Virus BDS/Agent.YZB [Résolu]

FAQ

Charte

Rechercher

Membres

Utilisateurs

S'enregistrer

Profil

Vérifier ses messages privés

Connexion

Virus BDS/Agent.YZB [Résolu]
Aller à la page 1, 2, 3 Suivante

Le site -> Assiste PC Index du Forum -> Désinfection des virus & analyses de logs HijackThis

Auteur

Message

actus
Habitué

Inscrit le: 04 Jan 2008
Message(s): 55

Posté le: 04 Jan 2008 14:12 Sujet du message: Virus BDS/Agent.YZB [Résolu]

Bonjour et bonne année! Pour moi, elle commence plutôt mal avec un virus coriace que je 'narrive aps à éliminer malgré mes diverses tentatives depuis 2j. J'ai AntiVir PE et Sygate comme protection et mon PC fonctionne sous XP. AntiVir a semble-t-il éliminé avec succès TR.Dldr.tibs.TN7 et TR.Rootkit.Gen mais n'arrive aps à se débarrasser de BDS/Agent.YZB (bien qu'au dernier scan qui s'est terminé il y a 1 mn il apparaisse en quarantaine). Outre que mon PC est d'une lenteur remarquable, j'ai toujours au moins 2 fois le même message d'alerte d'AntiVir: C:\WINDOWS\system32\sol718.txt qui revient toujours quand je le supprime manuellement. Par ailleurs il ne m'était plus possible d'accéder à "windows task manager" en faisant CTRL+ALT+DEL (je suis administrateur de mon PC mais l'accès m'était dénié par l'administrateur); ce problème semble résolu depuis tôt ce matin après avoir suivi le processus indiqué sur le forum. Cependant, le problème indiqué ci-dessus demeure. voici les logs: AntiVir AntiVir PersonalEdition Classic Report file date: 03 January 2008 21:13 Scanning for 999037 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Pascal Morin Computer name: PC-D8300 Version information: BUILD.DAT : 270 15603 Bytes 9/19/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 9/10/2007 15:45:12 AVSCAN.DLL : 7.0.6.0 49192 Bytes 9/10/2007 15:45:12 LUKE.DLL : 7.0.5.3 147496 Bytes 9/10/2007 15:45:13 LUKERES.DLL : 7.0.6.1 10280 Bytes 9/10/2007 15:45:13 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 15:41:40 ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 12/14/2007 06:56:36 ANTIVIR2.VDF : 7.0.1.170 311296 Bytes 12/28/2007 07:47:27 ANTIVIR3.VDF : 7.0.1.186 71168 Bytes 1/2/2008 20:48:05 AVEWIN32.DLL : 7.6.0.46 3084800 Bytes 12/20/2007 06:56:56 AVWINLL.DLL : 1.0.0.7 14376 Bytes 4/22/2007 05:18:52 AVPREF.DLL : 7.0.2.2 25640 Bytes 9/10/2007 15:45:12 AVREP.DLL : 7.0.0.1 155688 Bytes 4/22/2007 05:18:53 AVPACK32.DLL : 7.6.0.2 360488 Bytes 12/20/2007 06:56:56 AVREG.DLL : 7.0.1.6 30760 Bytes 9/10/2007 15:45:12 AVARKT.DLL : 1.0.0.20 278568 Bytes 9/10/2007 15:45:11 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 9/10/2007 15:45:11 NETNT.DLL : 7.0.0.0 7720 Bytes 4/22/2007 05:18:53 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 9/10/2007 15:45:07 RCTEXT.DLL : 7.0.62.0 86056 Bytes 9/10/2007 15:45:07 SQLITE3.DLL : 3.3.17.1 339968 Bytes 9/10/2007 15:45:13 Configuration settings for the scan: Jobname..........................: Local Hard Disks Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldiscs.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: D:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: 03 January 2008 21:13 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 10 processes with 10 modules were scanned Starting master boot sector scan: Master boot sector HD0 [NOTE] No virus was found! Master boot sector HD1 [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0015 Master boot sector HD2 [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0015 Master boot sector HD3 [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0015 Master boot sector HD4 [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0015 Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '47' files ). Starting the file scan: Begin scan in 'C:\' <Boot> C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\sol718.txt [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.YZB Backdoor server programs [INFO] The file was moved to '47e9585e.qua'! Begin scan in 'D:\' <Data> End of the scan: 04 January 2008 00:14 Used time: 3:01:58 min The scan has been done completely. 12919 Scanning directories 620059 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 620058 Files not concerned 3015 Archives were scanned 1 Warnings 25 Notes SmirtfraudFix 1 SmitFraudFix v2.274 Scan done at 14:05:21.50, 03/01/2008 Run from C:\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in normal mode »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\derc32xz.exe C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kitco\Kcast\Kcast.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe C:\Program Files\Skype\Phone\Skype.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Pascal Morin »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Pascal Morin\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Start Menu »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PASCAL~1\FAVORI~1 »»»»»»»»»»»»»»»»»»»»»»»» Desktop »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, following keys are not inevitably infected!!! IEDFix.exe by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\system32\\sol718.txt" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC - Packet Scheduler Miniport DNS Server Search Order: 192.168.0.1 Description: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC - Packet Scheduler Miniport DNS Server Search Order: 192.168.0.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{5AABD963-74D5-4FFE-94D6-CD8FE87D02E8}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{C8C37557-D11A-4DFF-8639-DC264C5CD392}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{5AABD963-74D5-4FFE-94D6-CD8FE87D02E8}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{C8C37557-D11A-4DFF-8639-DC264C5CD392}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{5AABD963-74D5-4FFE-94D6-CD8FE87D02E8}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{C8C37557-D11A-4DFF-8639-DC264C5CD392}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 »»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End SmirtfraudFix 2 SmitFraudFix v2.274 Scan done at 0:28:29.45, 04/01/2008 Run from C:\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix.exe by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{5AABD963-74D5-4FFE-94D6-CD8FE87D02E8}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{C8C37557-D11A-4DFF-8639-DC264C5CD392}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{5AABD963-74D5-4FFE-94D6-CD8FE87D02E8}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{C8C37557-D11A-4DFF-8639-DC264C5CD392}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{5AABD963-74D5-4FFE-94D6-CD8FE87D02E8}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{C8C37557-D11A-4DFF-8639-DC264C5CD392}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Hijack Logfile of HijackThis v1.99.1 Scan saved at 02:48:35, on 04/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\derc32xz.exe C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kitco\Kcast\Kcast.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\AntiVir PersonalEdition Classic\update.exe C:\HijackThis.exe C:\DOCUME~1\PASCAL~1\LOCALS~1\Temp\ae9176\setup.exe C:\HijackThis.exe C:\DOCUME~1\PASCAL~1\LOCALS~1\Temp\ae10652\setup.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - d:\BitComet\tools\BitCometBHO_1.1.9.24.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: ADVFN Toolbar - {6CE062EA-B8FB-47C0-BCD7-1470A1063D7E} - C:\PROGRA~1\ADVFNT~1\tbu46\advfn.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [FlashIcon] C:\Program Files\\USB 2.0 Card Reader Driver v2.2\FlashIcon.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [frun] C:\WINDOWS\derc32xz.exe O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [KITCO] C:\Program Files\Kitco\Kcast\Kcast O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe -a O4 - HKCU\..\Run: [ProxyWay] C:\Program Files\ProxyWay\proxyway.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Pascal Morin\Application Data\Mozilla\Firefox\Profiles\6jh3qy59.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Pascal Morin\Application Data\Mozilla\Firefox\Profiles/6jh3qy59.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}" O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://d:\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://d:\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://d:\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - d:\BitComet\tools\BitCometBHO_1.1.9.24.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} (MSN Money Charting) - http://ca.moneycentral.msn.com/cabs/pmupd806.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162983257093 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1170807373890 O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\sol718.txt O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe Merci de votre aide car je en sais pas comment des néophytes comme nous ferions sans des forums comme celui-ci. Actus

Revenir en haut de page

APC
Invité

Posté le: 04 Jan 2008 15:04 Sujet du message:

Bonjour & bienvenue, Télécharge combofix.exe, de sUBs, sur ton Bureau, Désactive ton antivirus et toutes tes autres protections pour que l'outil puisse s'exécuter normalement. Double clique combofix.exe, Tape sur la touche 1 (Yes) pour démarrer le scan, Lorsque le scan sera complété, un rapport apparaîtra. poste le contenu de ce rapport dans ta prochaine réponse. NB : Le rapport se trouve également là : C:\Combofix.txt. Renomme HijackThis.exe en actus.exe Poste un nouveau log HijackThis renommé, avec le rapport de Combofix Et bonne année à toi aussi,

Revenir en haut de page

actus
Habitué

Inscrit le: 04 Jan 2008
Message(s): 55

Posté le: 04 Jan 2008 19:37 Sujet du message:

J'ai fait une petite erreur de manip, mais bon, j'ai recommencé le processus et voici le résultat: Combofix ComboFix 08-01-04.1 - Pascal Morin 2008-01-04 18:22:39.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1515 [GMT 1:00] Running from: C:\Documents and Settings\Pascal Morin\Desktop\ComboFix(2).exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\WINDOWS\Downloaded Program Files\Temp C:\WINDOWS\OPTIONS\CABS\_desktop.ini C:\WINDOWS\system32\Cfx32.lic C:\WINDOWS\system32\cfx32.ocx . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DRIVER -------\Driver ((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 ))))))))))))))))))))))))))))))) . 2008-01-04 17:28 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-04 12:33 . 2008-01-04 12:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-01-04 02:41 . 2008-01-04 18:12 <DIR> d-------- C:\Hijackthis 2008-01-04 02:24 . 2008-01-04 02:23 505,382 --a------ C:\HijackThis.exe 2008-01-03 14:05 . 2008-01-04 00:30 3,882 --a------ C:\WINDOWS\system32\tmp.reg 2008-01-03 14:04 . 2008-01-04 00:49 <DIR> d-------- C:\SmitfraudFix 2008-01-03 14:00 . 2008-01-03 14:00 1,129,580 --a------ C:\SmitfraudFix.exe 2008-01-03 13:46 . 2008-01-03 13:46 <DIR> d-------- C:\Program Files\CCleaner 2007-12-28 00:44 . 2006-11-12 11:39 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx 2007-12-17 09:07 . 2007-12-17 09:07 70,656 --a------ C:\Documents and Settings\Pascal Morin\kolenkor.dll 2007-12-12 08:04 . 2007-12-12 08:04 287,232 --a------ C:\Documents and Settings\Pascal Morin\libcurl.dll 2007-12-11 10:48 . 2007-12-11 10:48 <DIR> d-------- C:\Program Files\Sygate 2007-12-11 10:48 . 2004-10-15 18:32 83,096 --a------ C:\WINDOWS\system32\SSSensor.dll 2007-12-11 10:48 . 2004-10-15 18:17 60,496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys 2007-12-11 10:48 . 2004-10-15 18:18 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys 2007-12-11 10:48 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg6n.sys 2007-12-11 10:48 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg5n.sys 2007-12-11 10:48 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg4n.sys 2007-12-11 10:48 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg3n.sys 2007-12-10 08:01 . 2007-12-10 08:01 59,392 --a------ C:\WINDOWS\derc32xz.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-04 17:14 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\Skype 2008-01-04 17:01 --------- d-----w C:\Program Files\Plaxo 2008-01-04 00:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-01-03 12:05 --------- d-----w C:\Program Files\Mozilla Thunderbird 2008-01-03 09:49 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\OrgPlus5 2008-01-01 22:25 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\Move Networks 2007-12-17 20:16 --------- d-----w C:\Program Files\GeoGebra 2007-12-12 11:19 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\OpenOffice.org2 2007-11-24 19:19 --------- d-----w C:\Program Files\OGSConverter 2007-11-12 14:44 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\ATI 2007-11-12 14:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\ATI 2007-11-12 14:42 --------- d-----w C:\Program Files\ATI Technologies 2007-11-12 14:41 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-11-12 14:01 --------- d-----w C:\Program Files\Realtek 2007-11-12 14:00 315,392 ----a-w C:\WINDOWS\HideWin.exe 2007-11-12 14:00 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\InstallShield 2007-11-12 13:59 15,600 ----a-w C:\WINDOWS\gdrv.sys 2007-11-12 12:49 --------- d-----w C:\Program Files\Messenger Plus! Live 2007-10-29 16:12 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2006-11-26 20:33 495,616 ----a-w C:\Program Files\whosin.mdb 2006-11-26 20:32 23 ----a-w C:\Program Files\whosin.ini 2006-09-26 19:18 2,625,265 ----a-w C:\Program Files\openofficeorg4.cab 2006-09-26 19:17 56,053,978 ----a-w C:\Program Files\openofficeorg3.cab 2006-09-26 19:11 17,831,342 ----a-w C:\Program Files\openofficeorg1.cab 2006-09-26 19:11 15,305,884 ----a-w C:\Program Files\openofficeorg2.cab 2006-09-26 19:09 5,289,984 ----a-w C:\Program Files\openofficeorg20.msi 2006-09-26 19:09 217 ----a-w C:\Program Files\setup.ini 2006-09-01 18:05 299,008 ----a-w C:\Program Files\setup.exe 2006-05-23 08:34 41 ----a-w C:\Program Files\sample-import-file.csv 2006-03-03 11:04 266,714 ----a-w C:\Program Files\setuplog.txt 2004-08-04 17:56 151,552 ----a-w C:\Program Files\scrrun.dll 2004-03-08 23:00 260,880 ----a-w C:\Program Files\msflxgrd.ocx 2004-03-08 23:00 152,848 ----a-w C:\Program Files\comdlg32.ocx 2004-03-08 23:00 132,880 ----a-w C:\Program Files\msinet.ocx 2002-03-11 08:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe 2002-03-11 07:45 1,708,856 ----a-w C:\Program Files\instmsia.exe 2001-08-23 23:00 557,128 ----a-w C:\Program Files\DAO360.DLL 1999-03-25 23:00 101,888 ----a-w C:\Program Files\vb6stkit.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {6CE062EA-B8FB-47C0-BCD7-1470A1063D7E} {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_CLASSES_ROOT\clsid\{6ce062ea-b8fb-47c0-bcd7-1470a1063d7e}] [HKEY_CLASSES_ROOT\XBTB01793.XBTB01793.1] [HKEY_CLASSES_ROOT\TypeLib\{A67AEBCA-11FC-49df-85BA-4E8CE0BFD67A}] [HKEY_CLASSES_ROOT\XBTB01793.XBTB01793] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{6CE062EA-B8FB-47C0-BCD7-1470A1063D7E}"= C:\PROGRA~1\ADVFNT~1\tbu46\advfn.dll [ ] [HKEY_CLASSES_ROOT\clsid\{6ce062ea-b8fb-47c0-bcd7-1470a1063d7e}] [HKEY_CLASSES_ROOT\XBTB01793.XBTB01793.1] [HKEY_CLASSES_ROOT\TypeLib\{A67AEBCA-11FC-49df-85BA-4E8CE0BFD67A}] [HKEY_CLASSES_ROOT\XBTB01793.XBTB01793] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Power2GoExpress"="C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" [2005-03-23 14:34 1630303] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-07-27 13:00 15360] "KITCO"="C:\Program Files\Kitco\Kcast\Kcast" [ ] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2006-11-30 21:49 4662776] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:54 5674352] "PlaxoUpdate"="C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe" [2007-12-11 17:21 227914] "ProxyWay"="C:\Program Files\ProxyWay\proxyway.exe" [ ] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 12:31 22880040] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "FFTI"="C:\Documents and Settings\Pascal Morin\Application Data\Mozilla\Firefox\Profiles\6jh3qy59.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "FlashIcon"="C:\Program Files\\USB 2.0 Card Reader Driver v2.2\FlashIcon.EXE" [ ] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-11 21:10 344064] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe" [2002-06-04 18:57 188416] "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-10 16:41 249896] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-02-15 01:58 180269] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-01-15 19:39 155648] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-07-22 01:10 577602] "EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-09 08:50 28672] "SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 01:36 81920] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 00:18 57344] "Adobe Reader Speed Launcher"="D:\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] "RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe] "JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 13:44 36864] "36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [2007-02-06 13:08 1953792] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112] "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40 2577632] "frun"="C:\WINDOWS\derc32xz.exe" [2007-12-10 08:01 59392] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2007-07-27 13:00 15360] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-12 01:29 443968] C:\Documents and Settings\Pascal Morin\Start Menu\Programs\Startup\ Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe [2007-12-11 23:34:48] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-04-14 16:15:08] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableCAD"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{93994DE8-8239-4655-B1D1-5F4E91300429}"= C:\PROGRA~1\DVDREG~1\DVDShell.dll [2003-08-26 10:58 49152] R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\drivers\avgntmgr.sys [2007-09-10 16:45] R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys [2007-09-10 16:45] R3 KeyScrambler;KeyScrambler;C:\WINDOWS\system32\drivers\keyscrambler.sys [2007-03-13 05:24] S3 atidgllk;atidgllk;C:\Program Files\ASUS\SmartDoctor\atidgllk.sys [] S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2007-11-12 14:59] S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2007-01-25 18:31] S3 tj2knd5;Terayon Cable Modem (NDIS);C:\WINDOWS\system32\DRIVERS\tj2knd5.sys [2001-11-09 04:13] S3 tj2kunic;Terayon Cable Modem (WDM);C:\WINDOWS\system32\DRIVERS\tj2kunic.sys [2001-11-09 04:13] S3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys [] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-04 18:25:39 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-01-04 18:26:05 ComboFix-quarantined-files.txt 2008-01-04 17:26:03 . 2008-01-04 02:00:58 --- E O F --- HijackActus Logfile of HijackThis v1.99.1 Scan saved at 18:32:11, on 04/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\derc32xz.exe C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kitco\Kcast\Kcast.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Hijackthis\HijackThis.exe C:\Program Files\AntiVir PersonalEdition Classic\avcenter.exe C:\WINDOWS\explorer.exe C:\Hijackthis\actus.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - d:\BitComet\tools\BitCometBHO_1.1.9.24.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: ADVFN Toolbar - {6CE062EA-B8FB-47C0-BCD7-1470A1063D7E} - C:\PROGRA~1\ADVFNT~1\tbu46\advfn.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [FlashIcon] C:\Program Files\\USB 2.0 Card Reader Driver v2.2\FlashIcon.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [frun] C:\WINDOWS\derc32xz.exe O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [KITCO] C:\Program Files\Kitco\Kcast\Kcast O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe -a O4 - HKCU\..\Run: [ProxyWay] C:\Program Files\ProxyWay\proxyway.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Pascal Morin\Application Data\Mozilla\Firefox\Profiles\6jh3qy59.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Pascal Morin\Application Data\Mozilla\Firefox\Profiles/6jh3qy59.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}" O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://d:\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://d:\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://d:\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - d:\BitComet\tools\BitCometBHO_1.1.9.24.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} (MSN Money Charting) - http://ca.moneycentral.msn.com/cabs/pmupd806.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162983257093 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1170807373890 O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

Revenir en haut de page

APC
Invité

Posté le: 04 Jan 2008 22:25 Sujet du message:

Bonsoir, Déjà quelques questions : Ton infection s'attrape principalement avec un crack, est-ce que tu as cracké un logiciel et si oui lequel est-ce ? « actus » a écrit: J'ai fait une petite erreur de manip Laquelle ? « Combofix » a écrit: 2008-01-04 18:22:39.2 - NTFSx86 Peux-tu me poster le 1er rapport de Combofix ? Ainsi que le contenu de celui qui se nomme : ComboFix-quarantined-files.txt. On va commencer le nettoyage Désactive ton antivirus et tes autres protections (Sygate) pour que Combofix puisse s'éxécuter normalement, Ouvre le bloc notes et enregistre la totalité du texte ci-dessous : Citation: File:: C:\WINDOWS\system32\actskn45.ocx C:\Documents and Settings\Pascal Morin\libcurl.dll C:\Documents and Settings\Pascal Morin\kolenkor.dll C:\WINDOWS\derc32xz.exe C:\WINDOWS\system32\sol718.txt Enregistre le fichier en le nommant CFScript.txt et fais un glisser/déposer du fichier vers Combofix comme sur l'image ci-dessous : Double-clique Combofix.exe et laisse le s'exécuter (ne touche à rien pendant toute la durée du scan) Une fois le scan terminé un rapport Combofix.log va apparaître, enregistre-le sur ton Bureau pour pouvoir le retrouver plus facilement. Télécharge Deckard's System Scanner (DSS) (de Deckard), sur ton Bureau à partir de ce lien : http://deckard.geekstogo.com/dss.exe Ferme tous les programmes en cours, y compris ton navigateur (pas d'activité internet pendant la manipulation) Double clique sur DSS.exe pour lancer l'installation, puis l'outil, Tu devras cliquer [Ok] à chaque fois que cela sera demandé, A l'issue de l'analyse, deux fichiers texte vont apparaître : main.txt <- ouvert dans une fenêtre normale extra.txt <- ouvert dans une fenêtre réduite Ferme ces deux fenêtres. Poste le résultat de Combofix , et les deux rapports de DSS (main.txt et extra.txt) qui se trouvent sous C:\Deckard\System Scanner Réactive tes protections. @+

Revenir en haut de page

actus
Habitué

Inscrit le: 04 Jan 2008
Message(s): 55

Posté le: 04 Jan 2008 22:48 Sujet du message:

Bonsoir, 1) Non, je n'ai craqué aucun logiciel. Je pense l'avoir attrapé avec un codec après avoir téléchargé un film sur bit torrent. Au lieu de cliquer non, je pense avoir cliqué oui (mais je ne suis pas vraiment sûr). 2) L'erreur de manip c'est que j'ai arrêté Combofix car je ne voyais pas de log arriver; de plus le firewall de Windows était encore actif. J'ai donc tout relancé (et désactivé tous les AV et autres pare-feux que j'ai pu trouver). 3) Je n'ai pas d'autre rapport de combofix (cf. 2) ci-dessus) 1995-12-22 08:16 432 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\CFX32.LIC.vir 1996-06-10 13:24 307200 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\CFX32.OCX.vir 2007-03-27 02:11 9 --a------ C:\Qoobox\Quarantine\C\WINDOWS\OPTIONS\CABS\_desktop.ini.vir 2008-01-04 17:32 1196 --a------ C:\Qoobox\Quarantine\Registry_backups\LEGACY_DRIVER.reg.dat 2008-01-04 17:32 678 --a------ C:\Qoobox\Quarantine\Registry_backups\services_Driver.reg.dat 2008-01-04 17:32 698 --a------ C:\Qoobox\Quarantine\Registry_backups\hklm_windowsNT_windows.reg.dat 2008-01-04 17:33 3185 --a------ C:\Qoobox\Quarantine\C\ComboFix\errdbg.dat.vir 4) je fais le reste des manip indiquées. Et merci! @ tout

Revenir en haut de page

actus
Habitué

Inscrit le: 04 Jan 2008
Message(s): 55

Posté le: 04 Jan 2008 23:11 Sujet du message:

Voici les log: Combofix ComboFix 08-01-04.1 - Pascal Morin 2008-01-04 21:56:38.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1268 [GMT 1:00] Running from: C:\Documents and Settings\Pascal Morin\Desktop\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 ))))))))))))))))))))))))))))))) . 2008-01-04 17:28 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-04 12:33 . 2008-01-04 12:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-01-04 02:41 . 2008-01-04 18:32 <DIR> d-------- C:\Hijackthis 2008-01-04 02:24 . 2008-01-04 02:23 505,382 --a------ C:\HijackThis.exe 2008-01-03 14:05 . 2008-01-04 00:30 3,882 --a------ C:\WINDOWS\system32\tmp.reg 2008-01-03 14:04 . 2008-01-04 00:49 <DIR> d-------- C:\SmitfraudFix 2008-01-03 14:00 . 2008-01-03 14:00 1,129,580 --a------ C:\SmitfraudFix.exe 2008-01-03 13:46 . 2008-01-03 13:46 <DIR> d-------- C:\Program Files\CCleaner 2007-12-28 00:44 . 2006-11-12 11:39 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx 2007-12-17 09:07 . 2007-12-17 09:07 70,656 --a------ C:\Documents and Settings\Pascal Morin\kolenkor.dll 2007-12-12 08:04 . 2007-12-12 08:04 287,232 --a------ C:\Documents and Settings\Pascal Morin\libcurl.dll 2007-12-11 10:48 . 2007-12-11 10:48 <DIR> d-------- C:\Program Files\Sygate 2007-12-11 10:48 . 2004-10-15 18:32 83,096 --a------ C:\WINDOWS\system32\SSSensor.dll 2007-12-11 10:48 . 2004-10-15 18:17 60,496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys 2007-12-11 10:48 . 2004-10-15 18:18 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys 2007-12-11 10:48 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg6n.sys 2007-12-11 10:48 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg5n.sys 2007-12-11 10:48 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg4n.sys 2007-12-11 10:48 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg3n.sys 2007-12-10 08:01 . 2007-12-10 08:01 59,392 --a------ C:\WINDOWS\derc32xz.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-04 20:58 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\Skype 2008-01-04 19:59 --------- d-----w C:\Program Files\Mozilla Thunderbird 2008-01-04 17:01 --------- d-----w C:\Program Files\Plaxo 2008-01-04 00:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-01-03 09:49 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\OrgPlus5 2008-01-01 22:25 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\Move Networks 2007-12-17 20:16 --------- d-----w C:\Program Files\GeoGebra 2007-12-12 11:19 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\OpenOffice.org2 2007-11-24 19:19 --------- d-----w C:\Program Files\OGSConverter 2007-11-12 14:44 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\ATI 2007-11-12 14:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\ATI 2007-11-12 14:42 --------- d-----w C:\Program Files\ATI Technologies 2007-11-12 14:41 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-11-12 14:01 --------- d-----w C:\Program Files\Realtek 2007-11-12 14:00 315,392 ----a-w C:\WINDOWS\HideWin.exe 2007-11-12 14:00 --------- d-----w C:\Documents and Settings\Pascal Morin\Application Data\InstallShield 2007-11-12 13:59 15,600 ----a-w C:\WINDOWS\gdrv.sys 2007-11-12 12:49 --------- d-----w C:\Program Files\Messenger Plus! Live 2007-10-29 16:12 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2006-11-26 20:33 495,616 ----a-w C:\Program Files\whosin.mdb 2006-11-26 20:32 23 ----a-w C:\Program Files\whosin.ini 2006-09-26 19:18 2,625,265 ----a-w C:\Program Files\openofficeorg4.cab 2006-09-26 19:17 56,053,978 ----a-w C:\Program Files\openofficeorg3.cab 2006-09-26 19:11 17,831,342 ----a-w C:\Program Files\openofficeorg1.cab 2006-09-26 19:11 15,305,884 ----a-w C:\Program Files\openofficeorg2.cab 2006-09-26 19:09 5,289,984 ----a-w C:\Program Files\openofficeorg20.msi 2006-09-26 19:09 217 ----a-w C:\Program Files\setup.ini 2006-09-01 18:05 299,008 ----a-w C:\Program Files\setup.exe 2006-05-23 08:34 41 ----a-w C:\Program Files\sample-import-file.csv 2006-03-03 11:04 266,714 ----a-w C:\Program Files\setuplog.txt 2004-08-04 17:56 151,552 ----a-w C:\Program Files\scrrun.dll 2004-03-08 23:00 260,880 ----a-w C:\Program Files\msflxgrd.ocx 2004-03-08 23:00 152,848 ----a-w C:\Program Files\comdlg32.ocx 2004-03-08 23:00 132,880 ----a-w C:\Program Files\msinet.ocx 2002-03-11 08:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe 2002-03-11 07:45 1,708,856 ----a-w C:\Program Files\instmsia.exe 2001-08-23 23:00 557,128 ----a-w C:\Program Files\DAO360.DLL 1999-03-25 23:00 101,888 ----a-w C:\Program Files\vb6stkit.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {6CE062EA-B8FB-47C0-BCD7-1470A1063D7E} {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_CLASSES_ROOT\clsid\{6ce062ea-b8fb-47c0-bcd7-1470a1063d7e}] [HKEY_CLASSES_ROOT\XBTB01793.XBTB01793.1] [HKEY_CLASSES_ROOT\TypeLib\{A67AEBCA-11FC-49df-85BA-4E8CE0BFD67A}] [HKEY_CLASSES_ROOT\XBTB01793.XBTB01793] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{6CE062EA-B8FB-47C0-BCD7-1470A1063D7E}"= C:\PROGRA~1\ADVFNT~1\tbu46\advfn.dll [ ] [HKEY_CLASSES_ROOT\clsid\{6ce062ea-b8fb-47c0-bcd7-1470a1063d7e}] [HKEY_CLASSES_ROOT\XBTB01793.XBTB01793.1] [HKEY_CLASSES_ROOT\TypeLib\{A67AEBCA-11FC-49df-85BA-4E8CE0BFD67A}] [HKEY_CLASSES_ROOT\XBTB01793.XBTB01793] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Power2GoExpress"="C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" [2005-03-23 14:34 1630303] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-07-27 13:00 15360] "KITCO"="C:\Program Files\Kitco\Kcast\Kcast" [ ] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2006-11-30 21:49 4662776] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:54 5674352] "PlaxoUpdate"="C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe" [2007-12-11 17:21 227914] "ProxyWay"="C:\Program Files\ProxyWay\proxyway.exe" [ ] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 12:31 22880040] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "FFTI"="C:\Documents and Settings\Pascal Morin\Application Data\Mozilla\Firefox\Profiles\6jh3qy59.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "FlashIcon"="C:\Program Files\\USB 2.0 Card Reader Driver v2.2\FlashIcon.EXE" [ ] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-11 21:10 344064] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe" [2002-06-04 18:57 188416] "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-10 16:41 249896] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-02-15 01:58 180269] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-01-15 19:39 155648] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-07-22 01:10 577602] "EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-09 08:50 28672] "SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 01:36 81920] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 00:18 57344] "Adobe Reader Speed Launcher"="D:\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] "RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe] "JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 13:44 36864] "36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [2007-02-06 13:08 1953792] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112] "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40 2577632] "frun"="C:\WINDOWS\derc32xz.exe" [2007-12-10 08:01 59392] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2007-07-27 13:00 15360] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-12 01:29 443968] C:\Documents and Settings\Pascal Morin\Start Menu\Programs\Startup\ Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe [2007-12-11 23:34:48] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-04-14 16:15:08] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableCAD"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{93994DE8-8239-4655-B1D1-5F4E91300429}"= C:\PROGRA~1\DVDREG~1\DVDShell.dll [2003-08-26 10:58 49152] R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\drivers\avgntmgr.sys [2007-09-10 16:45] R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys [2007-09-10 16:45] R3 KeyScrambler;KeyScrambler;C:\WINDOWS\system32\drivers\keyscrambler.sys [2007-03-13 05:24] S3 atidgllk;atidgllk;C:\Program Files\ASUS\SmartDoctor\atidgllk.sys [] S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2007-11-12 14:59] S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2007-01-25 18:31] S3 tj2knd5;Terayon Cable Modem (NDIS);C:\WINDOWS\system32\DRIVERS\tj2knd5.sys [2001-11-09 04:13] S3 tj2kunic;Terayon Cable Modem (WDM);C:\WINDOWS\system32\DRIVERS\tj2kunic.sys [2001-11-09 04:13] S3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys [] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-04 21:58:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-01-04 21:59:17 ComboFix-quarantined-files.txt 2008-01-04 20:59:15 ComboFix2.txt 2008-01-04 17:26:06 . 2008-01-04 02:00:58 --- E O F --- Deckard Main Deckard's System Scanner v20071014.68 Run by Pascal Morin on 2008-01-04 22:01:47 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 53: 2008-01-04 21:01:53 UTC - RP83 - Deckard's System Scanner Restore Point 52: 2008-01-04 16:28:55 UTC - RP82 - ComboFix created restore point 51: 2008-01-04 02:00:56 UTC - RP81 - Software Distribution Service 3.0 50: 2008-01-03 08:13:49 UTC - RP80 - Software Distribution Service 3.0 49: 2008-01-02 07:45:44 UTC - RP79 - Software Distribution Service 3.0 -- First Restore Point -- 1: 2007-11-24 21:21:59 UTC - RP31 - Software Distribution Service 3.0 Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Pascal Morin.exe) ---------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 22:03:03, on 04/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\derc32xz.exe C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kitco\Kcast\Kcast.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\PROGRA~1\DVDREG~1\DVDRegionFree.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Pascal Morin\Desktop\dss.exe C:\HIJACK~1\Pascal Morin.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - d:\BitComet\tools\BitCometBHO_1.1.9.24.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: ADVFN Toolbar - {6CE062EA-B8FB-47C0-BCD7-1470A1063D7E} - C:\PROGRA~1\ADVFNT~1\tbu46\advfn.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [FlashIcon] C:\Program Files\\USB 2.0 Card Reader Driver v2.2\FlashIcon.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [frun] C:\WINDOWS\derc32xz.exe O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [KITCO] C:\Program Files\Kitco\Kcast\Kcast O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe -a O4 - HKCU\..\Run: [ProxyWay] C:\Program Files\ProxyWay\proxyway.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Pascal Morin\Application Data\Mozilla\Firefox\Profiles\6jh3qy59.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Pascal Morin\Application Data\Mozilla\Firefox\Profiles/6jh3qy59.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}" O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://d:\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://d:\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://d:\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - d:\BitComet\tools\BitCometBHO_1.1.9.24.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} (MSN Money Charting) - http://ca.moneycentral.msn.com/cabs/pmupd806.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162983257093 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1170807373890 O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) - O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System> R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System> R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System> R0 Teefer (Teefer for NT) - c:\windows\system32\drivers\teefer.sys <Not Verified; Sygate Technologies, Inc.; Sygate Teefer Driver> R1 wpsdrvnt - c:\windows\system32\drivers\wpsdrvnt.sys <Not Verified; Sygate Technologies, Inc.; wpsdrvnt> R2 EIO - c:\windows\system32\drivers\eio.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT> S3 atidgllk - c:\program files\asus\smartdoctor\atidgllk.sys (file missing) S3 ENTECH - c:\windows\system32\drivers\entech.sys (file missing) S3 Video3D (ASUS Video3D Service) - c:\windows\system32\drivers\video3d.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AdobeActiveFileMonitor4.0 (Adobe Active File Monitor V4) - c:\program files\adobe\photoshop elements 4.0\photoshopelementsfileagent.exe R2 AntiVirScheduler (AntiVir Scheduler) - c:\program files\antivir personaledition classic\sched.exe <Not Verified; Avira GmbH; Scheduler> R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour> S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Beep Device ID: ROOT\LEGACY_BEEP\0000 Manufacturer: Name: Beep PNP Device ID: ROOT\LEGACY_BEEP\0000 Service: Beep -- Files created between 2007-12-04 and 2008-01-04 ----------------------------- 2008-01-04 12:33:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-01-04 02:41:53 0 d-------- C:\Hijackthis 2008-01-04 02:24:50 505382 --a------ C:\HijackThis.exe 2008-01-03 14:05:29 3882 --a------ C:\WINDOWS\system32\tmp.reg 2008-01-03 14:04:45 0 d-------- C:\SmitfraudFix 2008-01-03 14:00:07 1129580 --a------ C:\SmitfraudFix.exe 2008-01-03 13:53:58 0 dr-h----- C:\Documents and Settings\Pascal Morin\Recent 2008-01-03 13:46:44 0 d-------- C:\Program Files\CCleaner 2007-12-17 09:27:46 17 --a------ C:\Documents and Settings\Pascal Morin\A 2007-12-17 09:07:46 70656 --a------ C:\Documents and Settings\Pascal Morin\kolenkor.dll 2007-12-12 08:04:21 29 --a------ C:\Documents and Settings\Pascal Morin\o 2007-12-12 08:04:21 287232 --a------ C:\Documents and Settings\Pascal Morin\libcurl.dll <Not Verified; The cURL library, http://curl.haxx.se/; The cURL library> 2007-12-11 10:48:49 60496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys <Not Verified; Sygate Technologies, Inc.; Sygate Teefer Driver> 2007-12-11 10:48:47 21075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys <Not Verified; Sygate Technologies, Inc.; wpsdrvnt> 2007-12-11 10:48:43 0 d-------- C:\Program Files\Sygate 2007-12-10 08:01:56 59392 --a------ C:\WINDOWS\derc32xz.exe -- Find3M Report --------------------------------------------------------------- 2008-01-04 22:02:58 0 d-------- C:\Documents and Settings\Pascal Morin\Application Data\Skype 2008-01-04 20:59:45 0 d-------- C:\Program Files\Mozilla Thunderbird 2008-01-04 18:01:25 0 d-------- C:\Program Files\Plaxo 2008-01-03 21:23:27 1100 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-01-03 10:49:44 0 d-------- C:\Documents and Settings\Pascal Morin\Application Data\OrgPlus5 2008-01-01 23:25:09 0 d-------- C:\Documents and Settings\Pascal Morin\Application Data\Move Networks 2007-12-29 22:32:38 0 d-------- C:\Documents and Settings\Pascal Morin\Application Data\Macromedia 2007-12-22 15:40:44 0 d-------- C:\Documents and Settings\Pascal Morin\Application Data\Adobe 2007-12-17 21:16:21 0 d-------- C:\Program Files\GeoGebra 2007-12-12 12:19:33 0 d-------- C:\Documents and Settings\Pascal Morin\Application Data\OpenOffice.org2 2007-11-24 20:19:54 0 d-------- C:\Program Files\OGSConverter 2007-11-12 15:44:53 0 d-------- C:\Documents and Settings\Pascal Morin\Application Data\ATI 2007-11-12 15:44:10 0 --a------ C:\WINDOWS\ativpsrm.bin 2007-11-12 15:42:07 0 d-------- C:\Program Files\ATI Technologies 2007-11-12 15:41:40 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-11-12 15:01:12 0 d-------- C:\Program Files\Realtek 2007-11-12 15:00:52 0 d-------- C:\Documents and Settings\Pascal Morin\Application Data\InstallShield 2007-11-12 15:00:45 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program> 2007-11-12 13:49:56 0 d-------- C:\Program Files\Messenger Plus! Live 2007-11-12 13:28:29 23412 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-10-13 10:27:08 2560 --a------ C:\WINDOWS\system32\bitcometres.dll <Not Verified; BitComet; BitComet BCTP Helper> -- Registry Dump --------------------------------------------------------------- Note empty entries & legit default entries are not shown [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{6CE062EA-B8FB-47C0-BCD7-1470A1063D7E}"= C:\PROGRA~1\ADVFNT~1\tbu46\advfn.dll [ ] [-HKEY_CLASSES_ROOT\CLSID\{6CE062EA-B8FB-47C0-BCD7-1470A1063D7E}] [HKEY_CLASSES_ROOT\XBTB01793.XBTB01793.1] [HKEY_CLASSES_ROOT\TypeLib\{A67AEBCA-11FC-49df-85BA-4E8CE0BFD67A}] [HKEY_CLASSES_ROOT\XBTB01793.XBTB01793] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 11:50] "FlashIcon"="C:\Program Files\\USB 2.0 Card Reader Driver v2.2\FlashIcon.EXE" [] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [11/11/2004 21:10] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe" [04/06/2002 18:57] "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [10/10/2007 16:41] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [15/02/2006 01:58] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [15/01/2006 19:39] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [22/07/2002 01:10] "EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [09/07/2002 08:50] "SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [07/01/2006 01:36] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 00:11] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [09/09/2005 00:18] "Adobe Reader Speed Launcher"="D:\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51] "RTHDCPL"="RTHDCPL.EXE" [12/04/2007 10:33 C:\WINDOWS\RTHDCPL.exe] "JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [30/10/2006 13:44] "36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [06/02/2007 13:08] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [10/11/2006 12:35] "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [15/10/2004 19:40] "frun"="C:\WINDOWS\derc32xz.exe" [10/12/2007 08:01] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Power2GoExpress"="C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" [23/03/2005 14:34] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [27/07/2007 13:00] "KITCO"="C:\Program Files\Kitco\Kcast\Kcast" [] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [30/11/2006 21:49] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 17:24] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19/01/2007 11:54] "PlaxoUpdate"="C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe" [11/12/2007 17:21] "ProxyWay"="C:\Program Files\ProxyWay\proxyway.exe" [] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [13/09/2007 12:31] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce] "FFTI"=C:\Documents and Settings\Pascal Morin\Application Data\Mozilla\Firefox\Profiles\6jh3qy59.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Pascal Morin\Application Data\Mozilla\Firefox\Profiles/6jh3qy59.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Documents and Settings\Pascal Morin\Start Menu\Programs\Startup\ Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\WidgetEngine\YahooWidgets.exe [11/12/2007 23:34:48] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [14/04/2006 16:15:08] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableCAD"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{93994DE8-8239-4655-B1D1-5F4E91300429}"= C:\PROGRA~1\DVDREG~1\DVDShell.dll [26/08/2003 10:58 49152] -- End of Deckard's System Scanner: finished at 2008-01-04 22:03:28 ------------ Deckard Extra Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: Intel(R) Pentium(R) D CPU 3.00GHz CPU 1: Intel(R) Pentium(R) D CPU 3.00GHz Percentage of Memory in Use: 26% Physical Memory (total/avail): 2046.42 MiB / 1509.27 MiB Pagefile Memory (total/avail): 3938.92 MiB / 3463.02 MiB Virtual Memory (total/avail): 2047.88 MiB / 1935.86 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 30.11 GiB total, 5.12 GiB free. D: is Fixed (NTFS) - 202.77 GiB total, 137.59 GiB free. E: is CDROM (No Media) F: is CDROM (No Media) G: is Removable (No Media) H: is Removable (No Media) I: is Removable (No Media) J: is Removable (No Media) \\.\PHYSICALDRIVE0 - - 232.88 GiB - 2 partitions \PARTITION0 (bootable) - Installable File System - 30.11 GiB - C: \PARTITION1 - Installable File System - 202.77 GiB - D: \\.\PHYSICALDRIVE1 - Generic USB Storage-CFC USB Device \\.\PHYSICALDRIVE4 - Generic USB Storage-MSC USB Device \\.\PHYSICALDRIVE2 - Generic USB Storage-SDC USB Device \\.\PHYSICALDRIVE3 - Generic USB Storage-SMC USB Device -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FirstRunDisabled is set. J'ai coupé car ça parraît trop long pour poster; suite ci-dessous Dernière édition par actus le 04 Jan 2008 23:17; édité 2 fois

Revenir en haut de page

APC
Invité

Posté le: 04 Jan 2008 23:11 Sujet du message:

« actus » a écrit: 1) Non, je n'ai craqué aucun logiciel. Je pense l'avoir attrapé avec un codec après avoir téléchargé un film sur bit torrent. Au lieu de cliquer non, je pense avoir cliqué oui (mais je ne suis pas vraiment sûr). Ok, je comprends mieux. Que tu cliques, sur Oui, Non, ou la croix pour fermer, ça ne change rien au résultat chaque bouton correspond à un Oui, sinon c'est pas rigolo ça te laisse 2 chances sur 3 de passer au travers. « actus » a écrit: 2) L'erreur de manip c'est que j'ai arrêté Combofix car je ne voyais pas de log arriver; de plus le firewall de Windows était encore actif. J'ai donc tout relancé (et désactivé tous les AV et autres pare-feux que j'ai pu trouver). Il ne faut pas stopper CF, ni surtout cliquer dans la fenêtre pendant qu'il scanne. C'est pas grave pour le 1er rapport, celui que tu m'as donné me va très bien. ++

Revenir en haut de page

APC
Invité

Posté le: 04 Jan 2008 23:17 Sujet du message:

Re, Pour Combofix, c'est pas bon, il me faut faut le combofix3.txt sinon je ne sais pas ce qu'il a nettoyé ou non. S'il n'existe pas poste de nouveau le contenu de ComboFix-quarantined-files.txt. Sur un autre post, remets le contenu du fichier Extra de DSS, les rapports sont trop longs pour être sur un seul post, j'avais oublié de te le demander. @+

Revenir en haut de page

actus
Habitué

Inscrit le: 04 Jan 2008
Message(s): 55

Posté le: 04 Jan 2008 23:27 Sujet du message:

Je me suis aperçu qu'ils sont trop long donc voici la suite: FW: Sygate Personal Firewall v4.6 (Sygate Technologies, Inc.) [COLOR=RED]Disabled[/COLOR] AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.112 (AntiVir PersonalProducts GmbH) [COLOR=RED]Disabled[/COLOR] AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.177 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.164 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.186 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.37 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.108 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.76 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.160 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.193 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.48 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.80 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.134 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.96 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.134 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.21 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.71 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.92 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.165 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.164 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191 (AntiVir PersonalProducts GmbH) [COLOR=RED]Disabled[/COLOR] AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.147 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.147 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.24 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.186 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.240 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.119 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.48 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.94 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.164 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.55 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.62 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.203 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.62 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.4 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.195 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) [COLOR=RED]Disabled[/COLOR] AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.121 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.54 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.120 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.219 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.72 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.92 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.16 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.63 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.95 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.100 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.84 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.51 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.112 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.142 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.68 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.37 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.192 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.73 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.28 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.155 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.226 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.92 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.55 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.110 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.23 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.150 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.56 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.96 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.186 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.126 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.31 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.5 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.160 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.16 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.142 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.213 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.186 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.147 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) [COLOR=RED]Disabled[/COLOR] AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.147 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.213 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.9 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.199 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.214 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.203 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.125 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.155 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) [COLOR=RED]Disabled[/COLOR] AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191 (AntiVir PersonalProducts GmbH) [COLOR=RED]Disabled[/COLOR] AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.14 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.76 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.72 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.66 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.186 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.125 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.152 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.56 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.125 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.54 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.206 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.68 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.114 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.39 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.121 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.206 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.231 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.163 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.88 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.18 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.73 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.193 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.31 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.92 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.79 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.46 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.129 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.23 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.48 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.21 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.54 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.155 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.47 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.164 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.133 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.31 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.96 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.231 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.213 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.141 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.71 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.45 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.125 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.203 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.72 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.112 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.134 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.112 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.46 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.134 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.133 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.92 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.94 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.219 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.193 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.4 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.134 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.54 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.94 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.203 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.186 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.31 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.34 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.240 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.174 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.54 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.206 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.18 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.193 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.90 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.134 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.38 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.95 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.82 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.16 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.87 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.185 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.21 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.240 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.237 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.37 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.203 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.80 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.166 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.121 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.72 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.219 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.125 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.193 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.213 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.3 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.63 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.92 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.164 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.19 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.242 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.226 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.72 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.11 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) [COLOR=RED]Disabled[/COLOR] AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.203 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.126 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.111 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.111 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.37 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.86 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.150 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.159 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.206 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.128 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.21 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.80 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.184 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.42 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.186 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.95 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.83 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.147 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.83 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.96 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.128 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.61 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.73 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.181 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.219 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.84 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.185 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.37 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.209 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.16 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.72 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.115 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.65 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.127 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.126 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.28 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.160 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.118 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.60 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.140 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.37 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.141 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.181 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.92 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.219 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.92 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.82 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.65 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.21 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.213 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.16 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.31 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.121 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.206 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.125 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.98 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.134 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.37 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.197 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.76 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.7 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.44 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.55 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.56 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.134 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.71 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.223 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.186 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.109 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.112 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.60 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.193 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.186 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.37 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.23 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.206 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.128 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.13 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.54 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.9 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.174 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.127 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.126 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.4 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.1.191 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.33 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.114 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.203 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.248 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.79 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.213 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.42 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.77 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.191 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.134 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.72 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 7.0.0.21 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.37 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.1.38 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.202 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.161 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.188 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.98 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.39.0.128 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v 6.38.1.218 (AntiVir PersonalProducts GmbH) AV: AntiVir PersonalEdition Classic Virus Protection v0.0.0.0 (AntiVir PersonalProducts GmbH) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

Revenir en haut de page

actus
Habitué

Inscrit le: 04 Jan 2008
Message(s): 55

Posté le: 04 Jan 2008 23:30 Sujet du message:

Et la fin! -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Pascal Morin\Application Data CLASSPATH=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=PC-D8300 ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Pascal Morin LOGONSERVER=\\PC-D8300 NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\;C:\PROGRA~1\Borland\Delphi6\Bin;C:\PROGRA~1\Borland\Delphi6\Projects\Bpl;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 4, GenuineIntel PROCESSOR_LEVEL=15 PROCESSOR_REVISION=0404 ProgramFiles=C:\Program Files PROMPT=$P$G QTJAVA=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\PASCAL~1\LOCALS~1\Temp TMP=C:\DOCUME~1\PASCAL~1\LOCALS~1\Temp USERDOMAIN=PC-D8300 USERNAME=Pascal Morin USERPROFILE=C:\Documents and Settings\Pascal Morin windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Pascal Morin [I](admin)[/I] -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks\|RealPlayer\|6.0 --> Dummy --> MsiExec /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6} --> MsiExec.exe /I{C98E5F1B-5C2B-4FD1-BDF9-F3779DCAAA16} --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x9 UNINSTALL --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ACM Forex Trading Platform --> C:\WINDOWS\system32\javaws.exe -uninstall -prompt "http://www.acmtrading.com:80/ebp/20070412/trader.jnlp?u=&p=" Adobe After Effects CS3 --> C:\Program Files\Common Files\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe Adobe After Effects CS3 --> MsiExec.exe /I{8AF3FB06-BDA3-42A3-995C-308812D2F094} Adobe After Effects CS3 Presets --> MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9} Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings --> C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe Adobe Color Common Settings --> MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF} Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2 --> C:\Program Files\Common Files\Adobe\Installers\5bc0f8414ec36c555a3e7e5ec2e225e\Setup.exe Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862} Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903} Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe MotionPicture Color Files --> MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77} Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop Elements 4.0 --> msiexec /I {EBB7C1C1-D439-4D9B-9FDC-954C10F266B0} Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003} Adobe Reader Japanese Fonts --> MsiExec.exe /I{AC76BA86-7AD7-5760-0000-705000000001} Adobe Setup --> MsiExec.exe /I{2274624C-5B38-41AD-AD27-CEC0924EB628} Adobe Setup --> MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019} Adobe Setup --> MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1} Adobe Setup --> MsiExec.exe /I{D504303A-717D-414C-BA9F-FE01093E2EF8} Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Adobe Stock Photos CS3 --> C:\Program Files\Common Files\Adobe\Installers\cbb2ea61da9c780bd7e47a5230a9ed7\Setup.exe Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe Video Profiles --> MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC} Adobe XMP DVA Panels CS3 --> MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F} Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} ADVFN Toolbar --> regsvr32 /u /s "C:\PROGRA~1\ADVFNT~1\tbu46\advfn.dll" AGEIA PhysX v7.07.09 --> MsiExec.exe /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6} Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x444e ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Avira AntiVir PersonalEdition Classic --> C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Battlefield 2(TM) Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}\setup.exe" -l0x9 -removeonly Battlefield 2142 Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD347316-609E-4149-983C-84B40338D38A}\setup.exe" -l0x9 -removeonly BitComet 0.94 --> D:\BitComet\uninst.exe Borland Delphi 6 --> MsiExec.exe /I{B7886D87-ADA4-46A0-8A8D-02AB16B9F95A} CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" CINEMA 4D Release 9 XL Bundle --> C:\WINDOWS\unvise32.exe C:\Program Files\MAXON\CINEMA 4D R9\uninstal_C4D.log CutePDF Writer 2.7 --> C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall DealBook FX 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4F1AEBC-6259-459B-BF23-201335038F3F}\Setup.exe" -l0x9 DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DVD Region-Free 3.10 --> "C:\Program Files\DVD Region-Free\unins000.exe" DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe" EZ ThunderBird Backup Basic --> C:\WINDOWS\rapidui.exe -ui ezthunderbirdbackup.exe GeoGebra --> "C:\Program Files\GeoGebra\UninstallerData\Uninstaller.exe" Gigabyte Raid Configurer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\SETUP.EXE" -l0x9 -removeonly Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 1.99.1 --> C:\Hijackthis\HijackThis.exe /uninstall hp deskjet 6122 --> MsiExec.exe /X{E1F4FB82-3EA6-46B6-A18A-9B3A62DA393E} hp print screen utility --> C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe HumanConcepts OrgPlus 5 --> MsiExec.exe /I{CC34F9FB-34B4-4224-A09B-95432AE34EB9} HumanConcepts OrgViewer 5 --> C:\Program Files\HumanConcepts\OrgViewer 5\Uninst.EXE /u IQ-Trader --> \UNWISE.EXE C:\PROGRA~1\MOZILL~1\ J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090} Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Kcast Beta 1.1.3 --> C:\WINDOWS\iun6002.exe "C:\Program Files\Kitco\Kcast\unkcast.ini" KeyScrambler --> C:\Program Files\KeyScrambler\uninstall.exe Lernout & Hauspie TruVoice American English TTS Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL Logitech iTouch Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.exe" -l0x9 UNINSTALL Logitech MouseWare 9.71 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x9 -l0009 UNINSTALL Logitech Resource Center --> C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE /s C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG Macro Express 3 --> C:\PROGRA~1\MACROE~1\UNWISE.EXE C:\PROGRA~1\MACROE~1\INSTALL.LOG Medal of Honor Airborne Démo --> MsiExec.exe /X{25F28E36-FDBB-11DB-8314-0800200C9A66} Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual J# .NET Redistributable Package 1.1 --> MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8} Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Pascal Morin\Application Data\Move Networks\ie_bin\Uninst.exe Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.9) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSN Money Investment Toolbox --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:5 MX Skype Recorder v3.1 --> C:\Program Files\MXSkypeRec\uninstall.exe Nero Suite --> C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID="" OGSConverter --> C:\WINDOWS\system32\javaws.exe -uninstall -prompt "http://www.ogsconverter.com/jnlp/ogsconverter.fr.jnlp" OGSConverter version 2.20 --> "C:\Program Files\OGSConverter\unins000.exe" OpenMG Limited Patch 4.4-06-13-19-01 --> C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.4-06-13-19-01\HotFixSetup\setup.exe /u OpenMG Secure Module 4.4.00 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{CFB17307-B244-4EAD-AE8E-CDAF440477C2} UNINSTALL OpenOffice.org 2.0 --> MsiExec.exe /I{752783F5-0CFC-44C3-9E1F-CAF17C4508E7} PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe" Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe" Plaxo Toolbar for Outlook and Outlook Express --> C:\Program Files\Plaxo\2.13.1.3\uninstall.exe Power2Go 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall PowerStarter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall PunkBuster for Joint Operations --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFE6E3B6-8CA9-4837-B292-5F11A80339A9}\setup.exe" -l0x9 QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1033 Radar Screensaver version 1.71 --> "C:\Program Files\Radar Screensaver\unins000.exe" RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks\|RealPlayer\|6.0 REALTEK GbE & FE Ethernet PCI-E NIC Driver --> C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x0009 -removeonly Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x9 -removeonly SaxoTrader 2 --> MsiExec.exe /X{024D66E9-D50C-44A7-92B4-2DFDDD95D228} Skype™ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} SonicStage 3.4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x9 UNINSTALL -removeonly Sony Noise Reduction Plug-In 2.0e --> MsiExec.exe /X{D533C9D4-ED96-4191-B9C3-279C0DD6BABA} SpeedSim --> d:\SpeedSim\0.9.7.0b\SpeedSim\uninst.exe Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" Sygate Personal Firewall --> MsiExec.exe /I{F34D9A5F-484A-4E31-A9D3-908CB265B289} Terayon DOCSIS Modem --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C98F2FE6-5AF5-11D6-8209-00D0B701C7B5}\Setup.exe" -l0x9 TerraExplorer --> C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U Universal Chat Translator and Speaker for Skype --> rundll32.exe dfshim.dll,ShArpMaintain ULRTCS.application, Culture=neutral, PublicKeyToken=e8d92a5479c3d39a, processorArchitecture=msil Unix Utilities for Yahoo! Widgets --> C:\Program Files\Yahoo!\WidgetEngine\UnixUtils\uninstall.exe Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C} Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F} Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" WinPcap 4.0 --> C:\Program Files\WinPcap\uninstall.exe Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\unyext.exe Yahoo! Mail --> C:\WINDOWS\system32\regsvr32.exe /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe Yahoo! Widgets --> C:\PROGRA~1\Yahoo!\WIDGET~1\uninstall.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type392 / Success Event Submitted/Written: 01/04/2008 09:12:32 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type391 / Error Event Submitted/Written: 01/04/2008 06:33:40 PM Event ID/Source: 0 / SmcService Event Description: SmcService error: 1063StartServiceCtrlDispatcher failed. Event Record #/Type388 / Warning Event Submitted/Written: 01/04/2008 06:18:06 PM Event ID/Source: 4113 / H+BEDV AntiVir Event Description: AntiVir has detected 'BDS/Agent.YZB' in the file C:\WINDOWS\SYSTEM32\SOL718.TXT Event Record #/Type387 / Warning Event Submitted/Written: 01/04/2008 06:17:40 PM Event ID/Source: 4113 / H+BEDV AntiVir Event Description: AntiVir has detected 'BDS/Agent.YZB' in the file C:\WINDOWS\SYSTEM32\SOL718.TXT Event Record #/Type386 / Warning Event Submitted/Written: 01/04/2008 06:17:40 PM Event ID/Source: 4113 / H+BEDV AntiVir Event Description: AntiVir has detected 'BDS/Agent.YZB' in the file C:\WINDOWS\SYSTEM32\SOL718.TXT -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type10362 / Warning Event Submitted/Written: 01/04/2008 09:39:00 PM Event ID/Source: 4226 / Tcpip Event Description: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Event Record #/Type10359 / Warning Event Submitted/Written: 01/04/2008 09:10:13 PM Event ID/Source: 4226 / Tcpip Event Description: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Event Record #/Type10358 / Warning Event Submitted/Written: 01/04/2008 08:56:24 PM Event ID/Source: 4226 / Tcpip Event Description: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Event Record #/Type10348 / Error Event Submitted/Written: 01/04/2008 06:03:17 PM Event ID/Source: 7000 / Service Control Manager Event Description: The HTTP SSL service failed to start due to the following error: %%1053 Event Record #/Type10347 / Error Event Submitted/Written: 01/04/2008 06:03:17 PM Event ID/Source: 7009 / Service Control Manager Event Description: Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect. -- End of Deckard's System Scanner: finished at 2008-01-04 22:03:28 ------------

Revenir en haut de page

actus
Habitué

Inscrit le: 04 Jan 2008
Message(s): 55

Posté le: 04 Jan 2008 23:32 Sujet du message:

J'ai fait une recherche sur C: et D: sans trouver le log combofix3.txt. Donc voici le log de ComboFix-quarantined-files.txt 1995-12-22 08:16 432 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\CFX32.LIC.vir 1996-06-10 13:24 307200 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\CFX32.OCX.vir 2007-03-27 02:11 9 --a------ C:\Qoobox\Quarantine\C\WINDOWS\OPTIONS\CABS\_desktop.ini.vir 2008-01-04 17:32 1196 --a------ C:\Qoobox\Quarantine\Registry_backups\LEGACY_DRIVER.reg.dat 2008-01-04 17:32 678 --a------ C:\Qoobox\Quarantine\Registry_backups\services_Driver.reg.dat 2008-01-04 17:32 698 --a------ C:\Qoobox\Quarantine\Registry_backups\hklm_windowsNT_windows.reg.dat 2008-01-04 17:33 3185 --a------ C:\Qoobox\Quarantine\C\ComboFix\errdbg.dat.vir A+

Revenir en haut de page

APC
Invité

Posté le: 05 Jan 2008 9:10 Sujet du message:

Bonjour, Tu as bien suivi la manip avec Combofix ? Tes rapports n'indiquent aucune suppression de ce que je t'ai demandé et si tu as suivi la procédure c'est qu'il y a quelque chose qui l'empêche de faire son travail.

Revenir en haut de page

actus
Habitué

Inscrit le: 04 Jan 2008
Message(s): 55

Posté le: 05 Jan 2008 11:28 Sujet du message:

Bonjour, Oui, j'ai bien suivi les instructions (enfin il me semble). Je peux recommencer le processus. Mais hier soir mon PC refonctionnait normalement après la dernière manip et ce matin après le rebooting, fonctionnement normal. Dois-je en conclure que que mon PC est propre ou bien est-il préférable que je recommence le processus combofix? P.S. j'avais 2 combofix sur mon bureau, je présume que l'utilisation de l'un ou l'autre n'avait aucune importance. Sinon, je sésinstalle combofix et recommence le processus.

Revenir en haut de page

APC
Invité

Posté le: 05 Jan 2008 13:57 Sujet du message:

« actus » a écrit: j'avais 2 combofix sur mon bureau, je présume que l'utilisation de l'un ou l'autre n'avait aucune importance. Pourquoi 2 ? Quel intérêt ? Ca a de l'importance parceque les rapports ont dûs être écrasés dans le dossier Qoobox. Supprime un des deux et lance Combofix sans effectuer le glisser/déplacer avec CFScript que je vois ce qu'il reste réellement. @+

Revenir en haut de page

actus
Habitué

Inscrit le: 04 Jan 2008
Message(s): 55

Posté le: 05 Jan 2008 22:01 Sujet du message:

« Sév » a écrit: Pourquoi 2 ? Quel intérêt ? Aucun intérêt! Mais erreur de manipulation ainsi qu'indiqué précédemment. Je refais le processus. a+

Revenir en haut de page

	Le site -> Assiste PC Index du Forum -> Désinfection des virus & analyses de logs HijackThis	Toutes les heures sont au format GMT + 2 Heures Aller à la page 1, 2, 3 Suivante
Page 1 sur 3

Navigation

Autres sujets similaires

Sécurité informatique
» Anti-virus : lequel choisir ?

Windows XP - 2000
» [Résolu] Installer des pilotes dans "autres périphériqu

Désinfection des virus & analyses de logs HijackThis
» virus qui désinstalle antivirus

Désinfection des virus & analyses de logs HijackThis
» virus et ch. de Troie et logiciels espions ne partent pas

Désinfection des virus & analyses de logs HijackThis
» Virus Iexplorer.exe - Pub CID

Vous ne pouvez pas poster de nouveaux sujets dans ce forum
Vous ne pouvez pas répondre aux sujets dans ce forum
Vous ne pouvez pas éditer vos messages dans ce forum
Vous ne pouvez pas supprimer vos messages dans ce forum
Vous ne pouvez pas voter dans les sondages de ce forum