Se connecter / S'enregistrer
Votre question

FORT ralentissement ordi portable RESOLU

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Décembre 2007 00:08:32

BONJOUR , CHERCHE AIDE D UN PRO (comme chercheur qui ma bien aide pour mon pc)

j'ai un fort ralentissement sur mon ordi portable de plus activ synchro se met toujours en route au demarrage...

j ai installe antivir et j ai fait un scan en mode sans echec puis j ai fait un HiJackThis...

JE MET CI-DESSOUS LE RAPPORT ANTIVIR ET HiJackThis...

MERCI A TOUS DE VOTRE AIDE !!!



AntiVir PersonalEdition Classic
Report file date: dimanche 9 décembre 2007 21:08

Scanning for 963523 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: THIERRY
Computer name: TANGUYLUCY

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.1.30 1575424 Bytes 30/11/2007 19:44:50
ANTIVIR3.VDF : 7.0.1.60 112128 Bytes 07/12/2007 19:44:50
AVEWIN32.DLL : 7.6.0.40 3064320 Bytes 09/12/2007 19:44:50
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: dimanche 9 décembre 2007 21:08

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '24' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\onoes.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4bbf.qua'!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\INFECTED\47cb4bbf.qua
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bf4b9b.qua'!
C:\Documents and Settings\THIERRY\Complete\(Anime) Pocket Monsters Diamond & Pearl episode 022 'Pachirisu VS Eipam! Contest Battle!!(640x48.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ca4e26.qua'!
C:\Documents and Settings\THIERRY\Complete\- Select one -.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47af4e0b.qua'!
C:\Documents and Settings\THIERRY\Complete\10 Unwealthy Habits Ebook From ChangeThis.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4e23.qua'!
C:\Documents and Settings\THIERRY\Complete\2006 dvdrip.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '478c4e26.qua'!
C:\Documents and Settings\THIERRY\Complete\2007 dvdrip.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '478c4e29.qua'!
C:\Documents and Settings\THIERRY\Complete\2007 WRC Rally Mexico Day 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '478c4e2b.qua'!
C:\Documents and Settings\THIERRY\Complete\24 s06.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4e32.qua'!
C:\Documents and Settings\THIERRY\Complete\30 x 3gp Funclips - Collection 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4e30.qua'!
C:\Documents and Settings\THIERRY\Complete\300 Theatrical Trailer 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '478c4e33.qua'!
C:\Documents and Settings\THIERRY\Complete\300 Trailer 1 in HD 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '478c4e3a.qua'!
C:\Documents and Settings\THIERRY\Complete\900 Disney Kids Pictures For Colouring spa1k.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '478c4e40.qua'!
C:\Documents and Settings\THIERRY\Complete\a4e Labyrinth Of Flames 01-02[www btmon com].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c14e4a.qua'!
C:\Documents and Settings\THIERRY\Complete\About CNET Networks.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4e7c.qua'!
C:\Documents and Settings\THIERRY\Complete\Advanced search.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d24e81.qua'!
C:\Documents and Settings\THIERRY\Complete\All RSS feeds.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84e8d.qua'!
C:\Documents and Settings\THIERRY\Complete\All Software.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84e91.qua'!
C:\Documents and Settings\THIERRY\Complete\Amazing Vista Wallpapers.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bd4e94.qua'!
C:\Documents and Settings\THIERRY\Complete\Annihilator - Metal 2007[Heavytorrents org] By ClaydenMV.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ca4e98.qua'!
C:\Documents and Settings\THIERRY\Complete\Apress Beginning C From Novice to Professional 4th Edition Oct 2006 eBook-BBL.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ce4e9d.qua'!
C:\Documents and Settings\THIERRY\Complete\Armin van Buuren - A State of Trance 291 [08-03-2007][TMB].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c94ea4.qua'!
C:\Documents and Settings\THIERRY\Complete\battlestar galactica.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d04e96.qua'!
C:\Documents and Settings\THIERRY\Complete\Beyonce feat Shakira - Beautiful Liar HDTV Xvid {TRG}.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d54e9c.qua'!
C:\Documents and Settings\THIERRY\Complete\blood diamond.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4ea5.qua'!
C:\Documents and Settings\THIERRY\Complete\Brothers and Sisters S01E16 The Other Walker PROPER HDTV XviD-FQM [eztv].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4eae.qua'!
C:\Documents and Settings\THIERRY\Complete\Browse categories.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4eb0.qua'!
C:\Documents and Settings\THIERRY\Complete\Buddhism living and health, The Diamond Sutras, Ven Hyeon Gak4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c04eb5.qua'!
C:\Documents and Settings\THIERRY\Complete\CD-DVD Media Quality Guide--How to buy, test, burn, and maintain CDs and DVDs.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47894e87.qua'!
C:\Documents and Settings\THIERRY\Complete\Close to Home 2x17 (HDTV-NOTV) [VTV].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4eb1.qua'!
C:\Documents and Settings\THIERRY\Complete\Close to Home 2x17 (HDTV-PROPER-ANNABELLE) [VTV].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4eb3.qua'!
C:\Documents and Settings\THIERRY\Complete\CNET TV.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47a14e98.qua'!
C:\Documents and Settings\THIERRY\Complete\Compare Prices.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c94ebc.qua'!
C:\Documents and Settings\THIERRY\Complete\Copyright policy.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cc4ebe.qua'!
C:\Documents and Settings\THIERRY\Complete\CyberLink PowerDVD DELUXE v7 3 new version.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47be4eca.qua'!
C:\Documents and Settings\THIERRY\Complete\dcp 3-8-07.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cc4eb6.qua'!
C:\Documents and Settings\THIERRY\Complete\Dean Koontz - The Voice of the Night.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bd4eba.qua'!
C:\Documents and Settings\THIERRY\Complete\deja vu.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c64ebd.qua'!
C:\Documents and Settings\THIERRY\Complete\desperate housewives.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4ebf.qua'!
C:\Documents and Settings\THIERRY\Complete\DSL Speed v3 8 Full Retail.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47a84eaf.qua'!
C:\Documents and Settings\THIERRY\Complete\DVD and CD Cover Print v3 4 2 WinAll Cracked-BRD[www.NeMeSYZ.com].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47a04ebe.qua'!
C:\Documents and Settings\THIERRY\Complete\dvd rip.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c04ee1.qua'!
C:\Documents and Settings\THIERRY\Complete\dvdrip french.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c04ee3.qua'!
C:\Documents and Settings\THIERRY\Complete\Epic Movie Spanish TS [WwW.MuchoMocho.CoM].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c54ee1.qua'!
C:\Documents and Settings\THIERRY\Complete\Epic Movie [TS-Screener][Spanish][2007][www newpct com].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c54ee3.qua'!
C:\Documents and Settings\THIERRY\Complete\Extra server power....zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d04eef.qua'!
C:\Documents and Settings\THIERRY\Complete\family guy.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c94eda.qua'!
C:\Documents and Settings\THIERRY\Complete\Fantastic Four 2k6 110 Impossible [C-W] avi.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ca4edd.qua'!
C:\Documents and Settings\THIERRY\Complete\Free MP3s.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c14ef0.qua'!
C:\Documents and Settings\THIERRY\Complete\ghost rider.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4ee8.qua'!
C:\Documents and Settings\THIERRY\Complete\gilmore girls.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84eeb.qua'!
C:\Documents and Settings\THIERRY\Complete\girls gone wild.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ce4eee.qua'!
C:\Documents and Settings\THIERRY\Complete\Gold Jewellery ZIP.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84ef6.qua'!
C:\Documents and Settings\THIERRY\Complete\Grand Theft Auto Vice City Stories USA PS2DVD-Start2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bd4efb.qua'!
C:\Documents and Settings\THIERRY\Complete\GraphicsExamples rar.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bd4efe.qua'!
C:\Documents and Settings\THIERRY\Complete\Grease Youre the One That I Want S01E08 DSR XviD-2SD [eztv].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c14f00.qua'!
C:\Documents and Settings\THIERRY\Complete\greys anatomy.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c14f02.qua'!
C:\Documents and Settings\THIERRY\Complete\Groove Armada - Superstylin' (Skool Of Thought Breaks Remix) [Unofficial Release] [Breaks].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4f05.qua'!
C:\Documents and Settings\THIERRY\Complete\hannibal rising.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ca4ef7.qua'!
C:\Documents and Settings\THIERRY\Complete\Harry potter.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ce4ef9.qua'!
C:\Documents and Settings\THIERRY\Complete\Help Center.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84eff.qua'!
C:\Documents and Settings\THIERRY\Complete\hot fuzz.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d04f0b.qua'!
C:\Documents and Settings\THIERRY\Complete\How to Boost Your Torrent Download Speeds ( Video Tutorial ).zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d34f0d.qua'!
C:\Documents and Settings\THIERRY\Complete\Jay Eichi radioshow 5@5 S01E01.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d54f01.qua'!
C:\Documents and Settings\THIERRY\Complete\Joan Jett And The Blackhearts - I Love Rock N Roll - Rock 2004 192Kbps Remasters Bonus Tracks.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bd4f12.qua'!
C:\Documents and Settings\THIERRY\Complete\Joss Stone - Introducing Joss Stone - 2007.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f14.qua'!
C:\Documents and Settings\THIERRY\Complete\Joss Stone-Introducing Joss Stone-2007-SAW.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f1b.qua'!
C:\Documents and Settings\THIERRY\Complete\Korn - Unplugged (2007)[Colombo-bt.org].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ce4f1b.qua'!
C:\Documents and Settings\THIERRY\Complete\La Stampa sabato 10 marzo 2007[divxitalia.info.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4f0e.qua'!
C:\Documents and Settings\THIERRY\Complete\Las Vegas 4x17 (HDTV-LOL) [VTV].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f0e.qua'!
C:\Documents and Settings\THIERRY\Complete\Las Vegas S04E17 HDTV XviD-LOL [eztv].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f0f.qua'!
C:\Documents and Settings\THIERRY\Complete\Las.Vegas.S04E17.HDTV.XviD-LOL - (torrential.kicks-ass.org).zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46773018.qua'!
C:\Documents and Settings\THIERRY\Complete\Le Canard Enchainé 07-03-2007 [httpflash.tv.online.fr].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4f14.qua'!
C:\Documents and Settings\THIERRY\Complete\Limewire Pro v4 12 9.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c94f18.qua'!
C:\Documents and Settings\THIERRY\Complete\lost s03.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f1f.qua'!
C:\Documents and Settings\THIERRY\Complete\lost s03e11.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46773028.qua'!
C:\Documents and Settings\THIERRY\Complete\Macromedia Flash Pro 8 plus keygen rar.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bf4f12.qua'!
C:\Documents and Settings\THIERRY\Complete\Michael Jackson - Instrumental Version Collection (RARE) [Fuzzi][MadJunkies com].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bf4f1b.qua'!
C:\Documents and Settings\THIERRY\Complete\Micro Hebdo 464 Semaine du 8 au 14 Mars 2007 [httpflash.tv.online.fr].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46073014.qua'!
C:\Documents and Settings\THIERRY\Complete\Microsoft Windows XP Pro Corporate SP2(3) 80 applications-((Demonoid com)) 4592385 5954.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bf4f1c.qua'!
C:\Documents and Settings\THIERRY\Complete\Naruto 345 [NarutoBuzz] zip.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ce4f14.qua'!
C:\Documents and Settings\THIERRY\Complete\Nasa Hi Res prt 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f15.qua'!
C:\Documents and Settings\THIERRY\Complete\Nerfd Free Tools CD v0 3-www saveload org.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ce4f19.qua'!
C:\Documents and Settings\THIERRY\Complete\Norah Jones Feels Like Home [LOSSLESS FLAC].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ce4f24.qua'!
C:\Documents and Settings\THIERRY\Complete\NORTON ANTIVIRUS 2007 OEM INCL SERIAL-RETAIL 07 WORKING 100% tar.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ae4f04.qua'!
C:\Documents and Settings\THIERRY\Complete\Numb3rs 3x18 (HDTV-LOL) [VTV].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c94f2b.qua'!
C:\Documents and Settings\THIERRY\Complete\Numb3rs S03E18 HDTV XviD-LOL [eztv].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46713024.qua'!
C:\Documents and Settings\THIERRY\Complete\office 2007.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c24f1d.qua'!
C:\Documents and Settings\THIERRY\Complete\one tree hill.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c14f25.qua'!
C:\Documents and Settings\THIERRY\Complete\Opie and Anthony 2007-03-09-O&A CF64k mp3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c54f28.qua'!
C:\Documents and Settings\THIERRY\Complete\Patience of Transformation - 20070309 by 13 akbal.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d04f19.qua'!
C:\Documents and Settings\THIERRY\Complete\pc games.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4f1c.qua'!
C:\Documents and Settings\THIERRY\Complete\PC Today May 2007.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4efd.qua'!
C:\Documents and Settings\THIERRY\Complete\prison break s02e19.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c54f2c.qua'!
C:\Documents and Settings\THIERRY\Complete\prison break.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c54f2d.qua'!
C:\Documents and Settings\THIERRY\Complete\Privacy policy.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '467d3026.qua'!
C:\Documents and Settings\THIERRY\Complete\Process Scanner (Eliminate Bad Processes From Task Manager).zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4f2e.qua'!
C:\Documents and Settings\THIERRY\Complete\PS2 Super Nintendo PAL-NTSC DVD Full emulator+rooms(3000 games).zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '478e4f0f.qua'!
C:\Documents and Settings\THIERRY\Complete\Real Time with Bill Maher 07.03.09 (PDTV-NOTV) [VTV].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bd4f22.qua'!
C:\Documents and Settings\THIERRY\Complete\Registry Repair Wizard 2007 4 52 + crack.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c34f22.qua'!
C:\Documents and Settings\THIERRY\Complete\Ricky Gervais, Steve Merchant, Karl Pilkington XFM Shows (48 in total).zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bf4f27.qua'!
C:\Documents and Settings\THIERRY\Complete\Rise of Nations Series DVD (Rise of Nations + Thrones and Patriots + Rise of Legends) + Updates.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f27.qua'!
C:\Documents and Settings\THIERRY\Complete\Rocky Balboa[2006]DvDrip[Eng]-aXXo.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bf4f2e.qua'!
C:\Documents and Settings\THIERRY\Complete\Rom 0888 [NDS]Yokoyama mitsuteru san goku shi volume 2[JAP]-[ESPALNDS com] rar.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c94f2f.qua'!
C:\Documents and Settings\THIERRY\Complete\Rom 0889 [NDS]Doraemon Nobita no shin makai daibouken[JAP]-[ESPALNDS com] rar.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46713038.qua'!
C:\Documents and Settings\THIERRY\Complete\Rom 0890 [NDS]Otona ryoku kentei[JAP]-[ESPALNDS com] rar.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c94f30.qua'!
C:\Documents and Settings\THIERRY\Complete\Rom 0891 [NDS]Dragon zakura DS[JAP]-[ESPALNDS com] rar.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46713039.qua'!
C:\Documents and Settings\THIERRY\Complete\Search cloud.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bd4f27.qua'!
C:\Documents and Settings\THIERRY\Complete\Search options.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46053020.qua'!
C:\Documents and Settings\THIERRY\Complete\Show all of today.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4f2b.qua'!
C:\Documents and Settings\THIERRY\Complete\Silverfall ViTALiTY.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f2d.qua'!
C:\Documents and Settings\THIERRY\Complete\Site map.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d04f2d.qua'!
C:\Documents and Settings\THIERRY\Complete\Smokin Aces 2007 DVDSCR XviD NoSCR.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cb4f32.qua'!
C:\Documents and Settings\THIERRY\Complete\Spyware Removal.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d54f35.qua'!
C:\Documents and Settings\THIERRY\Complete\Sublime (Unrated) Dvd Disc Covers { www IPTorrents com }.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47be4f3b.qua'!
C:\Documents and Settings\THIERRY\Complete\Submit Software.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46063034.qua'!
C:\Documents and Settings\THIERRY\Complete\Taxi 4 FRENCH TS XviD- avi.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47d44f28.qua'!
C:\Documents and Settings\THIERRY\Complete\taxi 4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '466c3021.qua'!
C:\Documents and Settings\THIERRY\Complete\Terms of use.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ce4f2d.qua'!
C:\Documents and Settings\THIERRY\Complete\test drive unlimited.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f2d.qua'!
C:\Documents and Settings\THIERRY\Complete\The Batman - 049 - Two of a Kind {C P} [Hi-Def 768x576 XviD Dolby 5 1 384kbps AC3] avi.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c14f31.qua'!
C:\Documents and Settings\THIERRY\Complete\The Batman - 050 - Rumors {C P} [Hi-Def 768x576 XviD Dolby 5 1 384kbps AC3] avi.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c14f32.qua'!
C:\Documents and Settings\THIERRY\Complete\The Bittorrent Bible A Concise Guide.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4679303b.qua'!
C:\Documents and Settings\THIERRY\Complete\the l word.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c14f33.qua'!
C:\Documents and Settings\THIERRY\Complete\the number 23.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4679303c.qua'!
C:\Documents and Settings\THIERRY\Complete\The Oxford English Dictionary CD-ROM version 3.0 [Single ISO].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c14f34.qua'!
C:\Documents and Settings\THIERRY\Complete\The Sims 2 Series DVD (University+Nightlife+Open for Business+Pets+Seasons+Holiday Party+Family Fun).zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4679303d.qua'!
C:\Documents and Settings\THIERRY\Complete\The Sims Complete Collection PC DVD Livin' Large+House Party+Hot Date+Vacation+Unleashed+Superstar.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c14f35.qua'!
C:\Documents and Settings\THIERRY\Complete\Tips & Tricks.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cc4f36.qua'!
C:\Documents and Settings\THIERRY\Complete\TobyMac - Portable Sounds [2007].zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47be4f3d.qua'!
C:\Documents and Settings\THIERRY\Complete\Today on CNET.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c04f3d.qua'!
C:\Documents and Settings\THIERRY\Complete\top gear.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cc4f3e.qua'!
C:\Documents and Settings\THIERRY\Complete\TV shows.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4f25.qua'!
C:\Documents and Settings\THIERRY\Complete\UKM Maszyna do zabijania The Ultimate Killing Machine 2006 [DVDRip] { www IPTorrents com }.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47a94f1b.qua'!
C:\Documents and Settings\THIERRY\Complete\Upload a torrent.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f40.qua'!
C:\Documents and Settings\THIERRY\Complete\VA - We All Love Ennio Morricone.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4f12.qua'!
C:\Documents and Settings\THIERRY\Complete\Vista All x86 OneClick Activator-CLoNY.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f3a.qua'!
C:\Documents and Settings\THIERRY\Complete\Vista All x86 tsg ActivationCrack (Final) zip.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f3b.qua'!
C:\Documents and Settings\THIERRY\Complete\Vista Skin Themes Icons Wallpapers Bootskins All.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cf4f3c.qua'!
C:\Documents and Settings\THIERRY\Complete\W-Ease 1.0.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47a14f00.qua'!
C:\Documents and Settings\THIERRY\Complete\W.bloggar 3.03.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47be4f02.qua'!
C:\Documents and Settings\THIERRY\Complete\W2 Mate 2006 3.0.127.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4f06.qua'!
C:\Documents and Settings\THIERRY\Complete\W2 Pro Professional Edition 2005.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4f07.qua'!
C:\Documents and Settings\THIERRY\Complete\W2B_Restaurant 1.06.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '479e4f08.qua'!
C:\Documents and Settings\THIERRY\Complete\W2XML 2.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47b44f08.qua'!
C:\Documents and Settings\THIERRY\Complete\W32.Blaster.Worm Removal Tool .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '478e4f0a.qua'!
C:\Documents and Settings\THIERRY\Complete\W32.Nimda.A@mm (Nimda) Removal Tool .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46363003.qua'!
C:\Documents and Settings\THIERRY\Complete\W32.Sasser Removal Tool 1.0.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '478e4f0b.qua'!
C:\Documents and Settings\THIERRY\Complete\W32.Sobig.F@mm Removal Tool .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '478e4f0c.qua'!
C:\Documents and Settings\THIERRY\Complete\w3IDE NexGen Edition 2.0.0c.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47a54f0c.qua'!
C:\Documents and Settings\THIERRY\Complete\W3Notify 1.01.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47aa4f0d.qua'!
C:\Documents and Settings\THIERRY\Complete\W4ShwIP 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47af4f0e.qua'!
C:\Documents and Settings\THIERRY\Complete\W5A!erts Caller ID 3.38.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '479d4f10.qua'!
C:\Documents and Settings\THIERRY\Complete\W8Soft Ad-Spy Remover 1.6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47af4f13.qua'!
C:\Documents and Settings\THIERRY\Complete\WA Browser 2.3.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '477c4f1d.qua'!
C:\Documents and Settings\THIERRY\Complete\WABAccess 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '479e4f1d.qua'!
C:\Documents and Settings\THIERRY\Complete\WAC Server Manager 1.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '479f4f1e.qua'!
C:\Documents and Settings\THIERRY\Complete\WackGet 1.2.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bf4f3e.qua'!
C:\Documents and Settings\THIERRY\Complete\Wacko Facto 3D Screensaver 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bf4f3f.qua'!
C:\Documents and Settings\THIERRY\Complete\Wacky Animals Screensaver 3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46073048.qua'!
C:\Documents and Settings\THIERRY\Complete\Wacom Intuos Driver 4.50 (12201999).zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47bf4f40.qua'!
C:\Documents and Settings\THIERRY\Complete\Wacom Tablet Driver 4.70-6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46073049.qua'!
C:\Documents and Settings\THIERRY\Complete\Wadja Mobile Editor 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c04f41.qua'!
C:\Documents and Settings\THIERRY\Complete\Waha Transformer Lite for DB 2.2.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c44f41.qua'!
C:\Documents and Settings\THIERRY\Complete\Wainmans Toolbar 4.5.88.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c54f42.qua'!
C:\Documents and Settings\THIERRY\Complete\Waiting Up DT 0.001.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c54f43.qua'!
C:\Documents and Settings\THIERRY\Complete\Waiting Up WP 001.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '467d304c.qua'!
C:\Documents and Settings\THIERRY\Complete\Wake On Lan 0.0.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c74f44.qua'!
C:\Documents and Settings\THIERRY\Complete\Wake On LAN 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '467f304d.qua'!
C:\Documents and Settings\THIERRY\Complete\Wake Up Clock 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c74f45.qua'!
C:\Documents and Settings\THIERRY\Complete\Wake Up News 2005 5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '467f304e.qua'!
C:\Documents and Settings\THIERRY\Complete\Wakeboarding Unleashed featuring Shaun Murray demo .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c74f46.qua'!
C:\Documents and Settings\THIERRY\Complete\WakeMeUp 1.8.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '467f304f.qua'!
C:\Documents and Settings\THIERRY\Complete\WakeUp 1.1 build 8.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c74f47.qua'!
C:\Documents and Settings\THIERRY\Complete\WakiCoolBar for Asp.net 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c74f48.qua'!
C:\Documents and Settings\THIERRY\Complete\Walk the Line Screensaver .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f48.qua'!
C:\Documents and Settings\THIERRY\Complete\Walk the Plank 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f49.qua'!
C:\Documents and Settings\THIERRY\Complete\Walking the Las Vegas Strip 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703042.qua'!
C:\Documents and Settings\THIERRY\Complete\WalkThru 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f4a.qua'!
C:\Documents and Settings\THIERRY\Complete\Wall 2.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703043.qua'!
C:\Documents and Settings\THIERRY\Complete\Wall Photo Maker 3.7.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f4b.qua'!
C:\Documents and Settings\THIERRY\Complete\Wall Street Financial Assistant 3.04.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f4c.qua'!
C:\Documents and Settings\THIERRY\Complete\Wall Street Financial Assistant 3.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703045.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallace & Gromit Trailer .zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f4d.qua'!
C:\Documents and Settings\THIERRY\Complete\WallCalendar Component for Delphi 3-7 2.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703046.qua'!
C:\Documents and Settings\THIERRY\Complete\WallChanger 3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f4e.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallet 1.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703047.qua'!
C:\Documents and Settings\THIERRY\Complete\WalletPhotoScreenSaver 1.0.23.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f4f.qua'!
C:\Documents and Settings\THIERRY\Complete\WallFly 1.29.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703058.qua'!
C:\Documents and Settings\THIERRY\Complete\WallGen 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f50.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallop 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703059.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Boot Master 2.2.6 DEMO.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f51.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Calendar 5.0.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f52.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Changer 1.2.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4670305b.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Changer 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f53.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Changer 7.0.143.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4670305c.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Clock 1.2.02.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f54.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Cycler 3.1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4670305d.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Desktop Calendar Living Gallery 1.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f55.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Easy 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4670305e.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Expert 3.6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f56.qua'!
C:\Documents and Settings\THIERRY\Complete\WallPaper for AOL 1.3.3.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4670305f.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Friend 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f57.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Hanger 1.0.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703050.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Magic 2.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f58.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Magic Screensaver Edition 2.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703051.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Manager 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f59.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Master Pro 1.41.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703052.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Mate 1.07.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f5a.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Montage 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f5b.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper of Ankur Gupta 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703054.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Photo Show 1.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f5c.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Positioner 1.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703055.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Recycler 3.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f5d.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Scout 1.41.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703056.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Sequencer Lite 4.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f5e.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Sequencer Standard 4.5 build 404.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703057.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Sequencer Ultra 4.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f5f.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Slideshow 1.24.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703068.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Swap 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f60.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper Switcher .NET 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46703069.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaper-Christian-c16 zip.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f61.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallpaperbox 1.4.6.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f62.qua'!
C:\Documents and Settings\THIERRY\Complete\WallPaperPlus 4.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4670306b.qua'!
C:\Documents and Settings\THIERRY\Complete\WallpaperSpinner 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f63.qua'!
C:\Documents and Settings\THIERRY\Complete\WallpaperWarp 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4670306c.qua'!
C:\Documents and Settings\THIERRY\Complete\Wallperizer 1.1.7.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f64.qua'!
C:\Documents and Settings\THIERRY\Complete\Walls And Balls 0.7.4.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4670306d.qua'!
C:\Documents and Settings\THIERRY\Complete\Walls of Jericho 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c84f65.qua'!
C:\Documents and Settings\THIERRY\Complete\Waltograph Font 4.2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4670306e.qua'!
C:\Documents and Settings\THIERRY\Complete\Wammu 0.16.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47c94f66.qua'!
C:\Documents and Settings\THIERRY\Complete\Wample 1.03.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4671306f.qua'!
C:\Documents and Settings\THIERRY\Complete\Wan Monitor 2.5.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ca4f67.qua'!
C:\Documents and Settings\THIERRY\Complete\Wandering Spider Screensaver 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46723060.qua'!
C:\Documents and Settings\THIERRY\Complete\WannabeHangman 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ca4f68.qua'!
C:\Documents and Settings\THIERRY\Complete\WannabeYahtzee 1.0.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46723061.qua'!
C:\Documents and Settings\THIERRY\Complete\Wantasoft Cycles Calendar 1.0.25.32.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ca4f69.qua'!
C:\Documents and Settings\THIERRY\Complete\Wanted Guns 1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ca4f6a.qua'!
C:\Documents and Settings\THIERRY\Complete\Wanted Hero Issue 1 2.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46723063.qua'!
C:\Documents and Settings\THIERRY\Complete\WAP Proof 2.0.0515.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47ac4f4b.qua'!
C:\Documents and Settings\THIERRY\Complete\wAPI Monitor for Windows 3.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '46143044.qua'!
C:\Documents and Settings\THIERRY\Complete\Wapicode Contact Manager 1.0.1.zip
[0] Archive type: ZIP
--> Setup.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '47cc4f6c.qua'!
C:\Documents and Settings\TH

Autres pages sur : fort ralentissement ordi portable resolu

10 Décembre 2007 10:57:02

Salut,

Continue à télécharger n'importe quoi n'importe ou et des ralentissements, tu en auras tout le temps. Car la plupart de ces programmes contiennent des malwares. Suffit de regarder ton rapport Antivir.

Poste un rapport Hijackthis en suivant ce tuto :
http://www.infos-du-net.com/forum/271838-11-tuto-utilis...
10 Décembre 2007 22:25:35

OUAH TROP DELICATE TA REPONSE...JE VAIS ME PASSER DE TES SERVICE ET ATTENDRE QQ UN DE PLUS SYMPA MERCI
Contenus similaires
11 Décembre 2007 07:30:03

Bonjour boulds,

Ma réponse n'est pas trop déléicate mais c'est un fait. Je ne suis pas là pour te juger mais il ne faut pas se voiler la face. Si tu as envi de télécharger de cette manière, c'est ton problème. Maintenant je suis quand même prêt à te donner un coup de main pour désinfecter ton PC. Seulement, une chose est sûr : Si ensuite dans le futur, tu n'est pas plus prudent, tu risqueras de souvent venir nous voir :D 

Celà ne me dérange pas que tu souhaites te passer de mes services. Je donnerais de mon temps libre à d'autres.

@ +

13 Décembre 2007 09:45:07

ok un peu de douceur dans ce monde de brutte et tout va mieux...alors merci pour ton temps libre !
je te precise tout de meme en envoyant ce rapport que mon ordi ralentit surtout quand il est connecte a internet hors connexion il fonctionne tres bien....
VOICI LE RAPPORT:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:41:48, on 13/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\0736b9819d78ce6fd28d7a44be52cc29\update\update.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.aliceadsl.fr/default.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1

\BHO\PERFEC~1.DLL (file missing)
O2 - BHO: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1

\BHO\PERFEC~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: CPub Object - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - C:\Program Files\Omniquad Total

Security\PopupBlocker\PopupBlocker.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O9 - Extra button: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - C:\Program Files\Omniquad Total

Security\PopupBlocker\PopupBlocker.dll (file missing)
O9 - Extra 'Tools' menuitem: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - C:\Program Files\Omniquad

Total Security\PopupBlocker\PopupBlocker.dll (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4

\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -

C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program

Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program

Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.gericom.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -

http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1

\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir

PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir

PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: ViGUARD Service (VigService) - Unknown owner - C:\Program Files\ViGUARD\SERVICE.EXE (file missing)

--
End of file - 6921 bytes


13 Décembre 2007 10:39:50

Salut,

1)Télécharge ComboFix (place-le dans un dossier où tu pourras le retrouver facilement !)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Exécute-le.
Choisis l'option n°1.
Le bureau peut disparaître pendant le scan : c'est normal.
Après, il reviendra. S'il ne revient pas, fais ceci :
Appuie simultanément sur CTRL + ALT + SUPPR.
Le Gestionnaire des tâches s'ouvrent. Clique sur Fichier puis sur Exécuter. Tape explorer et valide. Le bureau s'affichera à nouveau. À la fin, il va créer un rapport situé à la racine de ton disque dur. (C:\ComboFix.txt) Ouvre-le et colle-le ici.

2)Reposte un Log Hijackthis
13 Décembre 2007 23:02:06

ok,
combofix ne se deroule pas vraiment correctement je pense car il indique plein de message ou il dit qu'il ne trouve pas certain fichier...JE L AI LAISSE TOURNER QUAND MEME....
VOICI LE RAPPORT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:07, on 2007-12-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.aliceadsl.fr/default.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL (file missing)
O2 - BHO: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O9 - Extra button: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - C:\Program Files\Omniquad Total Security\PopupBlocker\PopupBlocker.dll (file missing)
O9 - Extra 'Tools' menuitem: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - C:\Program Files\Omniquad Total Security\PopupBlocker\PopupBlocker.dll (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.gericom.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: ViGUARD Service (VigService) - Unknown owner - C:\Program Files\ViGUARD\SERVICE.EXE (file missing)

--
End of file - 6281 bytes

13 Décembre 2007 23:19:17

OK J Y SUIS ARRIVE C ETAIT ANTIVIR QUI NE PERMETTAIT PAS COMBOFIX DE TOURNER CORRECTEMENT...ComboFix 07-12-12.3 - THIERRY 2007-12-13 23:06:44.2 - NTFSx86
Running from: C:\Documents and Settings\THIERRY\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\THIERRY\ravmonlog
C:\Program Files\outlook
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\cmd.com
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tasklist.com
C:\WINDOWS\system32\tracert.com

.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-13 to 2007-12-13 ))))))))))))))))))))))))))))))))))))
.

2007-12-10 15:39 . 2007-12-10 15:39 <REP> d-------- C:\Program Files\PC Connectivity Solution
2007-12-09 20:29 . 2007-12-09 20:29 <REP> d-------- C:\Program Files\Avira
2007-12-09 20:29 . 2007-12-09 20:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-12-09 17:38 . 2007-12-09 17:38 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-12-09 17:20 . 2004-08-20 00:09 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-12-09 17:14 . 2007-10-11 00:49 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-12-09 17:14 . 2007-04-17 10:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-12-09 17:14 . 2007-03-08 06:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-12-09 17:14 . 2007-10-11 00:49 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-12-09 17:14 . 2007-10-11 00:49 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-12-09 17:14 . 2007-10-11 00:49 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-12-09 17:14 . 2007-10-11 00:49 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2007-12-09 17:14 . 2007-10-11 00:49 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-12-09 17:14 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-09 17:13 . 2007-12-09 17:16 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-12-09 16:50 . 2007-12-09 16:50 118 --a------ C:\WINDOWS\system32\MRT.INI
2007-12-09 16:30 . 2007-07-09 14:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-12-09 16:19 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2007-12-09 16:19 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2007-12-09 16:19 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2007-12-09 16:19 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-13 08:40 --------- d-----w C:\Program Files\Trend Micro
2007-12-10 18:28 --------- d-----w C:\Program Files\Nokia
2007-12-10 14:42 --------- d-----w C:\Documents and Settings\THIERRY\Application Data\Nokia
2007-12-10 14:39 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
2007-12-09 16:19 --------- d-----w C:\Program Files\Google
2007-12-09 16:04 --------- d-----w C:\Documents and Settings\THIERRY\Application Data\Skype
2007-11-16 17:48 --------- d-----w C:\Program Files\Microsoft ActiveSync
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-20 05:01 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-09-14 20:14 11,690 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
2004-08-09 21:30 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2005-06-05 13:16 56 -csh--r C:\WINDOWS\system32\490CF5FFC3.sys
2004-12-12 18:16 56 -csh--r C:\WINDOWS\system32\CFA226E621.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00D6A7E7-4A97-456f-848A-3B75BF7554D7}]
C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 14:07]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-09 20:44]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09]

C:\Documents and Settings\THIERRY\Menu D‚marrer\Programmes\D‚marrage\
WKCALREM.LNK - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2002-06-26 18:57:40]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^FlowProtector 2005.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\FlowProtector 2005.lnk
backup=C:\WINDOWS\pss\FlowProtector 2005.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\GStartup.lnk
backup=C:\WINDOWS\pss\GStartup.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdslTaskBar]
rundll32.exe stmctrl.dll,TaskBar

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AltnetPointsManager]
c:\program files\altnet\points manager\points manager.exe -s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
C:\Program Files\Fichiers communs\CMEII\CMESys.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-20 00:09 15360 --a--c--- C:\WINDOWS\System32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantTray]
2004-09-02 09:37 770048 --a------ C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Download Accelerator]
C:\Program Files\IDA\ida.exe -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IW_Drop_Icon]
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /DropDisc

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
Logi_MwX.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\outlook]
C:\Program Files\outlook\outlook.exe /auto

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2P Networking]
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe]
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-11-10 15:06 406016 --a------ C:\WINDOWS\system32\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-06-28 20:29 32768 --a------ C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchUpgrader]
C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2005-04-13 03:48 36975 --a------ C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2003-04-24 09:44 610304 --a--c--- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
2003-04-24 09:51 110592 --a--c--- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tbon]
C:\Program Files\TBONBin\tbon.exe /r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WatchDog]
C:\Program Files\mobile PhoneTools\WatchDog.exe

R0 VOBID;VOBID;C:\WINDOWS\system32\DRIVERS\vobid.sys
R1 vobcom;vobcom;C:\WINDOWS\system32\drivers\vobcom.sys
R1 vobiw;vobiw;C:\WINDOWS\system32\drivers\vobiw.sys
R2 R54G Wireless Service;R54G Wireless Service;C:\Program Files\Wireless 802.11g Monitor\WLService.exe
R3 cdrdrv;Cdrdrv;C:\WINDOWS\system32\Drivers\Cdrdrv.sys
R3 rt2571;Wireless 802.11g USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\rt2571.sys
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys
S2 VigService;ViGUARD Service;C:\Program Files\ViGUARD\SERVICE.EXE
S3 bDMusicb;bDMusicb;\??\C:\DOCUME~1\THIERRY\LOCALS~1\Temp\bDMusicb.sys
S3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys

.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-13 23:11:01
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\erdnt

scan completed successfully
hidden files: 1

**************************************************************************
.
Completion time: 2007-12-13 23:12:18
.
2007-12-13 08:55:22 --- E O F ---




ET MAINTENANT VOICI L HijackThi COMME DEMANDE





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:16:43, on 13/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.aliceadsl.fr/default.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL (file missing)
O2 - BHO: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O9 - Extra button: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - C:\Program Files\Omniquad Total Security\PopupBlocker\PopupBlocker.dll (file missing)
O9 - Extra 'Tools' menuitem: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - C:\Program Files\Omniquad Total Security\PopupBlocker\PopupBlocker.dll (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.gericom.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: ViGUARD Service (VigService) - Unknown owner - C:\Program Files\ViGUARD\SERVICE.EXE (file missing)

--
End of file - 6318 bytes
I LE SUIVANT COMME DEMANDE




A LA FIN DE COMBOFIX IL ME DIT QU IL MANQUE ConnAPP.DLL

VOILA A TOI DE VOIR SI TU PEUX EN TIRER QQ CHOSE

14 Décembre 2007 15:26:25

Salut,

1)Lances hijackthis, do a scan only. coches sur la gauche ces lignes :

R3 - URLSearchHook: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL (file missing)
O2 - BHO: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL (file missing)

Cliques ensuite sur fixchecked et valides, Fermes hijackthis

2)Quel est ton pare-feu

3)Fais un scan en ligne avec Internet Explorer. A la fin du scan, postes le rapport
http://webscanner.kaspersky.fr ("Exécutez l'analyse en ligne"). Sélectionne "disque local C:\"
15 Décembre 2007 11:46:48

MON PARE-FEU C CELUI DE WINDOWS

le rapport kaspersky:


-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, December 15, 2007 11:46:35 AM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 15/12/2007
Enregistrements dans la base antivirus Kaspersky : 452109
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
C:\
D:\
E:\

Statistiques de l'analyse:
Total d'objets analysés: 57089
Nombre de virus trouvés: 0
Nombre d'objets infectés: 0 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 09:42:46

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0db6462336e9482c8fca116804434b2d_2dd33e0d-43e5-4899-a1e3-e86c9dc8a475 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\319665ab715f7fed327957cc37ecd84b_2dd33e0d-43e5-4899-a1e3-e86c9dc8a475 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ed37e3a2247ee4800a7c9c4675fed61_2dd33e0d-43e5-4899-a1e3-e86c9dc8a475 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5773813374f3cdff2871220e22f99c94_2dd33e0d-43e5-4899-a1e3-e86c9dc8a475 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8958eed7fd21bc301f8055edfba3d1f8_2dd33e0d-43e5-4899-a1e3-e86c9dc8a475 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9ca720e6dbb93967dccc9d8d207c7513_2dd33e0d-43e5-4899-a1e3-e86c9dc8a475 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a01c28e8056a756cf67e8f2addd21c0a_2dd33e0d-43e5-4899-a1e3-e86c9dc8a475 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9890739652082332f41a085dd688711_2dd33e0d-43e5-4899-a1e3-e86c9dc8a475 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dcf2dee837670f9151319e983e04ac77_2dd33e0d-43e5-4899-a1e3-e86c9dc8a475 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ebeac97fb744652080b7cacf7043c93a_2dd33e0d-43e5-4899-a1e3-e86c9dc8a475 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\Application Data\$_hpcst$.hpc L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\Local Settings\Historique\History.IE5\MSHist012007121420071215\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\Local Settings\Temp\WCESLog.log L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\THIERRY\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{5E5370F3-7BC6-4EA8-9599-C9C7C5CB3BFF}\RP479\change.log L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB824141$\user32.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB824141$\win32k.sys L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\accwiz.exe L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\crypt32.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\hh.exe L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\hhctrl.ocx L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\hhsetup.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\html32.cnv L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\itss.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\locator.exe L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\magnify.exe L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\migwiz.exe L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\mrxsmb.sys L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\msconv97.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\narrator.exe L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\newdev.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\ntdll.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\ntkrnlpa.exe L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\ntoskrnl.exe L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\ole32.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\osk.exe L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\pchshell.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\raspptp.sys L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\rpcrt4.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\rpcss.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\shell32.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\shmedia.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\srrstr.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\srv.sys L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\sysmain.sdb L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\user32.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\win32k.sys L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\winsrv.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826939$\zipfldr.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826942$\dhcpcsvc.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826942$\ndis.sys L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826942$\ndisuio.sys L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826942$\netshell.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826942$\wzcdlg.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826942$\wzcsapi.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB826942$\wzcsvc.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\dao360.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\expsrv.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msexch40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msexcl40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msjet40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msjetol1.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msjetoledb40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msjint40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msjter40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msjtes40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msltus40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\mspbde40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msrd2x40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msrd3x40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msrepl40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\mstext40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\mswdat10.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\mswstr10.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\msxbde40.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallKB829558$\vbajet32.dll L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx L'objet est verrouillé ignoré
C:\WINDOWS\$NtUninstallQ828026$\wmpcore.dll L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

Analyse terminée.
15 Décembre 2007 11:55:15

Ok,

Reposte un log hijackthis.
15 Décembre 2007 12:42:50

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:43:35, on 15/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.aliceadsl.fr/default.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - C:\Program Files\Omniquad Total Security\PopupBlocker\PopupBlocker.dll (file missing)
O9 - Extra 'Tools' menuitem: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - C:\Program Files\Omniquad Total Security\PopupBlocker\PopupBlocker.dll (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.gericom.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: ViGUARD Service (VigService) - Unknown owner - C:\Program Files\ViGUARD\SERVICE.EXE (file missing)

--
End of file - 6169 bytes



MON ORDI PARAIT DEJA BEAUCOUP MOINS RALENTIE !!!!
17 Décembre 2007 10:21:08

:hello: 

Ok. Si ton problème est résolu, Ajoutes alors [Résolu] au titre. Pour cela :
* Cliques, dans votre premier message, sur le bouton "Editer"
* Rajoutes la mention à votre titre
* Cliques ensuite sur "Valider ton message"
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS