dd,74

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(844)
    c:\apps\Softex\OmniPass\opxpgina.dll

    - - - - - - - > 'explorer.exe'(2656)
    c:\program files\RocketDock\RocketDock.dll
    c:\progra~1\GOTOSO~1\VADERE~1\VrOe_hook.dll
    c:\program files\McAfee\SiteAdvisor\saHook.dll
    c:\apps\Softex\OmniPass\SCUREDLL.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\windows\ehome\ehrecvr.exe
    c:\windows\ehome\ehSched.exe
    c:\windows\system32\nvsvc32.exe
    c:\apps\Softex\OmniPass\OmniServ.exe
    c:\windows\system32\PnkBstrA.exe
    c:\windows\system32\PnkBstrB.exe
    c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
    c:\progra~1\COMMON~1\X10\Common\X10nets.exe
    c:\windows\ehome\mcrdsvc.exe
    c:\apps\Softex\OmniPass\OPXPApp.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    c:\program files\Alwil Software\Avast4\ashWebSv.exe
    c:\windows\system32\dllhost.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Fingerprint Sensor\ATSwpNav.exe
    c:\windows\system32\rundll32.exe
    c:\program files\HP\Digital Imaging\bin\hpqste08.exe
    c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
    c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
    c:\program files\Java\jre1.6.0_05\bin\jucheck.exe
    .
    **************************************************************************
    .
    Completion time: 2009-09-01 11:51 - machine was rebooted
    ComboFix-quarantined-files.txt 2009-09-01 09:51
    ComboFix2.txt 2009-08-31 11:25

    Pre-Run: 2 275 856 384 octets libres
    Post-Run: 2 175 492 096 octets libres

    2811 --- E O F --- 2009-09-01 08:54
    1 Septembre 2009 12:02:48

    d'après toi :
    mon infection est bel et bien réglée ?
    il y a d'autre truc dont je pourrais me passer lors du démarrage de windows (qui est très long !) ?
    Vois-tu pourquoi ce démarrage windows est si long ?
    Tu changerais Avast contre Antivir ?

    Merci d'avance pour les réponses ! Dit moi quand je pourrais mettre "résolu"

    Pour le moment tout roule mais j'attends quand même tes indications pour être sûr !
    a c 295 8 Sécurité
    1 Septembre 2009 13:48:16

  • Menu Démarrer > Exécuter > Tape combofix /u et valide.

    Citation :
    mon infection est bel et bien réglée ?

    --> Il semblerait.

    Citation :
    il y a d'autre truc dont je pourrais me passer lors du démarrage de windows (qui est très long !) ?
    Vois-tu pourquoi ce démarrage windows est si long ?

    --> Depuis quand ?

    Citation :
    Tu changerais Avast contre Antivir ?

    --> C'est déjà fait.
    1 Septembre 2009 14:01:02

    Cool je te remercie !

    Sinon mon ordi est lent au démarrage depuis son acquisition ! (c'est un packard bell , 3 ans d'age , Core 2 duo 2ghz , 2 giga de ram , XP SP 2 , environ 500 go de disque dur utilisé une carte graphique Nvidia 8800 GTX (même si je pense que ça change rien ^^)

    tu vois des programmes au démarrage inutile ? Des astuces pour qu'il soit plus rapide ?


    sinon quand je te demandais si tu changerais Avast contre Antivir je voulais avoir ton avis ... quels sont les avantages de Antivir et surtout est-il toujours en Anglais ? (J'ai pas trop de mal avec l'Anglais mais bon dans la précipitation en cas de virus ...) comment passer de Avast à Antivir etc etc ...

    sinon tu penses que je peux mettre résolu ?
    J'ai repassé un coup de Mbam un coup d'avast et rien d'anormal ... je peux remettre Spybot et TeaTimer (que j'avais enlevé pour Combofix) ?
    a c 295 8 Sécurité
    1 Septembre 2009 14:12:08

    Poste un nouveau rapport HijackThis.

    AntiVir est en français. Il reconnaît les nouvelles infections plus rapidement qu'Avast. Le seul truc que je trouve embêtant, c'est le popup AntiVir à chaque mise à jour mais c'est désactivable.
    1 Septembre 2009 14:17:37

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:16:49, on 01/09/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Apps\Softex\OmniPass\Omniserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Apps\Softex\OmniPass\OPXPApp.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\mHotkey.exe
    C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
    C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
    C:\Program Files\MIC\HAWAII\Hawaii.exe
    C:\Apps\Softex\OmniPass\scureapp.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    D:\Documents and Settings\n\Bureau\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
    O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
    O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [MM_MODULE] C:\Program Files\MIC\HAWAII\Hawaii.exe
    O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
    O4 - Global Startup: Picture Package Menu.lnk = ?
    O4 - Global Startup: Picture Package VCD Maker.lnk = ?
    O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll (file missing)
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll (file missing)
    O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgsta...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 12712 bytes
    a c 295 8 Sécurité
    1 Septembre 2009 14:25:16

    Avec CCleaner, tu as la possibilité de désactiver des programmes qui se lancent au démarrage.

    Je m'absente.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS