benjifast

Ok merci voici le log hijack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:33:48, on 05/06/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Acer\Acer Bio Protection\BASVC.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Eraser\eraser.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\U.S. Robotics\Cordless Skype Dual Phone\USR9630.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Apoint2K\Apntex.exe C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\RtkBtMnt.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\utilisateur\Mes documents\HiJackThis.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Program Files\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe" O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Acer Empowering Technology.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: USRobotics Cordless Skype Dual Phone.lnk = C:\Program Files\U.S. Robotics\Cordless Skype Dual Phone\USR9630.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O20 - Winlogon Notify: fnpipe - fnpipe.dll (file missing) O20 - Winlogon Notify: spba - C:\Program Files\Fichiers communs\SPBA\homefus2.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 14441 bytes

Salut, ok je fait ça, Juste un truc la mise a jour: Microsoft SQL Server 2005 Express Edition Service Pack 3 (KB955706) ne veut pas s'installé et revient toujours rien de grave je pense? Pour Hijackthis y'a t'il une procédure speciale config du prog ect.. ? Merci

YES YES YES, MAJ windows en cours!!!! UN TRES GRAND MERCI!!!! ya t'il d'autres controles ou dispositions à prendre?? Tu est trop fort merci encore.

Oui reboot ok, j'essaye les maj?

ok voici le rapport tdsskiller: 22:28:05:218 5876 TDSS rootkit removing tool 2.3.2.0 May 31 2010 10:39:48 22:28:05:218 5876 ================================================================================ 22:28:05:218 5876 SystemInfo: 22:28:05:218 5876 OS Version: 5.1.2600 ServicePack: 3.0 22:28:05:218 5876 Product type: Workstation 22:28:05:218 5876 ComputerName: ACER-9BBEC83C10 22:28:05:234 5876 UserName: utilisateur 22:28:05:234 5876 Windows directory: C:\WINDOWS 22:28:05:234 5876 Processor architecture: Intel x86 22:28:05:234 5876 Number of processors: 2 22:28:05:234 5876 Page size: 0x1000 22:28:05:234 5876 Boot type: Normal boot 22:28:05:234 5876 ================================================================================ 22:28:05:609 5876 Initialize success 22:28:05:609 5876 22:28:05:609 5876 Scanning Services ... 22:28:05:796 5876 Raw services enum returned 384 services 22:28:05:796 5876 Suspicious serv gwrgth (h: 0, b: 1) 22:28:05:796 5876 22:28:05:796 5876 Scanning Drivers ... 22:28:06:281 5876 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 22:28:06:328 5876 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 22:28:06:343 5876 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 22:28:06:343 5876 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 22:28:06:390 5876 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 22:28:06:484 5876 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 22:28:06:546 5876 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 22:28:06:609 5876 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 22:28:06:625 5876 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 22:28:06:625 5876 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 22:28:06:640 5876 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 22:28:06:687 5876 AlfaFF (4490b8bdf38750458eb9b24835fda8fe) C:\WINDOWS\system32\Drivers\AlfaFF.sys 22:28:06:734 5876 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 22:28:06:796 5876 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 22:28:06:859 5876 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 22:28:06:890 5876 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 22:28:06:937 5876 ApfiltrService (e8885f571251a058dca0f058341b04c1) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 22:28:07:031 5876 AR5416 (6c21f270afec1e423c00e96d3bd234dc) C:\WINDOWS\system32\DRIVERS\athw.sys 22:28:07:125 5876 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 22:28:07:156 5876 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 22:28:07:171 5876 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 22:28:07:187 5876 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 22:28:07:218 5876 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 22:28:07:312 5876 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 22:28:07:359 5876 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 22:28:07:375 5876 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 22:28:07:437 5876 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 22:28:07:531 5876 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 22:28:07:578 5876 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\WINDOWS\system32\DRIVERS\avipbb.sys 22:28:07:640 5876 b57w2k (559ddda2c88459478056174247706deb) C:\WINDOWS\system32\DRIVERS\b57xp32.sys 22:28:07:703 5876 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 22:28:07:750 5876 btaudio (2c04f295f7f40eb46f7accd3f6cdef4a) C:\WINDOWS\system32\drivers\btaudio.sys 22:28:07:859 5876 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys 22:28:07:906 5876 BTKRNL (49fd2960c0c5fe06dedf9560ad4c9547) C:\WINDOWS\system32\DRIVERS\btkrnl.sys 22:28:08:000 5876 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys 22:28:08:062 5876 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys 22:28:08:078 5876 BTWUSB (6b622612fe21b59faee2ca4385959778) C:\WINDOWS\system32\Drivers\btwusb.sys 22:28:08:171 5876 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 22:28:08:187 5876 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 22:28:08:218 5876 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 22:28:08:218 5876 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 22:28:08:250 5876 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 22:28:08:281 5876 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 22:28:08:359 5876 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 22:28:08:390 5876 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 22:28:08:421 5876 CmdIde (e3726ad522d0bdae090671048c991ab3) C:\WINDOWS\system32\DRIVERS\cmdide.sys 22:28:08:437 5876 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 22:28:08:437 5876 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 22:28:08:453 5876 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 22:28:08:468 5876 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 22:28:08:484 5876 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 22:28:08:531 5876 DKbFltr (060db81dfb79c8244eb65d10b6c7873f) C:\WINDOWS\system32\DRIVERS\DKbFltr.sys 22:28:08:609 5876 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 22:28:08:718 5876 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 22:28:08:734 5876 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 22:28:08:765 5876 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 22:28:08:812 5876 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 22:28:08:875 5876 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 22:28:08:906 5876 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 22:28:08:953 5876 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 22:28:08:968 5876 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 22:28:08:984 5876 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 22:28:09:000 5876 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 22:28:09:078 5876 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 22:28:09:109 5876 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 22:28:09:125 5876 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 22:28:09:156 5876 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 22:28:09:187 5876 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 22:28:09:281 5876 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 22:28:09:328 5876 HSFHWAZL (6a5c4732d6803f84e2987edd8e4359ce) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 22:28:09:375 5876 HSF_DPV (21c31273c6cc4826e74be8ae3b09d4a8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 22:28:09:484 5876 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 22:28:09:500 5876 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 22:28:09:531 5876 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 22:28:09:578 5876 i8042prt (f529c2305791422a116a8b9545af7510) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 22:28:09:578 5876 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\i8042prt.sys. Real md5: f529c2305791422a116a8b9545af7510, Fake md5: a09bdc4ed10e3b2e0ec27bb94af32516 22:28:09:578 5876 File "C:\WINDOWS\system32\DRIVERS\i8042prt.sys" infected by TDSS rootkit ... 22:28:09:984 5876 Backup copy found, using it.. 22:28:10:000 5876 will be cured on next reboot 22:28:10:250 5876 ialm (b2768350bb50469aeb1afe694372b613) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 22:28:10:578 5876 iaStor (80c633722da72e97f3f5b3b11325696d) C:\WINDOWS\system32\DRIVERS\iaStor.sys 22:28:10:609 5876 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 22:28:10:656 5876 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 22:28:10:703 5876 Int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\WINDOWS\System32\drivers\int15.sys 22:28:11:000 5876 IntcAzAudAddService (74b482f8b2a9ebe8473381a7a58f801d) C:\WINDOWS\system32\drivers\RtkHDAud.sys 22:28:11:125 5876 IntcHdmiAddService (331244286fa249f2456e6d78fda4a93e) C:\WINDOWS\system32\drivers\IntcHdmi.sys 22:28:11:171 5876 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys 22:28:11:203 5876 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 22:28:11:390 5876 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 22:28:11:406 5876 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:28:11:484 5876 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 22:28:11:515 5876 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 22:28:11:546 5876 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 22:28:11:562 5876 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 22:28:11:640 5876 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 22:28:11:687 5876 Iviaspi (4ac11b2250106774f694df2db4ffed61) C:\WINDOWS\system32\drivers\iviaspi.sys 22:28:11:718 5876 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 22:28:11:796 5876 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 22:28:11:828 5876 KLIF (2cf7c3dd0102a32a680ef97f3b1c861a) C:\WINDOWS\system32\DRIVERS\klif.sys 22:28:11:859 5876 klmd23 (67e1faa88fb397b3d56909d7e04f4dd3) C:\WINDOWS\system32\drivers\klmd.sys 22:28:11:906 5876 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 22:28:12:000 5876 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 22:28:12:046 5876 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\WINDOWS\system32\DRIVERS\Lbd.sys 22:28:12:109 5876 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 22:28:12:187 5876 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 22:28:12:203 5876 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 22:28:12:234 5876 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 22:28:12:265 5876 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 22:28:12:343 5876 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 22:28:12:406 5876 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 22:28:12:421 5876 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 22:28:12:468 5876 MRxSmb (421f7b922cec5a5f340e7574a98f7b7c) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 22:28:12:546 5876 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 22:28:12:593 5876 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 22:28:12:640 5876 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 22:28:12:656 5876 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 22:28:12:671 5876 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 22:28:12:718 5876 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 22:28:12:796 5876 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 22:28:12:828 5876 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 22:28:12:859 5876 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 22:28:12:906 5876 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 22:28:12:937 5876 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 22:28:13:000 5876 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 22:28:13:015 5876 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:28:13:046 5876 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 22:28:13:062 5876 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 22:28:13:109 5876 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 22:28:13:187 5876 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 22:28:13:187 5876 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 22:28:13:218 5876 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 22:28:13:359 5876 NTIDrvr (5535174933a08bb8f1cee26dffb930e4) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys 22:28:13:375 5876 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 22:28:13:406 5876 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 22:28:13:500 5876 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 22:28:13:531 5876 O2MDRDR (f1072a203fb1e246be62d736a5b88dfd) C:\WINDOWS\system32\DRIVERS\o2media.sys 22:28:13:546 5876 O2SDRDR (5472c48f44b49f07b16b421899e550f8) C:\WINDOWS\system32\DRIVERS\o2sd.sys 22:28:13:578 5876 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 22:28:13:625 5876 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys 22:28:13:703 5876 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 22:28:13:734 5876 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 22:28:13:750 5876 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 22:28:13:781 5876 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 22:28:13:796 5876 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 22:28:13:875 5876 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 22:28:13:875 5876 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 22:28:13:921 5876 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 22:28:13:937 5876 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 22:28:13:953 5876 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 22:28:13:968 5876 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys 22:28:14:046 5876 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 22:28:14:062 5876 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 22:28:14:078 5876 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 22:28:14:078 5876 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 22:28:14:093 5876 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 22:28:14:109 5876 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 22:28:14:140 5876 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 22:28:14:156 5876 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 22:28:14:171 5876 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 22:28:14:218 5876 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 22:28:14:281 5876 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 22:28:14:296 5876 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 22:28:14:343 5876 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 22:28:14:375 5876 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 22:28:14:453 5876 regi (001b4278407f4303efc902a2b16f2453) C:\WINDOWS\system32\drivers\regi.sys 22:28:14:500 5876 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 22:28:14:531 5876 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 22:28:14:609 5876 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 22:28:14:671 5876 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 22:28:14:718 5876 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 22:28:14:750 5876 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 22:28:14:890 5876 SNP2UVC (0302bc619d4a723317e7f8eb0c362bd3) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys 22:28:15:000 5876 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 22:28:15:031 5876 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 22:28:15:062 5876 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 22:28:15:109 5876 srescan (bda0ecc7cba1d3b9fd7ff2881bf9b463) C:\WINDOWS\system32\ZoneLabs\srescan.sys 22:28:15:187 5876 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys 22:28:15:218 5876 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 22:28:15:265 5876 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 22:28:15:296 5876 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 22:28:15:390 5876 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 22:28:15:421 5876 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 22:28:15:437 5876 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 22:28:15:453 5876 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 22:28:15:468 5876 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 22:28:15:500 5876 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 22:28:15:578 5876 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 22:28:15:640 5876 TcUsb (72b9e77565da5fa564581976e000d29b) C:\WINDOWS\system32\Drivers\tcusb.sys 22:28:15:671 5876 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 22:28:15:734 5876 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 22:28:15:765 5876 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 22:28:15:796 5876 TosIde (b411668322c3bf4e690888706b999679) C:\WINDOWS\system32\DRIVERS\toside.sys 22:28:15:828 5876 TpChoice (3afff25eae28188fa4ecd292658be31b) C:\WINDOWS\system32\DRIVERS\TpChoice.sys 22:28:15:859 5876 UBHelper (5e3966a0d9b57531264fc0c835021fa1) C:\WINDOWS\system32\drivers\UBHelper.sys 22:28:15:937 5876 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 22:28:15:953 5876 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 22:28:15:968 5876 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 22:28:16:062 5876 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 22:28:16:093 5876 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 22:28:16:109 5876 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 22:28:16:125 5876 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 22:28:16:203 5876 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 22:28:16:250 5876 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 22:28:16:343 5876 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 22:28:16:437 5876 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 22:28:16:500 5876 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 22:28:16:593 5876 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 22:28:16:640 5876 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 22:28:16:687 5876 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 22:28:16:718 5876 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 22:28:16:765 5876 vsdatant (279761ad6562c0d4309cb1bbb260233f) C:\WINDOWS\system32\vsdatant.sys 22:28:16:906 5876 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 22:28:16:937 5876 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 22:28:17:000 5876 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 22:28:17:062 5876 winachsf (307d248f97835b6879bdd361086924fe) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 22:28:17:187 5876 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 22:28:17:218 5876 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 22:28:17:234 5876 Reboot required for cure complete.. 22:28:17:281 5876 Cure on reboot scheduled successfully 22:28:17:281 5876 22:28:17:281 5876 Completed 22:28:17:281 5876 22:28:17:281 5876 Results: 22:28:17:281 5876 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 22:28:17:281 5876 File objects infected / cured / cured on reboot: 1 / 0 / 1 22:28:17:281 5876 22:28:17:281 5876 KLMD(ARK) unloaded successfully

et oui... j'utilise update microsoft et on dirait qu'il n'arrive pas a executer le module complementaire avec active X. j'ai beau l'executer il bloque et revient toujours.

et mince j'ai mis no!!!

dial a fix a marché il me demande preserve windows update history before deleting? yes ou no pour flush software? lequel choisir?

re ok pour l'instant pas de fenetres de pub intempestives... Windows update toujours en erreur, En passant par le site de telechargement microsoft il demande le controle activeX a répetition sans pouvoir rechercher les mises a jour.. J'essaye dial a fix? Merci

Re Voici le log ESET: C:\UsbFix_Upload_Me_ACER-9BBEC83C10.zip multiple threats C:\System Volume Information\_restore{252295B3-C40E-48B4-9091-1C42FC8617DF}\RP165\A0017944.exe multiple threats C:\System Volume Information\_restore{252295B3-C40E-48B4-9091-1C42FC8617DF}\RP166\A0018238.exe a variant of Win32/Kryptik.EPD trojan C:\UsbFix\Quarantine\F\Autorun.inf.vir Win32/AutoRun.UG worm C:\UsbFix\Quarantine\F\start.exe.vir Win32/IRCBot.AFA trojan C:\UsbFix\Quarantine\G\autorun.VIR Win32/AutoRun.UG worm C:\UsbFix\Quarantine\G\start.exe.vir Win32/IRCBot.AFA trojan que pense tu?

dernier rapport de desinfection: ############################## | UsbFix 7.003 | Utilisateur: utilisateur (Administrateur) # ACER-9BBEC83C10 [ ] Mis à jour le 01/06/10 par El Desaparecido & C_XX Lancé à 11:44:04 | 04/06/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Celeron® Dual-Core CPU T3000 @ 1.80GHz CPU 2: Celeron® Dual-Core CPU T3000 @ 1.80GHz Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 7.0.5730.13 Pare-feu Windows: Désactivé /!\ Antivirus: AntiVir Desktop 9.0.1.32 [Enabled | Updated] Firewall: ZoneAlarm Firewall 7.0.483.000 [Enabled] RAM -> 3001 Mo C:\ (%systemdrive%) -> Disque fixe # 112 Go (80 Go libre(s) - 72%) [ACER] # NTFS D:\ -> Disque fixe # 112 Go (111 Go libre(s) - 100%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [sTORE N GO] # FAT32 G:\ -> Disque amovible # 252 Mo (223 Mo libre(s) - 89%) [sAUVEGARDE] # FAT ################## | Éléments infectieux | Supprimé! F:\Autorun.inf Supprimé! G:\Autorun.inf Supprimé! C:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 Supprimé! D:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 Supprimé! F:\start.exe Supprimé! G:\start.exe ################## | Registre | ################## | Mountpoints2 | ################## | Listing | [04/06/2010 - 11:05:59 | A | 5372] C:\aaw7boot.log [15/09/2009 - 21:18:55 | D ] C:\Acer [08/07/2008 - 19:29:14 | A | 0] C:\AUTOEXEC.BAT [04/06/2010 - 11:34:51 | RASHD ] C:\Autorun.inf [16/09/2009 - 06:10:54 | D ] C:\BOOK [15/09/2009 - 21:16:36 | RASH | 212] C:\boot.ini [14/04/2008 - 06:00:00 | RASH | 4952] C:\Bootfont.bin [08/07/2008 - 21:14:08 | SH | 512] C:\BOOTSECT.DOS [02/06/2010 - 22:39:24 | D ] C:\Config.Msi [08/07/2008 - 19:29:14 | A | 0] C:\CONFIG.SYS [17/09/2009 - 17:08:27 | D ] C:\Dell922 [30/05/2010 - 10:42:59 | D ] C:\DOCS [30/05/2010 - 11:09:05 | D ] C:\Documents and Settings [16/09/2009 - 04:18:21 | D ] C:\DOTNETFX [15/09/2009 - 21:36:57 | AD ] C:\elements [04/06/2010 - 11:06:02 | ASH | 3146629120] C:\hiberfil.sys [16/09/2009 - 04:21:45 | AD ] C:\I386 [16/09/2009 - 04:21:45 | D ] C:\Intel [08/07/2008 - 19:29:14 | RASH | 0] C:\IO.SYS [08/07/2008 - 19:29:14 | RASH | 0] C:\MSDOS.SYS [14/04/2008 - 06:00:00 | RASH | 47564] C:\NTDETECT.COM [14/04/2008 - 06:00:00 | RASH | 252240] C:\ntldr [04/06/2010 - 11:06:00 | ASH | 2145386496] C:\pagefile.sys [22/07/2009 - 20:18:24 | ASH | 7329] C:\Patch.rev [31/08/2008 - 00:24:52 | RASH | 73] C:\preload.aaa [31/08/2008 - 00:24:52 | RASH | 73] C:\Preload.rev [17/09/2009 - 23:33:26 | D ] C:\pro-gre [03/06/2010 - 19:03:49 | RD ] C:\Program Files [04/06/2010 - 11:47:00 | SHD ] C:\RECYCLER [31/05/2010 - 18:53:11 | A | 2626] C:\repupdat.bat [15/09/2009 - 21:19:59 | A | 593] C:\RHDSetup.log [03/06/2010 - 19:04:57 | D ] C:\rsit [08/07/2008 - 19:41:12 | D ] C:\SUPPORT [16/09/2009 - 04:25:03 | D ] C:\sysinfo [18/11/2009 - 08:40:25 | SHD ] C:\System Volume Information [17/09/2009 - 17:08:29 | D ] C:\Temp [16/09/2009 - 04:25:03 | AD ] C:\tools [04/06/2010 - 11:44:24 | D ] C:\UsbFix [04/06/2010 - 11:47:06 | A | 3195] C:\Usbfix.txt [04/06/2010 - 11:35:19 | A | 70492] C:\UsbFix_Upload_Me_ACER-9BBEC83C10.zip [16/09/2009 - 04:25:05 | D ] C:\VALUEADD [15/09/2009 - 21:31:56 | A | 491712] C:\vcredist_x86.log [04/06/2010 - 11:07:53 | D ] C:\WINDOWS [03/06/2010 - 21:26:43 | SHD ] D:\$RECYCLE.BIN [18/09/2009 - 18:36:29 | D ] D:\691835f6d8424cd90b8f [04/06/2010 - 11:34:51 | RASHD ] D:\Autorun.inf [04/06/2010 - 11:47:00 | SHD ] D:\RECYCLER [18/11/2009 - 13:00:21 | SHD ] D:\System Volume Information [26/05/2010 - 09:08:38 | D ] F:\chrismass [26/05/2010 - 17:16:42 | D ] F:\E11SRSONIA [03/06/2010 - 12:14:24 | D ] F:\photo 407 [12/02/2009 - 08:36:14 | D ] G:\Envoi par PDFmail [12/02/2009 - 08:36:14 | RD ] G:\Ma musique [12/02/2009 - 08:36:16 | RD ] G:\Mes images [17/09/2008 - 10:07:50 | A | 71168] G:\028 HAASE C08.xls [13/01/2009 - 11:14:22 | A | 73728] G:\028 HAASE E09.xls [17/04/2008 - 12:57:20 | A | 75776] G:\028 HAASE H08.xls [02/05/2007 - 07:44:04 | A | 17408] G:\028 HAASE RH 07H.xls [20/04/2007 - 08:09:06 | A | 16896] G:\028 Haase SN 07H.xls [23/04/2007 - 12:39:08 | A | 30720] G:\028 Haase SR 07H.xls [09/03/2006 - 17:13:50 | A | 14336] G:\ADRESSES.xls [27/11/2009 - 07:58:04 | A | 26624] G:\am1-courrier.doc [13/05/2008 - 11:42:32 | A | 29184] G:\AM.doc [30/11/2009 - 09:25:06 | A | 29184] G:\AM-COURRIER.doc [14/12/2009 - 10:18:02 | A | 30208] G:\AM-FRAIS.doc [26/03/2008 - 13:00:54 | A | 20992] G:\AM-MF.xls [22/09/2006 - 10:21:02 | A | 19968] G:\ATTESTATION-CEE.doc [05/07/2007 - 08:57:28 | A | 260608] G:\BAL-BL.xls [27/05/2008 - 06:18:14 | A | 31232] G:\BALENCIAGA-H08.xls [21/07/2005 - 06:44:18 | A | 18432] G:\BAL-ETIQ.xls [11/06/2007 - 08:58:46 | A | 28160] G:\BAL-FAX2.doc [22/07/2008 - 13:43:52 | A | 23552] G:\BAL-PORT-MENDES.xls [28/06/2007 - 11:36:58 | A | 24576] G:\Bestellformular.xls [23/12/2009 - 15:42:16 | A | 103936] G:\BORDEREAU-TRANSPORT.xls [04/12/2008 - 16:55:56 | A | 22016] G:\CAFE2.xls [14/09/2009 - 12:07:50 | A | 20992] G:\CAFE.xls [21/09/2009 - 13:07:08 | A | 131584] G:\CHRISMA'S.xls [11/03/2009 - 16:09:08 | A | 26112] G:\COLLOT BE-NOUV.xls [11/02/2009 - 11:16:36 | A | 31744] G:\COLORIS.xls [21/06/2007 - 09:29:58 | A | 51712] G:\Copie de H07-PREV.KARINE-S25.xls [11/02/2009 - 10:28:44 | A | 32768] G:\COURRIER-Agnès.B.doc [11/02/2009 - 10:32:18 | A | 32768] G:\COURRIER-BAL.doc [01/10/2007 - 14:49:32 | A | 33280] G:\courrier-chapeau.doc [11/02/2009 - 10:50:34 | A | 33792] G:\COURRIER-CHRONO.doc [04/11/2008 - 11:55:52 | A | 34816] G:\COURRIER-courrèges.doc [31/07/2007 - 13:05:34 | A | 32768] G:\courrier-émo.doc [11/02/2009 - 12:43:52 | A | 34304] G:\COURRIER-EXAPAQ.doc [11/02/2009 - 12:48:06 | A | 36864] G:\COURRIER-GROUPAMA.doc [29/09/2006 - 07:38:50 | A | 27648] G:\COURRIER-MAXITRANS.doc [16/09/2008 - 14:55:08 | A | 34304] G:\COURRIER-MCL.doc [04/02/2009 - 16:06:10 | A | 32768] G:\COURRIER-REACH.doc [11/02/2009 - 12:59:28 | A | 33792] G:\COURRIER-REDOUTE2.doc [16/09/2008 - 15:51:26 | A | 33792] G:\courrier-REDOUTE.doc [10/02/2009 - 13:20:44 | A | 30720] G:\courrier-SR.doc [11/02/2009 - 12:46:24 | A | 25088] G:\COURRIER-SR-FANNY-CATH.doc [11/02/2009 - 10:20:10 | A | 36352] G:\COURRIER-TNT.doc [10/10/2007 - 15:12:38 | A | 16384] G:\depart-tn.xls [02/04/2007 - 08:18:32 | A | 205824] G:\Enlèvements Fabt Directs1.xls [15/05/2006 - 15:32:56 | A | 19456] G:\ETIQ-4REV(BAL).xls [05/06/2007 - 11:00:02 | A | 23040] G:\ETIQ MANQUANTE.xls [13/12/2006 - 08:19:00 | A | 19456] G:\ETIQ-ANNE-SOLENE.xls [17/07/2007 - 10:22:24 | A | 19456] G:\ETIQ-BALENCIAGA(isa).xls [20/09/2007 - 12:13:02 | A | 19456] G:\ETIQ-BALENCIAGA.xls [17/10/2006 - 07:56:08 | A | 19456] G:\ETIQ-BAVOUX.xls [21/12/2005 - 13:54:36 | A | 19456] G:\ETIQ-BIOGGIO.xls [13/10/2006 - 09:33:40 | A | 24064] G:\ETIQ-BLOOM.xls [20/01/2006 - 10:56:10 | A | 19456] G:\ETIQ-CADAMPINO.xls [02/10/2007 - 16:04:40 | A | 24064] G:\ETIQ-CAPUCHE2.doc [03/04/2008 - 14:15:54 | A | 25600] G:\ETIQ-CBL.xls [13/11/2002 - 15:17:30 | A | 14848] G:\ETIQ-CENTURY21.xls [19/07/2006 - 13:39:46 | A | 19968] G:\ETIQ-CHACOK1.xls [19/07/2006 - 13:39:30 | A | 19968] G:\ETIQ-CHACOK2.xls [01/03/2006 - 12:33:02 | A | 19456] G:\ETIQ-CHAPEAUX.xls [10/02/2009 - 11:53:46 | A | 37376] G:\ETIQ-CHRISMA'S.xls [30/06/2008 - 13:48:22 | A | 25600] G:\ETIQ-CLAIR.xls [05/02/2007 - 14:36:06 | A | 19968] G:\ETIQ-COURREGES.xls [15/02/2007 - 14:16:02 | A | 19968] G:\ETIQ-DECAMPS.xls [15/02/2006 - 11:59:04 | A | 19968] G:\ETIQ-DUPONT.xls [30/10/2006 - 08:56:56 | A | 19456] G:\ETIQ-EMO.xls [03/07/2006 - 08:53:00 | A | 19456] G:\ETIQ-EUROP.xls [18/12/2006 - 08:31:04 | A | 19456] G:\ETIQ-FAçON.xls [06/12/2005 - 16:13:52 | A | 18944] G:\ETIQ-GANTEB'S.xls [26/09/2007 - 12:17:26 | A | 19456] G:\ETIQ-GIRBAUD.xls [22/04/2008 - 14:12:26 | A | 25600] G:\ETIQ-GUCCI.xls [22/02/2008 - 08:09:42 | A | 25600] G:\ETIQ-HAASE.xls [07/02/2006 - 09:06:54 | A | 20480] G:\ETIQ-INDE.xls [13/11/2008 - 14:31:54 | A | 26112] G:\ETIQ-JASMINE(Fanny).xls [28/04/2008 - 12:24:40 | A | 25600] G:\ETIQ-JUMFIL.xls [04/06/2008 - 18:11:08 | A | 27648] G:\ETIQ-KARMA2.xls [08/10/2007 - 12:17:46 | A | 19456] G:\ETIQ-KARMA.xls [21/04/2008 - 13:16:52 | A | 25600] G:\ETIQ-LACROIX.xls [03/06/2008 - 12:34:26 | A | 25600] G:\ETIQ-LEMIEL.xls [05/11/2008 - 18:18:00 | A | 25600] G:\ETIQ-LOGISTICS-NOVARA.xls [16/04/2008 - 12:16:42 | A | 25600] G:\ETIQ-MONTAGUT.xls [30/10/2008 - 13:46:14 | A | 25600] G:\ETIQ-NOVARA.xls [23/10/2008 - 15:25:00 | A | 25600] G:\ETIQ-PEGGIE.xls [10/12/2007 - 14:13:28 | A | 25600] G:\ETIQ-PLISSESde FR.xls [15/12/2006 - 10:57:22 | A | 19456] G:\ETIQ-REDOUTE.xls [08/01/2009 - 09:14:26 | A | 28160] G:\ETIQ-REPARATIONS.xls [11/01/2006 - 13:54:38 | A | 19968] G:\ETIQ-ROMIMARK.xls [03/07/2006 - 08:47:10 | A | 17920] G:\ETIQ-SCHNEIDER.xls [27/03/2008 - 14:18:46 | A | 25600] G:\ETIQ-SGL-FILATI.xls [01/10/2008 - 10:18:44 | A | 26112] G:\ETIQ-SNC.xls [10/05/2007 - 17:34:42 | A | 19456] G:\ETIQ-Sonia.xls [02/05/2007 - 10:30:08 | A | 19456] G:\ETIQ-SR-ADV.xls [23/04/2007 - 10:19:02 | A | 19456] G:\ETIQ-SR-COMPTA.xls [04/06/2008 - 10:27:54 | A | 28160] G:\ETIQ-SR-enfant2.xls [10/07/2008 - 14:48:22 | A | 27648] G:\ETIQ-SR-enfant2A.xls [11/06/2008 - 10:20:56 | A | 27648] G:\ETIQ-SR-enfant3M.xls [05/06/2008 - 10:21:46 | A | 27136] G:\ETIQ-SR-enfant52.xls [11/05/2007 - 15:00:28 | A | 19456] G:\ETIQ-SR-ENFANT.xls [23/01/2008 - 13:17:28 | A | 26112] G:\ETIQ-SR-ENTREPOT.xls [02/05/2007 - 13:45:28 | A | 19456] G:\ETIQ-SR-evelyne.xls [26/06/2006 - 07:39:02 | A | 19968] G:\etiq-sr-facon.xls [11/06/2008 - 07:25:54 | A | 27648] G:\ETIQ-SRHOMME.xls [24/04/2008 - 10:09:14 | A | 27648] G:\ETIQ-SR-sonia.xls [03/11/2008 - 14:46:40 | A | 25600] G:\ETIQ-SR-StPères.xls [10/02/2009 - 15:36:28 | A | 25600] G:\ETIQ-STATION-SVE.xls [29/10/2007 - 17:19:34 | A | 24576] G:\ETIQ-TISSU.doc [09/10/2007 - 09:41:38 | A | 19456] G:\ETIQ-XARA.xls [25/07/2005 - 13:25:50 | A | 30208] G:\FACTURE.xls [21/01/2009 - 16:40:26 | A | 30208] G:\FAX.xls [22/07/2008 - 14:20:12 | A | 23040] G:\FAX-CARTOUCHE.xls [11/02/2009 - 12:51:54 | A | 27648] G:\FAX-KENZO.doc [07/06/2005 - 10:44:28 | A | 26624] G:\FAX-TUNISIE.doc [11/02/2009 - 17:38:32 | A | 38400] G:\FAX-XARA.doc [30/12/2002 - 14:56:12 | A | 22016] G:\FOIE GRAS.doc [27/02/2008 - 12:05:42 | A | 80384] G:\H08-minutes.xls [19/05/2008 - 16:37:42 | A | 365056] G:\H08-PLANNING.xls [06/02/2008 - 17:33:24 | A | 25088] G:\H08-TISSU.xls [26/09/2007 - 17:47:16 | A | 24064] G:\IMPRIMANTE(nettoyage).doc [05/02/2009 - 11:26:42 | A | 24576] G:\LCT-PREVISIONNEL.xls [18/02/2008 - 17:57:50 | A | 57856] G:\LIVRAISONS-08-S07.xls [28/11/2007 - 13:52:06 | A | 43008] G:\LIVRAISONS.xls [12/10/2007 - 07:23:36 | A | 21504] G:\LIVRAISONS-HAASE.xls [08/11/2006 - 11:53:44 | A | 36864] G:\LOGISTIQUE-BALENCIAGA.doc [08/11/2006 - 11:58:16 | A | 52736] G:\LOGISTIQUE-SR.doc [18/11/2008 - 12:25:08 | A | 115712] G:\MAXITRANS-BL.xls [19/11/2008 - 13:44:50 | A | 30208] G:\maxitrans-courrier.doc [18/04/2007 - 12:48:16 | A | 204800] G:\Message d.doc [28/10/2008 - 12:11:00 | A | 88474] G:\Mobil-home-1 [08/07/2008 - 16:16:58 | A | 13824] G:\Nouveau Feuille de calcul Microsoft Excel.xls [30/11/2005 - 12:10:36 | A | 3440640] G:\Outlook.pst [24/12/2008 - 11:10:00 | A | 40252] G:\Photo 041.jpg [27/01/2009 - 14:21:56 | A | 23552] G:\PROD-C08-E09.xls [22/09/2008 - 16:10:04 | A | 127488] G:\PROD-H08.xls [24/04/2007 - 12:11:02 | A | 47104] G:\pro-forma.xls [10/10/2007 - 14:40:44 | A | 261120] G:\RECAP-FACT.xls [08/03/2007 - 10:07:48 | A | 36864] G:\redoute-bl.xls [26/03/2007 - 10:31:56 | A | 17920] G:\REDOUTE-E07.xls [16/06/2008 - 16:03:10 | A | 118784] G:\REPETITIONS-C08-E09.xls [14/01/2008 - 18:35:00 | A | 230400] G:\REPETITIONS-H08.xls [15/01/2009 - 10:00:38 | A | 123904] G:\REPETITIONS-H09.xls [17/11/2008 - 16:14:34 | A | 36864] G:\SA WEILL VETEMENT.doc [09/04/2003 - 10:36:04 | A | 28160] G:\SAM.xls [30/04/2004 - 08:26:18 | A | 14336] G:\SAM-REFACT.xls [30/12/2002 - 13:23:44 | A | 20992] G:\SECU.xls [05/01/2009 - 15:07:34 | A | 214016] G:\SR-BL.xls [06/12/2007 - 11:00:14 | A | 266752] G:\SR-FACT.xls [12/12/2005 - 08:43:54 | A | 24064] G:\SR-FAX.doc [12/04/2006 - 14:20:48 | A | 19456] G:\SRH06-PDS.xls [10/01/2006 - 10:55:58 | A | 125440] G:\SRLCT-E06.xls [11/02/2009 - 13:02:34 | A | 185344] G:\SR-RECAP.xls [28/04/2005 - 10:11:26 | A | 24064] G:\STAT-CDE.xls [12/09/2007 - 14:30:28 | A | 62464] G:\STITCHES-C07.xls [04/10/2007 - 08:56:10 | A | 218624] G:\STITCHES-E08.xls [17/04/2008 - 13:05:22 | A | 75776] G:\STITCHES-H08.xls [11/02/2009 - 17:44:38 | A | 84480] G:\STITCHES-NBRE-MAILLE.xls [30/10/2008 - 16:30:58 | A | 65024] G:\STKSR-C08.xls [04/02/2009 - 13:17:42 | A | 114688] G:\STKSR-H08.xls [20/05/2008 - 10:22:22 | A | 29696] G:\TARIF-CLAIR-H08.xls [15/05/2008 - 12:57:46 | A | 46592] G:\TARIF-DONA-H08.xls [20/03/2008 - 17:21:58 | A | 24064] G:\TARIF-H08.xls [03/06/2008 - 10:35:36 | A | 27136] G:\TARIF-MCL-H08.xls [29/12/2008 - 09:19:54 | A | 56320] G:\TELEPHONE.xls [08/02/2006 - 16:42:14 | A | 36352] G:\TU FACTURE + LISTE COLISAGE.xls [27/10/2005 - 17:54:02 | A | 46080] G:\TUNISIE.xls [23/12/2008 - 08:55:22 | A | 30208] G:\VOEUX.xls [05/05/2008 - 11:51:24 | A | 25088] G:\VTE-PERSO-2.xls [23/12/2008 - 13:42:32 | A | 24576] G:\VTE-PERSO-3.xls [05/02/2009 - 15:32:30 | A | 32768] G:\VTES-BOUTIQUE.xls [11/02/2009 - 17:42:16 | A | 15872] G:\VTES-PERSO-1.xls [18/11/2008 - 14:16:44 | A | 33792] G:\WEILL-courrier.doc [08/01/2008 - 10:22:26 | A | 80896] G:\XARA-E08.xls [03/06/2008 - 15:02:36 | A | 44032] G:\XARA-H08-TARIF.xls [11/02/2009 - 17:47:52 | A | 116736] G:\H09-PLANNING.xls [04/02/2009 - 10:03:34 | A | 407040] G:\E09-PLANNING1.xls [11/02/2009 - 14:45:36 | A | 91728] G:\SE034B.jpg [23/12/2009 - 17:34:42 | D ] G:\FACTURES DGE [05/11/2009 - 09:01:26 | A | 59904] G:\028 HAASE E10.xls [30/04/2009 - 15:17:24 | A | 88064] G:\028 HAASE H09.xls [10/12/2009 - 08:38:50 | A | 39936] G:\101W_HAASE_BL09012B.XLS [17/12/2009 - 11:38:44 | A | 39936] G:\101W_HAASE_BL09014B.XLS [11/12/2009 - 09:51:10 | A | 27136] G:\AM-carte.doc [26/05/2009 - 15:25:00 | A | 139417] G:\attestation-plume.jpg [03/11/2009 - 11:09:58 | A | 7924] G:\AVOIR1247.pdf [29/04/2009 - 19:15:32 | A | 22016] G:\BE-E10.xls [23/12/2009 - 16:45:14 | A | 96256] G:\BILAN-2009.xls [23/12/2009 - 15:44:50 | A | 102400] G:\BORDEREAU-GRAVELEAU.XLS [17/12/2009 - 11:25:18 | A | 103424] G:\BORDEREAU-TRANSPORT.LVMHxls.xls [16/12/2009 - 15:03:38 | A | 144896] G:\BORDEREAU-TRANSPORT-LDI.XLS [07/10/2009 - 10:41:58 | A | 26624] G:\c.jourdan.xls [26/05/2009 - 07:58:00 | A | 166136] G:\Certificat.jpg [21/12/2009 - 10:28:20 | A | 52736] G:\CHRISMAS'S-Tarif-Vtes-perso.xls [03/11/2009 - 08:17:38 | A | 30884] G:\Copie de SR1-OF072.pdf ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_ACER-9BBEC83C10.zip http://chiquitine.changelog.fr/Sample/Upload.php Merci de votre contribution. ################## | E.O.F |

rapport de recherche de mes 2 dernières clés: ############################## | UsbFix 7.003 | Utilisateur: utilisateur (Administrateur) # ACER-9BBEC83C10 [ ] Mis à jour le 01/06/10 par El Desaparecido & C_XX Lancé à 11:41:50 | 04/06/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Celeron® Dual-Core CPU T3000 @ 1.80GHz CPU 2: Celeron® Dual-Core CPU T3000 @ 1.80GHz Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 7.0.5730.13 Pare-feu Windows: Désactivé /!\ Antivirus: AntiVir Desktop 9.0.1.32 [Enabled | Updated] Firewall: ZoneAlarm Firewall 7.0.483.000 [Enabled] RAM -> 3001 Mo C:\ (%systemdrive%) -> Disque fixe # 112 Go (80 Go libre(s) - 72%) [ACER] # NTFS D:\ -> Disque fixe # 112 Go (111 Go libre(s) - 100%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [sTORE N GO] # FAT32 G:\ -> Disque amovible # 252 Mo (223 Mo libre(s) - 89%) [sAUVEGARDE] # FAT ################## | Éléments infectieux | Présent! F:\Autorun.inf Présent! G:\Autorun.inf Présent! C:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 Présent! D:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 Présent! F:\start.exe Présent! G:\start.exe ################## | Registre | ################## | Mountpoints2 | ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | E.O.F |

rapport de desinfection de mes autres clés: ############################## | UsbFix 7.003 | Utilisateur: utilisateur (Administrateur) # ACER-9BBEC83C10 [ ] Mis à jour le 01/06/10 par El Desaparecido & C_XX Lancé à 11:17:17 | 04/06/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Celeron® Dual-Core CPU T3000 @ 1.80GHz CPU 2: Celeron® Dual-Core CPU T3000 @ 1.80GHz Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 7.0.5730.13 Pare-feu Windows: Désactivé /!\ Antivirus: AntiVir Desktop 9.0.1.32 [Enabled | Updated] Firewall: ZoneAlarm Firewall 7.0.483.000 [Enabled] RAM -> 3001 Mo C:\ (%systemdrive%) -> Disque fixe # 112 Go (80 Go libre(s) - 72%) [ACER] # NTFS D:\ -> Disque fixe # 112 Go (111 Go libre(s) - 100%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 7 Go (7 Go libre(s) - 99%) [sTORE N GO] # FAT32 G:\ -> Disque amovible # 123 Mo (41 Mo libre(s) - 33%) [WOLVERINE] # FAT ################## | Éléments infectieux | Supprimé! F:\Autorun.inf Supprimé! C:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 Supprimé! D:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 Supprimé! G:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665 Supprimé! F:\start.exe Supprimé! G:\autorun.VIR Supprimé! G:\start.exe ################## | Registre | ################## | Mountpoints2 | ################## | Listing | [04/06/2010 - 11:05:59 | A | 5372] C:\aaw7boot.log [15/09/2009 - 21:18:55 | D ] C:\Acer [08/07/2008 - 19:29:14 | A | 0] C:\AUTOEXEC.BAT [03/06/2010 - 21:27:43 | RASHD ] C:\Autorun.inf [16/09/2009 - 06:10:54 | D ] C:\BOOK [15/09/2009 - 21:16:36 | RASH | 212] C:\boot.ini [14/04/2008 - 06:00:00 | RASH | 4952] C:\Bootfont.bin [08/07/2008 - 21:14:08 | SH | 512] C:\BOOTSECT.DOS [02/06/2010 - 22:39:24 | D ] C:\Config.Msi [08/07/2008 - 19:29:14 | A | 0] C:\CONFIG.SYS [17/09/2009 - 17:08:27 | D ] C:\Dell922 [30/05/2010 - 10:42:59 | D ] C:\DOCS [30/05/2010 - 11:09:05 | D ] C:\Documents and Settings [16/09/2009 - 04:18:21 | D ] C:\DOTNETFX [15/09/2009 - 21:36:57 | AD ] C:\elements [04/06/2010 - 11:06:02 | ASH | 3146629120] C:\hiberfil.sys [16/09/2009 - 04:21:45 | AD ] C:\I386 [16/09/2009 - 04:21:45 | D ] C:\Intel [08/07/2008 - 19:29:14 | RASH | 0] C:\IO.SYS [08/07/2008 - 19:29:14 | RASH | 0] C:\MSDOS.SYS [14/04/2008 - 06:00:00 | RASH | 47564] C:\NTDETECT.COM [14/04/2008 - 06:00:00 | RASH | 252240] C:\ntldr [04/06/2010 - 11:06:00 | ASH | 2145386496] C:\pagefile.sys [22/07/2009 - 20:18:24 | ASH | 7329] C:\Patch.rev [31/08/2008 - 00:24:52 | RASH | 73] C:\preload.aaa [31/08/2008 - 00:24:52 | RASH | 73] C:\Preload.rev [17/09/2009 - 23:33:26 | D ] C:\pro-gre [03/06/2010 - 19:03:49 | RD ] C:\Program Files [04/06/2010 - 11:34:42 | SHD ] C:\RECYCLER [31/05/2010 - 18:53:11 | A | 2626] C:\repupdat.bat [15/09/2009 - 21:19:59 | A | 593] C:\RHDSetup.log [03/06/2010 - 19:04:57 | D ] C:\rsit [08/07/2008 - 19:41:12 | D ] C:\SUPPORT [16/09/2009 - 04:25:03 | D ] C:\sysinfo [18/11/2009 - 08:40:25 | SHD ] C:\System Volume Information [17/09/2009 - 17:08:29 | D ] C:\Temp [16/09/2009 - 04:25:03 | AD ] C:\tools [04/06/2010 - 11:17:40 | D ] C:\UsbFix [04/06/2010 - 11:34:49 | A | 3261] C:\Usbfix.txt [03/06/2010 - 21:27:47 | A | 5776] C:\UsbFix_Upload_Me_ACER-9BBEC83C10.zip [16/09/2009 - 04:25:05 | D ] C:\VALUEADD [15/09/2009 - 21:31:56 | A | 491712] C:\vcredist_x86.log [04/06/2010 - 11:07:53 | D ] C:\WINDOWS [03/06/2010 - 21:26:43 | SHD ] D:\$RECYCLE.BIN [18/09/2009 - 18:36:29 | D ] D:\691835f6d8424cd90b8f [03/06/2010 - 21:27:43 | RASHD ] D:\Autorun.inf [04/06/2010 - 11:34:42 | SHD ] D:\RECYCLER [18/11/2009 - 13:00:21 | SHD ] D:\System Volume Information [28/09/2009 - 12:42:18 | A | 5894312] F:\CarryItEasy.exe [15/02/2008 - 18:16:00 | A | 476957] F:\Password Protection User Manual (CarryItEasy.exe).pdf [19/01/2010 - 14:40:44 | A | 37888] F:\afact.xls [04/11/2009 - 10:48:04 | A | 8278] F:\FACT1254.pdf [04/11/2009 - 10:48:18 | A | 8267] F:\FACT1255.pdf [04/11/2009 - 10:48:32 | A | 8344] F:\FACT1256.pdf [29/10/2009 - 11:23:10 | A | 79091] F:\haasefactex.pdf [10/06/2009 - 16:55:00 | A | 120270] F:\HISTO-V00003128.pdf [27/11/2009 - 07:58:04 | A | 26624] F:\am1-courrier.doc [13/05/2008 - 11:42:32 | A | 29184] F:\AM.doc [11/12/2009 - 09:51:10 | A | 27136] F:\AM-carte.doc [30/11/2009 - 09:25:06 | A | 29184] F:\AM-COURRIER.doc [14/12/2009 - 10:18:02 | A | 30208] F:\AM-FRAIS.doc [22/09/2006 - 10:21:02 | A | 19968] F:\ATTESTATION-CEE.doc [11/06/2007 - 08:58:46 | A | 28160] F:\BAL-FAX2.doc [11/02/2009 - 10:28:44 | A | 32768] F:\COURRIER-Agnès.B.doc [11/02/2009 - 10:32:18 | A | 32768] F:\COURRIER-BAL.doc [01/10/2007 - 14:49:32 | A | 33280] F:\courrier-chapeau.doc [16/06/2009 - 16:32:24 | A | 36352] F:\COURRIER-Chrismas's.doc [11/02/2009 - 10:50:34 | A | 33792] F:\COURRIER-CHRONO.doc [09/07/2009 - 14:36:42 | A | 29184] F:\COURRIER-courrèges.doc [14/12/2009 - 11:19:30 | A | 33280] F:\COURRIER-CT-VTES.doc [31/07/2007 - 13:05:34 | A | 32768] F:\courrier-émo.doc [11/02/2009 - 12:43:52 | A | 34304] F:\COURRIER-EXAPAQ.doc [11/02/2009 - 12:48:06 | A | 36864] F:\COURRIER-GROUPAMA.doc [28/07/2009 - 11:19:24 | A | 29696] F:\courrier-jumfil.doc [29/09/2006 - 07:38:50 | A | 27648] F:\COURRIER-MAXITRANS.doc [16/09/2008 - 14:55:08 | A | 34304] F:\COURRIER-MCL.doc [22/04/2009 - 12:20:04 | A | 30720] F:\COURRIER-MORY-LDI.intdoc.doc [04/02/2009 - 16:06:10 | A | 32768] F:\COURRIER-REACH.doc [11/02/2009 - 12:59:28 | A | 33792] F:\COURRIER-REDOUTE2.doc [16/09/2008 - 15:51:26 | A | 33792] F:\courrier-REDOUTE.doc [09/07/2009 - 14:26:44 | A | 32768] F:\COURRIER-roux.doc [10/02/2009 - 13:20:44 | A | 30720] F:\courrier-SR.doc [11/02/2009 - 12:46:24 | A | 25088] F:\COURRIER-SR-FANNY-CATH.doc [09/03/2009 - 13:02:18 | A | 34816] F:\COURRIER-TELECOM.doc [07/08/2009 - 07:14:52 | A | 31744] F:\COURRIER-téléSurveillance.doc [11/02/2009 - 10:20:10 | A | 36352] F:\COURRIER-TNT.doc [22/04/2009 - 16:51:04 | A | 31744] F:\COURRIER-TNT.intdoc.doc [02/10/2007 - 16:04:40 | A | 24064] F:\ETIQ-CAPUCHE2.doc [29/10/2007 - 17:19:34 | A | 24576] F:\ETIQ-TISSU.doc [11/02/2009 - 12:51:54 | A | 27648] F:\FAX-KENZO.doc [07/06/2005 - 10:44:28 | A | 26624] F:\FAX-TUNISIE.doc [11/02/2009 - 17:38:32 | A | 38400] F:\FAX-XARA.doc [30/12/2002 - 14:56:12 | A | 22016] F:\FOIE GRAS.doc [26/09/2007 - 17:47:16 | A | 24064] F:\IMPRIMANTE(nettoyage).doc [08/11/2006 - 11:53:44 | A | 36864] F:\LOGISTIQUE-BALENCIAGA.doc [08/11/2006 - 11:58:16 | A | 52736] F:\LOGISTIQUE-SR.doc [19/11/2008 - 13:44:50 | A | 30208] F:\maxitrans-courrier.doc [26/03/2009 - 08:27:58 | A | 136704] F:\mory-ldi.doc [17/11/2008 - 16:14:34 | A | 36864] F:\SA WEILL VETEMENT.doc [12/12/2005 - 08:43:54 | A | 24064] F:\SR-FAX.doc [15/07/2009 - 17:08:12 | A | 33280] F:\TEXTE-FACTURE.doc [18/11/2008 - 14:16:44 | A | 33792] F:\WEILL-courrier.doc [17/09/2008 - 10:07:50 | A | 71168] F:\028 HAASE C08.xls [13/01/2009 - 11:14:22 | A | 73728] F:\028 HAASE E09.xls [05/11/2009 - 09:01:26 | A | 59904] F:\028 HAASE E10.xls [17/04/2008 - 12:57:20 | A | 75776] F:\028 HAASE H08.xls [30/04/2009 - 15:17:24 | A | 88064] F:\028 HAASE H09.xls [02/05/2007 - 07:44:04 | A | 17408] F:\028 HAASE RH 07H.xls [20/04/2007 - 08:09:06 | A | 16896] F:\028 Haase SN 07H.xls [23/04/2007 - 12:39:08 | A | 30720] F:\028 Haase SR 07H.xls [10/12/2009 - 08:38:50 | A | 39936] F:\101W_HAASE_BL09012B.XLS [17/12/2009 - 11:38:44 | A | 39936] F:\101W_HAASE_BL09014B.XLS [09/03/2006 - 17:13:50 | A | 14336] F:\ADRESSES.xls [26/03/2008 - 13:00:54 | A | 20992] F:\AM-MF.xls [05/07/2007 - 08:57:28 | A | 260608] F:\BAL-BL.xls [27/05/2008 - 06:18:14 | A | 31232] F:\BALENCIAGA-H08.xls [21/07/2005 - 06:44:18 | A | 18432] F:\BAL-ETIQ.xls [22/07/2008 - 13:43:52 | A | 23552] F:\BAL-PORT-MENDES.xls [29/04/2009 - 19:15:32 | A | 22016] F:\BE-E10.xls [28/06/2007 - 11:36:58 | A | 24576] F:\Bestellformular.xls [12/01/2010 - 11:23:54 | A | 122368] F:\BILAN.xls [23/12/2009 - 15:44:50 | A | 102400] F:\BORDEREAU-GRAVELEAU.XLS [17/12/2009 - 11:25:18 | A | 103424] F:\BORDEREAU-TRANSPORT.LVMHxls.xls [14/01/2010 - 15:59:36 | A | 102912] F:\BORDEREAU-TRANSPORT.xls [16/12/2009 - 15:03:38 | A | 144896] F:\BORDEREAU-TRANSPORT-LDI.XLS [07/10/2009 - 10:41:58 | A | 26624] F:\c.jourdan.xls [04/12/2008 - 16:55:56 | A | 22016] F:\CAFE2.xls [14/09/2009 - 12:07:50 | A | 20992] F:\CAFE.xls [21/09/2009 - 13:07:08 | A | 131584] F:\CHRISMA'S.xls [21/12/2009 - 10:28:20 | A | 52736] F:\CHRISMAS'S-Tarif-Vtes-perso.xls [11/03/2009 - 16:09:08 | A | 26112] F:\COLLOT BE-NOUV.xls [11/02/2009 - 11:16:36 | A | 31744] F:\COLORIS.xls [30/07/2009 - 17:39:26 | A | 22016] F:\depart-tn.xls [11/12/2009 - 10:49:40 | A | 34304] F:\DGE.xls [02/04/2007 - 08:18:32 | A | 205824] F:\Enlèvements Fabt Directs1.xls [15/05/2006 - 15:32:56 | A | 19456] F:\ETIQ-4REV(BAL).xls [16/09/2009 - 12:13:52 | A | 20480] F:\ETIQ MANQUANTE.xls [17/06/2009 - 11:10:06 | A | 48128] F:\ETIQ-AGNESb.xls [13/12/2006 - 08:19:00 | A | 19456] F:\ETIQ-ANNE-SOLENE.xls [17/07/2007 - 10:22:24 | A | 19456] F:\ETIQ-BALENCIAGA(isa).xls [20/09/2007 - 12:13:02 | A | 19456] F:\ETIQ-BALENCIAGA.xls [17/10/2006 - 07:56:08 | A | 19456] F:\ETIQ-BAVOUX.xls [21/12/2005 - 13:54:36 | A | 19456] F:\ETIQ-BIOGGIO.xls [13/10/2006 - 09:33:40 | A | 24064] F:\ETIQ-BLOOM.xls [20/01/2006 - 10:56:10 | A | 19456] F:\ETIQ-CADAMPINO.xls [05/10/2009 - 16:05:14 | A | 27648] F:\ETIQ-CB.xls [03/04/2008 - 14:15:54 | A | 25600] F:\ETIQ-CBL.xls [13/11/2002 - 15:17:30 | A | 14848] F:\ETIQ-CENTURY21.xls [19/07/2006 - 13:39:46 | A | 19968] F:\ETIQ-CHACOK1.xls [19/07/2006 - 13:39:30 | A | 19968] F:\ETIQ-CHACOK2.xls [01/03/2006 - 12:33:02 | A | 19456] F:\ETIQ-CHAPEAUX.xls [16/02/2009 - 08:38:20 | A | 25600] F:\ETIQ-Charlotte-Camille.xls [29/04/2009 - 13:10:42 | A | 48128] F:\ETIQ-CHRISMA'S.xls [30/06/2008 - 13:48:22 | A | 25600] F:\ETIQ-CLAIR.xls [05/02/2007 - 14:36:06 | A | 19968] F:\ETIQ-COURREGES.xls [15/02/2007 - 14:16:02 | A | 19968] F:\ETIQ-DECAMPS.xls [01/12/2009 - 08:32:30 | A | 26112] F:\ETIQ-deCHANGY.xls [26/03/2009 - 16:34:20 | A | 25600] F:\ETIQ-deFURSAC.xls [21/07/2009 - 15:04:42 | A | 48128] F:\ETIQ-DGE(groupama).xls [28/10/2009 - 12:24:34 | A | 48128] F:\ETIQ-DGE.xls [15/02/2006 - 11:59:04 | A | 19968] F:\ETIQ-DUPONT.xls [24/06/2009 - 14:57:26 | A | 25600] F:\ETIQ-EMO.xls [03/07/2006 - 08:53:00 | A | 19456] F:\ETIQ-EUROP.xls [18/12/2006 - 08:31:04 | A | 19456] F:\ETIQ-FAçON.xls [06/12/2005 - 16:13:52 | A | 18944] F:\ETIQ-GANTEB'S.xls [26/09/2007 - 12:17:26 | A | 19456] F:\ETIQ-GIRBAUD.xls [22/04/2008 - 14:12:26 | A | 25600] F:\ETIQ-GUCCI.xls [22/02/2008 - 08:09:42 | A | 25600] F:\ETIQ-HAASE.xls [07/02/2006 - 09:06:54 | A | 20480] F:\ETIQ-INDE.xls [13/11/2008 - 14:31:54 | A | 26112] F:\ETIQ-JASMINE(Fanny).xls [27/11/2009 - 09:52:10 | A | 25600] F:\ETIQ-JM.tricot.xls [28/04/2008 - 12:24:40 | A | 25600] F:\ETIQ-JUMFIL.xls [04/06/2008 - 18:11:08 | A | 27648] F:\ETIQ-KARMA2.xls [08/10/2007 - 12:17:46 | A | 19456] F:\ETIQ-KARMA.xls [21/04/2008 - 13:16:52 | A | 25600] F:\ETIQ-LACROIX.xls [03/06/2008 - 12:34:26 | A | 25600] F:\ETIQ-LEMIEL.xls [05/11/2008 - 18:18:00 | A | 25600] F:\ETIQ-LOGISTICS-NOVARA.xls [06/08/2009 - 14:18:46 | A | 48128] F:\ETIQ-LVMH.xls [16/04/2008 - 12:16:42 | A | 25600] F:\ETIQ-MONTAGUT.xls [23/04/2009 - 12:53:46 | A | 25600] F:\ETIQ-MV-TEXTILES.xls [06/08/2009 - 07:24:06 | A | 26112] F:\ETIQ-NATURELLE.xls [30/10/2008 - 13:46:14 | A | 25600] F:\ETIQ-NOVARA.xls [23/10/2008 - 15:25:00 | A | 25600] F:\ETIQ-PEGGIE.xls [10/12/2007 - 14:13:28 | A | 25600] F:\ETIQ-PLISSESde FR.xls [01/07/2009 - 15:22:24 | A | 26112] F:\ETIQ-POLOGNE.xls [15/12/2006 - 10:57:22 | A | 19456] F:\ETIQ-REDOUTE.xls [22/10/2009 - 14:23:14 | A | 28160] F:\ETIQ-REPARATIONS.xls [11/01/2006 - 13:54:38 | A | 19968] F:\ETIQ-ROMIMARK.xls [03/07/2006 - 08:47:10 | A | 17920] F:\ETIQ-SCHNEIDER.xls [27/03/2008 - 14:18:46 | A | 25600] F:\ETIQ-SGL-FILATI.xls [01/10/2008 - 10:18:44 | A | 26112] F:\ETIQ-SNC.xls [10/05/2007 - 17:34:42 | A | 19456] F:\ETIQ-Sonia.xls [05/08/2009 - 10:32:32 | A | 25600] F:\ETIQ-SR-ADV.xls [23/04/2007 - 10:19:02 | A | 19456] F:\ETIQ-SR-COMPTA.xls [24/03/2009 - 12:23:40 | A | 25600] F:\ETIQ-SR-DDB.xls [04/06/2008 - 10:27:54 | A | 28160] F:\ETIQ-SR-enfant2.xls [10/07/2008 - 14:48:22 | A | 27648] F:\ETIQ-SR-enfant2A.xls [11/06/2008 - 10:20:56 | A | 27648] F:\ETIQ-SR-enfant3M.xls [05/06/2008 - 10:21:46 | A | 27136] F:\ETIQ-SR-enfant52.xls [11/05/2007 - 15:00:28 | A | 19456] F:\ETIQ-SR-ENFANT.xls [23/01/2008 - 13:17:28 | A | 26112] F:\ETIQ-SR-ENTREPOT.xls [02/05/2007 - 13:45:28 | A | 19456] F:\ETIQ-SR-evelyne.xls [26/06/2006 - 07:39:02 | A | 19968] F:\etiq-sr-facon.xls [11/06/2008 - 07:25:54 | A | 27648] F:\ETIQ-SRHOMME.xls [24/04/2008 - 10:09:14 | A | 27648] F:\ETIQ-SR-sonia.xls [31/03/2009 - 10:40:04 | A | 25600] F:\ETIQ-SR-StPères.xls [10/02/2009 - 15:36:28 | A | 25600] F:\ETIQ-STATION-SVE.xls [19/01/2010 - 14:10:54 | A | 62976] F:\ETIQ-STOCK.xls [09/10/2007 - 09:41:38 | A | 19456] F:\ETIQ-XARA.xls [25/07/2005 - 13:25:50 | A | 30208] F:\FACTURE.xls [21/01/2009 - 16:40:26 | A | 30208] F:\FAX.xls [22/12/2009 - 12:53:42 | A | 23040] F:\FAX-CARTOUCHE.xls [27/02/2008 - 12:05:42 | A | 80384] F:\H08-minutes.xls [19/05/2008 - 16:37:42 | A | 365056] F:\H08-PLANNING.xls [06/02/2008 - 17:33:24 | A | 25088] F:\H08-TISSU.xls [11/03/2009 - 09:54:44 | A | 270848] F:\H09-PLANNING.xls [14/04/2009 - 10:36:26 | A | 39936] F:\HAAS REPERTOIRClasseur1.xls [18/02/2008 - 17:57:50 | A | 57856] F:\LIVRAISONS-08-S07.xls [19/03/2009 - 08:23:28 | A | 27136] F:\LIV-SR-H09-AL.xls [03/12/2009 - 14:42:46 | A | 27648] F:\LVMH-BL-101W_HAASE_BL09013B.XLS [26/10/2009 - 17:46:52 | A | 281600] F:\MADE-IN-E10.xls [25/05/2009 - 11:22:22 | A | 144896] F:\MARINE-TPS.xls [18/11/2008 - 12:25:08 | A | 115712] F:\MAXITRANS-BL.xls [08/07/2008 - 16:16:58 | A | 13824] F:\Nouveau Feuille de calcul Microsoft Excel.xls [20/10/2009 - 16:47:22 | A | 429568] F:\PANTALON.xls [14/12/2009 - 17:13:34 | A | 22016] F:\POLOGNE-SR-E10.xls [23/03/2009 - 17:27:18 | A | 23552] F:\POLOGNE-SR-H09.xls [20/04/2009 - 16:41:14 | A | 24064] F:\PROD-C08-E09.xls [18/01/2010 - 07:39:00 | A | 23040] F:\PROD-E10.xls [26/10/2009 - 17:34:12 | A | 22016] F:\PROD-H09.xls [24/04/2007 - 12:11:02 | A | 47104] F:\pro-forma.xls [08/03/2007 - 10:07:48 | A | 36864] F:\redoute-bl.xls [26/03/2007 - 10:31:56 | A | 17920] F:\REDOUTE-E07.xls [16/06/2008 - 16:03:10 | A | 118784] F:\REPETITIONS-C08-E09.xls [22/12/2009 - 18:14:00 | A | 163840] F:\REPETITIONS-E10.xls [14/01/2008 - 18:35:00 | A | 230400] F:\REPETITIONS-H08.xls [03/08/2009 - 10:19:36 | A | 149504] F:\REPETITIONS-H09.xls [14/01/2010 - 17:03:02 | A | 163328] F:\REPETITIONS-H10.xls [09/04/2003 - 10:36:04 | A | 28160] F:\SAM.xls [30/04/2004 - 08:26:18 | A | 14336] F:\SAM-REFACT.xls [30/12/2002 - 13:23:44 | A | 20992] F:\SECU.xls [23/12/2009 - 07:17:02 | A | 375296] F:\SR-BL.xls [04/08/2009 - 11:59:16 | A | 34304] F:\SR-E10-AL-LIV.xls [10/01/2006 - 10:55:58 | A | 125440] F:\SRLCT-E06.xls [14/01/2010 - 12:03:04 | A | 224256] F:\SR-RECAP.xls [28/04/2005 - 10:11:26 | A | 24064] F:\STAT-CDE.xls [12/09/2007 - 14:30:28 | A | 62464] F:\STITCHES-C07.xls [04/10/2007 - 08:56:10 | A | 218624] F:\STITCHES-E08.xls [17/04/2008 - 13:05:22 | A | 75776] F:\STITCHES-H08.xls [26/10/2009 - 19:35:50 | A | 154112] F:\STITCHES-NBRE-MAILLE.xls [05/08/2009 - 07:24:48 | A | 172544] F:\STKSR2-H08.xls [16/09/2009 - 10:27:40 | A | 42496] F:\STKSR-C08.xls [04/08/2009 - 16:40:22 | A | 148992] F:\STKSR-H08.xls [06/04/2009 - 16:45:38 | A | 45056] F:\STKSR-SD.xls [13/01/2010 - 18:04:18 | A | 85504] F:\TELEPHONE2.xls [15/04/2009 - 13:34:00 | A | 41472] F:\TELEPHONE3.xls [29/12/2008 - 09:19:54 | A | 56320] F:\TELEPHONE.xls [08/02/2006 - 16:42:14 | A | 36352] F:\TU FACTURE + LISTE COLISAGE.xls [27/10/2005 - 17:54:02 | A | 46080] F:\TUNISIE.xls [24/11/2009 - 11:17:42 | A | 158208] F:\TUNISIE-SR-E10.xls [05/08/2009 - 09:13:02 | A | 31744] F:\TUNISIE-SR-H09.xls [17/12/2009 - 08:50:26 | A | 45568] F:\VOEUX.xls [05/05/2008 - 11:51:24 | A | 25088] F:\VTE-PERSO-2.xls [23/12/2008 - 13:42:32 | A | 24576] F:\VTE-PERSO-3.xls [15/10/2009 - 10:10:40 | A | 97792] F:\VTES-BOUTIQUE.xls [09/12/2009 - 13:21:56 | A | 26112] F:\VTES-PERSO-1.xls [08/01/2008 - 10:22:26 | A | 80896] F:\XARA-E08.xls [03/06/2008 - 15:02:36 | A | 44032] F:\XARA-H08-TARIF.xls [28/09/2009 - 16:07:18 | A | 31839] F:\Fw Fwd INFO à prendre au sérieux.htm [26/05/2009 - 15:25:00 | A | 139417] F:\attestation-plume.jpg [26/05/2009 - 07:58:00 | A | 166136] F:\Certificat.jpg [22/07/2009 - 17:09:00 | A | 198128] F:\COURRIER-MORY.LDI.jpg [29/10/2009 - 11:02:00 | A | 95974] F:\haasebold-clair.jpg [29/10/2009 - 11:02:00 | A | 95974] F:\haaselogoutilisateur.jpg [30/11/2005 - 12:10:36 | A | 3440640] F:\Outlook.pst [19/01/2010 - 14:45:32 | D ] F:\Envoi par PDFmail [19/01/2010 - 14:45:32 | D ] F:\FACTURES DGE [19/01/2010 - 14:45:52 | RD ] F:\Ma musique [19/01/2010 - 14:45:52 | RD ] F:\Mes images [19/01/2010 - 14:45:56 | D ] F:\Nouveau dossier [03/11/2009 - 11:09:58 | A | 7924] F:\AVOIR1247.pdf [03/11/2009 - 08:17:38 | A | 30884] F:\Copie de SR1-OF072.pdf [03/11/2009 - 08:18:40 | A | 30177] F:\Copie de SR1-OF073.pdf [03/11/2009 - 08:18:58 | A | 26355] F:\Copie de SR1-OF075.pdf [03/11/2009 - 08:19:18 | A | 23928] F:\Copie de SR1-OF076.pdf [03/11/2009 - 08:15:28 | A | 8530] F:\fact1199.pdf [04/11/2009 - 10:47:44 | A | 8243] F:\FACT1253.pdf [16/02/2010 - 08:04:30 | D ] F:\dessin h10 [03/03/2010 - 17:28:06 | A | 2729912] F:\TeamViewer_Setup.exe [13/04/2010 - 08:16:06 | A | 24371] G:\H10TEE SHIRT.mdl [13/04/2010 - 10:08:08 | A | 2389] G:\NAURUTH.PLX [13/04/2010 - 10:08:10 | A | 2152] G:\NAURUTO.PLX [13/04/2010 - 10:08:10 | A | 39515] G:\GIDE.mdl [13/04/2010 - 10:08:10 | A | 3981] G:\GIDE.PLX [13/04/2010 - 10:08:10 | A | 2252] G:\GIDETH.PLX [13/04/2010 - 10:08:12 | A | 2140] G:\GIDETO.PLX [13/04/2010 - 10:08:12 | A | 29720] G:\JACANA.mdl [13/04/2010 - 10:08:12 | A | 2396] G:\JACANAIM.PLX [13/04/2010 - 10:08:12 | A | 2409] G:\JACANAM.PLX [13/04/2010 - 10:08:14 | A | 63351] G:\NAURU.mdl [13/04/2010 - 10:08:14 | A | 4648] G:\NAURU.PLX [13/04/2010 - 10:08:14 | A | 2038] G:\NAURUOU.PLX [13/04/2010 - 10:08:40 | A | 43938] G:\chrismass@chrismass.fr_20100412_143625.pdf [13/04/2010 - 10:08:40 | A | 3764] G:\BEJA.PLX [13/04/2010 - 10:08:40 | A | 2142] G:\BEJATO.PLX [13/04/2010 - 10:08:42 | A | 41593] G:\AKIKO.mdl [13/04/2010 - 10:08:42 | A | 3633] G:\AKIKO.PLX [13/04/2010 - 10:08:42 | A | 2145] G:\AKIKOTO.PLX [13/04/2010 - 10:08:42 | A | 27152] G:\ANJA.mdl [13/04/2010 - 10:08:42 | A | 3240] G:\ANJA.PLX [13/04/2010 - 10:08:42 | A | 2027] G:\ANJATH.PLX [13/04/2010 - 10:08:44 | A | 2160] G:\ANJATO.PLX [13/04/2010 - 10:08:44 | A | 42646] G:\BEJA.mdl [14/04/2010 - 14:46:50 | A | 3437] G:\CREATECH-9-7E5EE4CB-AnaisBONIN.Lic [14/04/2010 - 14:52:48 | A | 78] G:\LectraId_wstp100f.txt [20/04/2010 - 14:54:30 | D ] G:\MARINE [26/04/2010 - 09:05:30 | D ] G:\LCTCHRI [26/04/2010 - 16:06:12 | D ] G:\NOUVELLE COLLECTION CHRISMASS [27/04/2010 - 14:46:18 | D ] G:\POLOGNE [03/05/2010 - 13:20:14 | D ] G:\E11SONIA [20/05/2010 - 09:03:10 | D ] G:\chrismass [11/05/2009 - 13:21:40 | A | 1009664] G:\Procédure de conversion.doc [10/06/2009 - 10:01:30 | D ] G:\H10VUITTON [11/06/2009 - 08:58:26 | D ] G:\DGE [09/07/2009 - 15:14:26 | D ] G:\E10CHRISMAS'S [15/07/2009 - 17:01:48 | D ] G:\MAGALIE [03/11/2009 - 09:15:54 | RSHD ] G:\RECYCLER [05/01/2010 - 14:32:42 | D ] G:\H10CHRISMAS'S [06/01/2010 - 08:09:12 | A | 173] G:\ATT00008.txt [11/01/2010 - 08:16:56 | A | 922624] G:\commande haase.doc [11/01/2010 - 08:17:50 | A | 44009] G:\haase src952 velours intarsia visage.pdf [11/01/2010 - 08:17:52 | A | 46519] G:\haase src953 velours intarsia love to love you.pdf [26/01/2010 - 11:34:18 | D ] G:\H10SRENFANTS [20/01/2010 - 13:51:12 | A | 10473] G:\H10BB733B.pst [04/02/2010 - 13:25:36 | D ] G:\.lsm_lock [22/02/2010 - 16:42:52 | D ] G:\EMILIE [29/03/2010 - 13:19:48 | A | 189952] G:\609.doc [01/04/2010 - 14:19:58 | D ] G:\E11CHRISMAS [06/04/2010 - 10:35:48 | A | 552097] G:\chrismass@chrismass.fr_20100331_103128.pdf ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_ACER-9BBEC83C10.zip http://chiquitine.changelog.fr/Sample/Upload.php Merci de votre contribution. ################## | E.O.F |

rapport de recherche de mes autres clés. ############################## | UsbFix 7.003 | Utilisateur: utilisateur (Administrateur) # ACER-9BBEC83C10 [ ] Mis à jour le 01/06/10 par El Desaparecido & C_XX Lancé à 11:10:31 | 04/06/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Celeron® Dual-Core CPU T3000 @ 1.80GHz CPU 2: Celeron® Dual-Core CPU T3000 @ 1.80GHz Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 7.0.5730.13 Pare-feu Windows: Désactivé /!\ Antivirus: AntiVir Desktop 9.0.1.32 [Enabled | Updated] Firewall: ZoneAlarm Firewall 7.0.483.000 [Enabled] RAM -> 3001 Mo C:\ (%systemdrive%) -> Disque fixe # 112 Go (80 Go libre(s) - 72%) [ACER] # NTFS D:\ -> Disque fixe # 112 Go (111 Go libre(s) - 100%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 7 Go (7 Go libre(s) - 99%) [sTORE N GO] # FAT32 G:\ -> Disque amovible # 123 Mo (41 Mo libre(s) - 33%) [WOLVERINE] # FAT ################## | Éléments infectieux | Présent! F:\Autorun.inf Présent! C:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 Présent! D:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 Présent! G:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665 Présent! F:\start.exe Présent! G:\autorun.VIR Présent! G:\start.exe ################## | Registre | ################## | Mountpoints2 | ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | E.O.F |

et egalement retour des fenetres intempestive pub internet!!! que faire? merci

Bonjour, Pareil dial a fix reste quand meme bloquer sur STOPPING CRYPTSVC... Que faire? Merci

Dial a fix al'air de bloquer sur STOPPING CRYPTSVC... temps trés long. Que pense tu? merci

voici le rapport, demain je ferais pareil avec les autres clés... merci ############################## | UsbFix 7.003 | Utilisateur: utilisateur (Administrateur) # ACER-9BBEC83C10 [ ] Mis à jour le 01/06/10 par El Desaparecido & C_XX Lancé à 21:25:30 | 03/06/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Celeron® Dual-Core CPU T3000 @ 1.80GHz CPU 2: Celeron® Dual-Core CPU T3000 @ 1.80GHz Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Pare-feu Windows: Désactivé /!\ Antivirus: AntiVir Desktop 9.0.1.32 [Enabled | Updated] Firewall: ZoneAlarm Firewall 7.0.483.000 [Enabled] RAM -> 3001 Mo C:\ (%systemdrive%) -> Disque fixe # 112 Go (80 Go libre(s) - 72%) [ACER] # NTFS D:\ -> Disque fixe # 112 Go (111 Go libre(s) - 100%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 2 Go (1 Go libre(s) - 70%) [KINGSTON] # FAT32 G:\ -> Disque amovible # 2 Go (2 Go libre(s) - 100%) [KINGSTON] # FAT32 H:\ -> Disque amovible # 1010 Mo (551 Mo libre(s) - 55%) [bENJI 1GO] # FAT ################## | Éléments infectieux | Supprimé! C:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 Supprimé! D:\$Recycle.Bin\S-1-5-21-2163954333-1927063753-681885480-500 Supprimé! D:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 ################## | Registre | ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{044703e8-1480-11df-a5b9-00265e5faaad} ################## | Listing | [03/06/2010 - 18:59:04 | A | 4252] C:\aaw7boot.log [15/09/2009 - 21:18:55 | D ] C:\Acer [08/07/2008 - 19:29:14 | A | 0] C:\AUTOEXEC.BAT [16/09/2009 - 06:10:54 | D ] C:\BOOK [15/09/2009 - 21:16:36 | RASH | 212] C:\boot.ini [14/04/2008 - 06:00:00 | RASH | 4952] C:\Bootfont.bin [08/07/2008 - 21:14:08 | SH | 512] C:\BOOTSECT.DOS [02/06/2010 - 22:39:24 | D ] C:\Config.Msi [08/07/2008 - 19:29:14 | A | 0] C:\CONFIG.SYS [17/09/2009 - 17:08:27 | D ] C:\Dell922 [30/05/2010 - 10:42:59 | D ] C:\DOCS [30/05/2010 - 11:09:05 | D ] C:\Documents and Settings [16/09/2009 - 04:18:21 | D ] C:\DOTNETFX [15/09/2009 - 21:36:57 | AD ] C:\elements [03/06/2010 - 18:59:06 | ASH | 3146629120] C:\hiberfil.sys [16/09/2009 - 04:21:45 | AD ] C:\I386 [16/09/2009 - 04:21:45 | D ] C:\Intel [08/07/2008 - 19:29:14 | RASH | 0] C:\IO.SYS [08/07/2008 - 19:29:14 | RASH | 0] C:\MSDOS.SYS [14/04/2008 - 06:00:00 | RASH | 47564] C:\NTDETECT.COM [14/04/2008 - 06:00:00 | RASH | 252240] C:\ntldr [03/06/2010 - 18:59:04 | ASH | 2145386496] C:\pagefile.sys [22/07/2009 - 20:18:24 | ASH | 7329] C:\Patch.rev [31/08/2008 - 00:24:52 | RASH | 73] C:\preload.aaa [31/08/2008 - 00:24:52 | RASH | 73] C:\Preload.rev [17/09/2009 - 23:33:26 | D ] C:\pro-gre [03/06/2010 - 19:03:49 | RD ] C:\Program Files [03/06/2010 - 21:27:07 | SHD ] C:\RECYCLER [31/05/2010 - 18:53:11 | A | 2626] C:\repupdat.bat [15/09/2009 - 21:19:59 | A | 593] C:\RHDSetup.log [03/06/2010 - 19:04:57 | D ] C:\rsit [08/07/2008 - 19:41:12 | D ] C:\SUPPORT [16/09/2009 - 04:25:03 | D ] C:\sysinfo [18/11/2009 - 08:40:25 | SHD ] C:\System Volume Information [17/09/2009 - 17:08:29 | D ] C:\Temp [16/09/2009 - 04:25:03 | AD ] C:\tools [03/06/2010 - 21:26:42 | D ] C:\UsbFix [03/06/2010 - 21:27:43 | A | 3275] C:\Usbfix.txt [16/09/2009 - 04:25:05 | D ] C:\VALUEADD [15/09/2009 - 21:31:56 | A | 491712] C:\vcredist_x86.log [03/06/2010 - 19:00:42 | D ] C:\WINDOWS [03/06/2010 - 21:26:43 | SHD ] D:\$RECYCLE.BIN [18/09/2009 - 18:36:29 | D ] D:\691835f6d8424cd90b8f [03/06/2010 - 21:27:07 | SHD ] D:\RECYCLER [18/11/2009 - 13:00:21 | SHD ] D:\System Volume Information [18/05/2010 - 10:48:04 | D ] F:\MARINE [21/05/2010 - 13:22:30 | A | 461639] F:\menu.pdf [03/02/2010 - 15:08:44 | D ] F:\PHOTO [19/05/2010 - 21:50:46 | A | 8621872] F:\Marque place femme.pdf [16/05/2010 - 10:06:58 | A | 52653] F:\centre-de-table-2.jpg [16/05/2010 - 09:50:40 | A | 35043] F:\vase-prend-leau2.jpg [27/05/2010 - 12:57:58 | D ] F:\photos robe marine [02/06/2010 - 22:13:30 | A | 5030278] F:\Sans titre-1.pdf [01/06/2010 - 10:24:30 | D ] G:\CHRISMASS [01/06/2010 - 10:24:34 | D ] G:\pologne [01/06/2010 - 10:24:48 | D ] G:\tunisie [15/04/2009 - 14:33:26 | A | 41472] G:\TELEPHONE3.xls [01/06/2010 - 13:26:16 | D ] G:\109ab [01/06/2010 - 15:44:10 | A | 72024] G:\71523047-M_FICHE MONTAGE.pdf [01/06/2010 - 15:44:40 | A | 72768] G:\71523048-M_FICHE MONTAGE.pdf [15/09/2009 - 14:07:48 | SHD ] H:\Recycled [15/09/2009 - 09:45:36 | D ] H:\C.V, L.M [15/09/2009 - 09:45:38 | D ] H:\cartes topo [15/09/2009 - 09:45:42 | D ] H:\sauv garage [01/09/2009 - 13:20:50 | A | 36090237] H:\atelier%20mxu%20500[1].pdf [20/06/2008 - 22:13:08 | A | 28205] H:\constructions en limite.pdf [18/02/2010 - 13:07:32 | D ] H:\photo [18/02/2010 - 13:09:48 | D ] H:\autodata [28/02/2010 - 14:37:36 | A | 31232] H:\TEMPS F POL FORD.doc [28/02/2010 - 14:33:32 | A | 43008] H:\TEMPS F AIR FORD.doc [28/02/2010 - 14:36:08 | A | 36352] H:\TEMPS F G.O FORD.doc [12/04/2010 - 12:56:06 | A | 12058] H:\GARANTIES FORD MAGRIS(1).xlsx [02/05/2010 - 12:17:18 | A | 106629] H:\FACT SFR 04.2010.pdf [05/05/2010 - 21:28:50 | A | 435836] H:\MB.pdf [14/01/2004 - 21:53:44 | A | 1258510] H:\100_4630.JPG [14/01/2004 - 21:50:42 | A | 982081] H:\100_4629.JPG [20/07/2009 - 19:50:38 | A | 25571334] H:\focus rs.bmp [20/07/2009 - 19:52:16 | A | 25571334] H:\focus rs (2).bmp [14/01/2004 - 21:38:06 | A | 960347] H:\Quad et neige.JPG [14/01/2004 - 21:38:16 | A | 1134635] H:\Quad et neige (2).JPG [28/05/2010 - 22:04:46 | A | 16409960] H:\spybotsd162.exe [28/05/2010 - 22:04:58 | A | 97395640] H:\lavasoft_adawarefree.exe [05/02/2006 - 14:22:50 | A | 2811211] H:\Eraser_5.7.zip [30/05/2010 - 20:15:44 | D ] H:\Eraser_5.7 [02/06/2010 - 19:25:04 | D ] H:\update ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) H:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_ACER-9BBEC83C10.zip http://chiquitine.changelog.fr/Sample/Upload.php Merci de votre contribution. ################## | E.O.F |

je n'ai pas toutes mes clés usb ici mais voici le rapport pour deux qui devait etre infectés. ############################## | UsbFix 7.003 | Utilisateur: utilisateur (Administrateur) # ACER-9BBEC83C10 [ ] Mis à jour le 01/06/10 par El Desaparecido & C_XX Lancé à 20:27:27 | 03/06/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Celeron® Dual-Core CPU T3000 @ 1.80GHz CPU 2: Celeron® Dual-Core CPU T3000 @ 1.80GHz Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Pare-feu Windows: Désactivé /!\ Antivirus: AntiVir Desktop 9.0.1.32 [Enabled | Updated] Firewall: ZoneAlarm Firewall 7.0.483.000 [Enabled] RAM -> 3001 Mo C:\ (%systemdrive%) -> Disque fixe # 112 Go (80 Go libre(s) - 72%) [ACER] # NTFS D:\ -> Disque fixe # 112 Go (111 Go libre(s) - 100%) [DATA] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 2 Go (1 Go libre(s) - 70%) [KINGSTON] # FAT32 G:\ -> Disque amovible # 2 Go (2 Go libre(s) - 100%) [KINGSTON] # FAT32 ################## | Éléments infectieux | Présent! C:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 Présent! D:\$Recycle.Bin\S-1-5-21-2163954333-1927063753-681885480-500 Présent! D:\Recycler\S-1-5-21-3021800194-3052488753-685014095-1008 ################## | Registre | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{044703e8-1480-11df-a5b9-00265e5faaad} Shell\Auto\Command = F:\Start.exe Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F |

Ouf enfin le log poster j'ai trouver que la ligne bloque mes post 2010-05-30 10:44:26 ----HD---- C:\Program Files\Windows Update

======List of files/folders modified in the last 1 months====== 2010-06-03 19:03:49 ----RD---- C:\Program Files 2010-06-03 19:02:55 ----D---- C:\WINDOWS\Temp 2010-06-03 19:02:41 ----D---- C:\WINDOWS\Internet Logs 2010-06-03 19:01:44 ----D---- C:\Documents and Settings\utilisateur\Application Data\Skype 2010-06-03 19:00:42 ----D---- C:\WINDOWS 2010-06-03 19:00:09 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt 2010-06-03 18:59:16 ----D---- C:\WINDOWS\system32\CatRoot2 2010-06-03 18:06:06 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-06-03 18:01:02 ----D---- C:\Documents and Settings\utilisateur\Application Data\skypePM 2010-06-03 15:59:35 ----D---- C:\Documents and Settings\utilisateur\Application Data\Adobe 2010-06-03 15:59:35 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-06-02 22:40:16 ----D---- C:\WINDOWS\system32 2010-06-02 22:39:27 ----D---- C:\WINDOWS\system32\fr-fr 2010-06-02 22:39:26 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-06-02 22:39:26 ----HD---- C:\WINDOWS\inf 2010-06-02 22:39:26 ----D---- C:\WINDOWS\Media 2010-06-02 22:39:26 ----D---- C:\WINDOWS\Help 2010-06-02 22:39:26 ----D---- C:\Program Files\Internet Explorer 2010-06-02 22:39:08 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$ 2010-06-02 22:39:07 ----D---- C:\WINDOWS\system32\drivers 2010-06-02 22:24:19 ----D---- C:\WINDOWS\Network Diagnostic 2010-06-02 22:03:03 ----SHD---- C:\WINDOWS\Installer 2010-06-02 22:02:45 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-06-02 22:01:58 ----D---- C:\Program Files\Adobe 2010-06-02 21:59:56 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-06-02 21:59:36 ----D---- C:\WINDOWS\WinSxS 2010-06-02 21:46:46 ----D---- C:\WINDOWS\ie8updates 2010-06-02 21:46:34 ----D---- C:\Program Files\Outlook Express 2010-06-02 21:46:29 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-06-02 20:56:13 ----D---- C:\Program Files\Fichiers communs 2010-06-01 22:11:06 ----D---- C:\WINDOWS\system32\CatRoot 2010-06-01 18:48:47 ----RD---- C:\WINDOWS\Web 2010-06-01 18:48:46 ----D---- C:\WINDOWS\SHELLNEW 2010-06-01 18:43:41 ----HD---- C:\WINDOWS\$hf_mig$ 2010-06-01 18:35:29 ----RD---- C:\WINDOWS\Offline Web Pages 2010-06-01 10:59:44 ----SD---- C:\WINDOWS\Tasks 2010-05-31 21:41:21 ----D---- C:\Program Files\Launch Manager 2010-05-31 19:39:54 ----D---- C:\WINDOWS\system32\mui 2010-05-31 18:53:11 ----A---- C:\repupdat.bat 2010-05-30 21:03:46 ----D---- C:\WINDOWS\Debug 2010-05-30 11:09:05 ----D---- C:\Documents and Settings 2010-05-30 10:42:59 ----D---- C:\DOCS 2010-05-29 20:26:14 ----D---- C:\WINDOWS\system32\config 2010-05-29 20:25:54 ----D---- C:\WINDOWS\system32\wbem 2010-05-29 20:25:53 ----D---- C:\WINDOWS\Registration 2010-05-29 19:43:28 ----D---- C:\WINDOWS\system32\Restore 2010-05-29 15:09:52 ----D---- C:\WINDOWS\Minidump ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-05-30 28520] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-05-30 56816] R2 Int15;Int 15; \??\C:\WINDOWS\System32\drivers\int15.sys [] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 regi;regi; C:\WINDOWS\system32\drivers\regi.sys [2007-04-17 11032] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2009-01-10 190512] R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-11-06 1343616] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-03-19 175104] R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-05 37160] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-03-20 991136] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2006-01-20 17408] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-22 988800] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-22 209664] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-06-11 6021184] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-14 4754944] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2008-04-30 108032] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2005-09-21 10368] R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2008-01-31 13952] R3 O2MDRDR;O2MDRDR; C:\WINDOWS\system32\DRIVERS\o2media.sys [2008-05-13 51288] R3 O2SDRDR;O2SDRDR; C:\WINDOWS\system32\DRIVERS\o2sd.sys [2008-06-12 43608] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984] R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2008-01-30 50576] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-22 730112] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-02-19 534312] S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-25 156816] S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-11 57384] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-10-31 47272] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 TpChoice;Touch Pad Detection Filter driver; C:\WINDOWS\system32\DRIVERS\TpChoice.sys [2007-12-26 17968] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-05-30 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-05-30 185089] R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-23 30312] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2009-03-23 349528] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-05-07 354840] R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2009-09-15 3566080] R2 IviRegMgr;IviRegMgr; C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-06-02 153376] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-05-31 1314704] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072] R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-13 65536] R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 SQLWriter;Enregistreur VSS SQL Server; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-01 135664] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-09-19 72704] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 dlbt_device;dlbt_device; C:\WINDOWS\system32\dlbtcoms.exe [2005-03-03 466944] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-17 182768] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416] -----------------EOF-----------------

je n'arrive plus a poster ya t'il un paramètre a modifier? 2010-05-30 10:44:26 ----D---- C:\WINDOWS\SoftwareDistribution 2010-05-30 10:26:33 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2010-05-30 10:16:40 ----D---- C:\Documents and Settings\utilisateur\Application Data\eSobi 2010-05-29 15:00:45 ----D---- C:\Documents and Settings\utilisateur\Application Data\Uniblue 2010-05-28 22:46:59 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-05-28 22:46:59 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-28 22:15:46 ----HDC---- C:\Documents and Settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B} 2010-05-28 22:15:31 ----D---- C:\Program Files\Lavasoft 2010-05-28 22:15:31 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft

======List of files/folders created in the last 1 months====== 2010-06-03 19:03:49 ----D---- C:\Program Files\trend micro 2010-06-03 19:03:48 ----D---- C:\rsit 2010-06-02 22:32:01 ----HDC---- C:\WINDOWS\ie8 2010-06-02 22:01:05 ----D---- C:\WINDOWS\Sun 2010-06-02 21:59:53 ----D---- C:\Program Files\NOS 2010-06-02 21:59:53 ----D---- C:\Documents and Settings\All Users\Application Data\NOS 2010-06-02 21:46:58 ----D---- C:\Program Files\CCleaner 2010-06-02 21:46:33 ----D---- C:\Documents and Settings\utilisateur\Application Data\TeamViewer 2010-06-02 21:38:01 ----D---- C:\Config.Msi 2010-06-02 20:56:16 ----D---- C:\Documents and Settings\All Users\Application Data\Sun 2010-06-02 20:56:13 ----D---- C:\Program Files\Fichiers communs\Java 2010-06-02 20:55:58 ----A---- C:\WINDOWS\system32\javaws.exe 2010-06-02 20:55:58 ----A---- C:\WINDOWS\system32\javaw.exe 2010-06-02 20:55:58 ----A---- C:\WINDOWS\system32\java.exe 2010-06-02 20:55:58 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-06-02 20:55:38 ----D---- C:\Program Files\Java 2010-06-02 20:55:03 ----D---- C:\Documents and Settings\utilisateur\Application Data\Sun 2010-06-01 20:16:35 ----HDC---- C:\WINDOWS\$NtUninstallKB981669$ 2010-06-01 18:53:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2010-06-01 18:43:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-06-01 10:52:26 ----D---- C:\Program Files\TeamViewer 2010-06-01 10:47:21 ----D---- C:\Documents and Settings\utilisateur\Application Data\Malwarebytes 2010-06-01 10:47:13 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-06-01 10:47:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-05-31 22:43:00 ----A---- C:\WINDOWS\system32\lsdelete.exe 2010-05-31 22:20:14 ----A---- C:\WINDOWS\wininit.ini 2010-05-31 19:39:35 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$ 2010-05-30 22:33:18 ----D---- C:\Program Files\Microsoft Windows Script 2010-05-30 20:16:27 ----D---- C:\Program Files\Eraser 2010-05-30 11:33:36 ----A---- C:\WINDOWS\imsins.BAK 2010-05-30 10:46:09 ----D---- C:\WINDOWS\Prefetch

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-11-17 135168] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-15 68856] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336] "Eraser"=C:\Program Files\Eraser\eraser.exe [2003-07-25 536576] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Acer Empowering Technology.lnk - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe USRobotics Cordless Skype Dual Phone.lnk - C:\Program Files\U.S. Robotics\Cordless Skype Dual Phone\USR9630.exe C:\Documents and Settings\utilisateur\Menu Démarrer\Programmes\Démarrage Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2009-09-15 3167744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fnpipe] fnpipe.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-06-11 212992] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba] C:\Program Files\Fichiers communs\SPBA\homefus2.dll [2008-03-25 567560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] WgaLogon.dll [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:*:Enabled:AgentSvc.exe" "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:*:Enabled:SchedulerSvc.exe" "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:*:Enabled:BackupSvc.exe" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{044703e8-1480-11df-a5b9-00265e5faaad}] shell\Auto\command - F:\Start.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe

Si c'est ok faut que divise le log en deux pour poster, donc log partie 1: Logfile of random's system information tool 1.07 (written by random/random) Run by utilisateur at 2010-06-03 19:03:48 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 82 GB (72%) free of 114 GB Total RAM: 3001 MB (70% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:04:49, on 03/06/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Acer\Acer Bio Protection\BASVC.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe C:\Program Files\TeamViewer\Version5\TeamViewer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Eraser\eraser.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\U.S. Robotics\Cordless Skype Dual Phone\USR9630.exe C:\Program Files\Apoint2K\Apntex.exe C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Documents and Settings\utilisateur\Bureau\RSIT.exe C:\Program Files\trend micro\utilisateur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...travelmate_5330 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?hl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Program Files\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe" O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Acer Empowering Technology.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: USRobotics Cordless Skype Dual Phone.lnk = C:\Program Files\U.S. Robotics\Cordless Skype Dual Phone\USR9630.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O20 - Winlogon Notify: fnpipe - fnpipe.dll (file missing) O20 - Winlogon Notify: spba - C:\Program Files\Fichiers communs\SPBA\homefus2.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 16636 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-01 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-01 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-02 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-02 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0BF43445-2F28-4351-9252-17FE6E806AA0} {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-01 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "preload"=C:\Windows\RUNXMLPL.exe [2007-04-21 20480] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-05-07 178712] "BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952] "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-13 16871936] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632] "AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2006-07-18 53248] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-06-17 150040] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-06-17 170520] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-06-17 141848] "PLFSetL"=C:\WINDOWS\PLFSetL.exe [2007-07-05 94208] "ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2009-09-15 3724800] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-01-10 196608] "ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-07-08 466944] "Boot"=C:\Program Files\Acer\Empowering Technology\ePower\Boot.exe [2007-12-25 579584] "eRecoveryService"=C:\Program Files\Acer\Empowering Technology\eRecovery\eRAgent.exe [2008-07-10 421888] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-07-25 875016] "Dell Photo AIO Printer 922"=C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe [2005-04-22 290816] "DLBTCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 [] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016] ""= [] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]