> Tous les forums > Forum Sécurité
 Probleme impossible de faire le dignostic !!!Sujet résolu
Ajouter un message à la discussion
Pages : [1] 2 3 ... Fin
Page 1 sur 3 [Fin]
Lorea62
  Posté le 03/02/2010 @ 14:12 
Aller en bas de la page 
Petite astucienne

bonjour j'ai depuis quelques jours des pages de pubs qui s'ouvrent seules mon mari a tenté de telecharger un crack pour un jeu et je pense que ça vient de là.Le soucis c'est que mon analuse anti virus est bloquee j'ai tenté l'aide au diagnostic d'un pc infecté mais Rsit ne s'execute pas.... que dois je faire ?

Publicité
nardino
 Posté le 03/02/2010 à 14:16 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour

Télécharge FindyKill sur ton bureau
http://pagesperso-orange.fr/NosTools/Chiquitine29/Setup.exe

L'icône suivante


Clic sur cette icône et dans la fenêtre, tape F en bas après <F,C,E,Q> : pour afficher en français, valide par [Entrer]



Pour la détection tape 1 et valide par [Entrer]



Laisse faire le scan, qui va durer quelques instants.
Celui-ci terminé un rapport va s'ouvrir.



Poste ce dernier par copier-coller dans ta réponse.

Remarque.
Sous Vista/7 il faut procéder à l'élévation des privilèges par clic droit sur l'icône et "Exécuter en tant qu'administrateur.

Télécharge RSIT de random/random, sur le Bureau :
http://images.malwareremoval.com/random/RSIT.exe

Double-clique sur RSIT.exe afin de lancer l'outil, il ne nécessite pas d'installation.* **
Clique Continue à l'écran Disclaimer si tu acceptes les conditions.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et accepte la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt, celui qui va s'ouvrir et ferme info.txt qui est réduit dans la Barre des Tâches.
Ces rapports sont enregistrés dans le dossier C:\rsit

@+

Lorea62
 Posté le 03/02/2010 à 14:18 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

message d'erreur encore une fois....

Lorea62
 Posté le 03/02/2010 à 14:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

il me dit acces refusé ... mais j'ai aucun soucis d'habitude pour lancer une installation...

Lorea62
 Posté le 03/02/2010 à 14:42 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

personne a de solution svp ? {#}

nardino
 Posté le 03/02/2010 à 14:49 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour

Télécharge ici :

http://www.mediafire.com/file/uxkodwywyrg/Setup.zip

Je viens de le compresser.

N'aie crainte malgré le nom bizarre.

Tu décomprsses sur le bureau et rouler.

@+



Modifié par nardino le 03/02/2010 14:58
Lorea62
 Posté le 03/02/2010 à 14:53 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

{#} non plus il est refusé aussi ...

nardino
 Posté le 03/02/2010 à 14:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour

As-tu la possibilité de charger à partir d'un autre pc ?

@+

Lorea62
 Posté le 03/02/2010 à 15:00 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

oui j'ai cette possibilité en effet

nardino
 Posté le 03/02/2010 à 15:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Lorea62
 Posté le 03/02/2010 à 15:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

depuis l'autre pc ?

{#}

Lorea62
 Posté le 03/02/2010 à 15:09 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

sue celui ci c'est un echec une fois de + ...

nardino
 Posté le 03/02/2010 à 15:13 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Re,

Depuis l'autre, dans ce cas et transfère avec une clé USB une fois décompressé.

Je pense que tu es tombé sur une nouvelle version du virus pârticulièrement difficle.

@+

Lorea62
 Posté le 03/02/2010 à 15:15 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

aie...

ok je mùe connecte de l'autre coté alors

Lorea62
 Posté le 03/02/2010 à 15:26 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

ja'i essayé une ultime fois de lancer le dernier lien que tu m'as donné et ça a fonctionné apres redemarrage du pc...Je fais les manip que tu as indiqué plus haut ...

Lorea62
 Posté le 03/02/2010 à 15:48 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

j'ai tenté l'aide au diagnostic du pc infecté et vlà : ça a marché cette fois!

info.txt logfile of random's system information tool 1.06 2010-02-03 15:44:58

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Reader 9.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Dofus-->msiexec /qb /x {5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD}
Dofus-->MsiExec.exe /I{5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD}
Dongle Thomson TG123g -->C:\PROGRA~1\FICHIE~1\France Telecom\DONGLE_THOMSON_TG123g\0\uninstHardComponent.exe Uninstall.ini
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe
EPSON Logiciel imprimante-->C:\WINDOWS\system32\spool\DRIVERS\W32X86\EPUPDATE.EXE /r
Favorit-->"c:\documents and settings\manuel.pamart\local settings\application data\bdsmi.exe" -uninstall
Free Easy Burner V 2.0-->"C:\Program Files\Free Easy Burner\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.0.249.78\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
K-Lite Codec Pack 4.9.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x040c -removeonly
LG PC Suite III-->C:\Program Files\InstallShield Installation Information\{C0E18DC4-C74A-4889-AE3A-933471023787}\setup.exe -runfromtemp -l0x040c -removeonly
LG USB Modem Drivers-->MsiExec.exe /X{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Reg (DOFUS Audio Subsystem)-->msiexec /qb /x {3F900346-A316-BA88-B83C-2513F1260AD7}
Reg (DOFUS Audio Subsystem)-->MsiExec.exe /I{3F900346-A316-BA88-B83C-2513F1260AD7}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VirusKeeper 2010 Pro Evaluation-->"C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\unins000.exe"
Wanadoo Messager-->C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: VirusKeeper 2010 Pro antivirus
AV: Safe'n'Sec (disabled)

======System event log======

Computer Name: DELL-496244231B
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\CdRom2 au cours d'une opération de pagination.

Record Number: 885
Source Name: Cdrom
Time Written: 20100122211132.000000+060
Event Type: Avertissement
User:

Computer Name: DELL-496244231B
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\CdRom2 au cours d'une opération de pagination.

Record Number: 884
Source Name: Cdrom
Time Written: 20100122211132.000000+060
Event Type: Avertissement
User:

Computer Name: DELL-496244231B
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\CdRom2 au cours d'une opération de pagination.

Record Number: 883
Source Name: Cdrom
Time Written: 20100122211132.000000+060
Event Type: Avertissement
User:

Computer Name: DELL-496244231B
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\CdRom2 au cours d'une opération de pagination.

Record Number: 882
Source Name: Cdrom
Time Written: 20100122211132.000000+060
Event Type: Avertissement
User:

Computer Name: DELL-496244231B
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\CdRom2 au cours d'une opération de pagination.

Record Number: 881
Source Name: Cdrom
Time Written: 20100122211132.000000+060
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: DELL-496244231B
Event Code: 11724
Message: Product: SweetIM for Messenger 2.8 -- Removal completed successfully.

Record Number: 5
Source Name: MsiInstaller
Time Written: 20100131221643.000000+060
Event Type: Informations
User: DELL-496244231B\manuel.pamart

Computer Name: DELL-496244231B
Event Code: 0
Message:
Record Number: 4
Source Name: gupdate
Time Written: 20100131220703.000000+060
Event Type: Informations
User:

Computer Name: DELL-496244231B
Event Code: 0
Message: Service started

Record Number: 3
Source Name: SeaPort
Time Written: 20100131220628.000000+060
Event Type: Informations
User:

Computer Name: DELL-496244231B
Event Code: 0
Message:
Record Number: 2
Source Name: gupdate
Time Written: 20100131220628.000000+060
Event Type: Informations
User:

Computer Name: DELL-496244231B
Event Code: 2570
Message: Le service Adobe Active File Monitor a démarré.

Record Number: 1
Source Name: Adobe Active File Monitor 6.0
Time Written: 20100131220627.000000+060
Event Type:
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

Lorea62
 Posté le 03/02/2010 à 16:02 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

je fais toutes les demarches et je poste le rapport malewarebytes'anti-maleware

nardino
 Posté le 03/02/2010 à 16:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour.

Je veux trois rapports :

Celui de FindyKill (renommé Coconuts.com)

Celui de RSIT nommé log.txt

Celui de Malwarebytes.

@+

Lorea62
 Posté le 03/02/2010 à 16:18 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

ok à toute {#} merci

Lorea62
 Posté le 03/02/2010 à 16:29 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Logfile of random's system information tool 1.06 (written by random/random)
Run by manuel.pamart at 2010-02-03 15:44:46
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 37 GB (49%) free of 76 GB
Total RAM: 1534 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:44:55, on 03/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\S.N.Safe&Software\Safe'n'Sec\safensec.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Winsudate\gibsvc.exe
C:\Program Files\S.N.Safe&Software\Safe'n'Sec\protect.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Program Files\S.N.Safe&Software\Safe'n'Sec\snsmcon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LG Electronics\LG PC Suite III\LG_PCSuiteIII.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Winsudate\gibusr.exe
C:\documents and settings\manuel.pamart\local settings\application data\bdsmi.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\manuel.pamart\Bureau\RSIT.exe
C:\Program Files\trend micro\manuel.pamart.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: HelloWorldBHO - {1C3B806C-C5DA-4F6E-BA43-B1FF982F0A02} - C:\temp\idwbho2.dll (file missing)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\VirusKeeper.exe
O4 - HKLM\..\Run: [Safe'n'Sec Pro] "C:\Program Files\S.N.Safe&Software\Safe'n'Sec\snsmcon.exe" autostart
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [LG PC Suite III] C:\Program Files\LG Electronics\LG PC Suite III\LG_PCSuiteIII.exe /icon
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\Run: [bdsmi] "c:\documents and settings\manuel.pamart\local settings\application data\bdsmi.exe" bdsmi
O4 - Startup: IMVU.lnk = C:\Documents and Settings\manuel.pamart\Application Data\IMVUClient\IMVUQualityAgent.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\manuel.pamart\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O21 - SSODL: SnsShell - {A38300ED-853B-462b-A69F-DF0BB36B496A} - C:\Program Files\S.N.Safe&Software\Safe'n'Sec\snsshex.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SafenSec - S.N.Safe&Software - C:\Program Files\S.N.Safe&Software\Safe'n'Sec\safensec.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_service.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe

--
End of file - 8518 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C3B806C-C5DA-4F6E-BA43-B1FF982F0A02}]
idwbhoCl Class - C:\temp\idwbho2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{66886C4D-B307-4ECA-A228-52CA9B9851A4}
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-07-20 7110656]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-07-20 86016]
"ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2008-06-10 107248]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [2007-09-10 67488]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-25 149280]
"VirusKeeper"=C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\VirusKeeper.exe [2010-02-03 5921152]
"Safe'n'Sec Pro"=C:\Program Files\S.N.Safe&Software\Safe'n'Sec\snsmcon.exe [2009-11-30 460168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2005-09-09 845312]
"LG PC Suite III"=C:\Program Files\LG Electronics\LG PC Suite III\LG_PCSuiteIII.exe [2009-04-20 180224]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"WinUsr"=C:\Program Files\Winsudate\gibusr.exe [2010-01-07 88304]
"bdsmi"=c:\documents and settings\manuel.pamart\local settings\application data\bdsmi.exe [2010-01-31 376832]

C:\Documents and Settings\manuel.pamart\Menu Démarrer\Programmes\Démarrage
IMVU.lnk - C:\Documents and Settings\manuel.pamart\Application Data\IMVUClient\IMVUQualityAgent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
SnsShell - {A38300ED-853B-462b-A69F-DF0BB36B496A} - C:\Program Files\S.N.Safe&Software\Safe'n'Sec\snsshex.dll [2009-11-30 296328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Documents and Settings\manuel.pamart\Application Data\IMVUClient\1VivoxVoice.exe"="C:\Documents and Settings\manuel.pamart\Application Data\IMVUClient\1VivoxVoice.exe:*:Enabled:1VivoxVoice"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\USBAutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5366db91-d8df-11de-a2a3-0018e76c0e6d}]
shell\AutoRun\command - F:\USBAutoRun.exe


======List of files/folders created in the last 1 months======

2010-02-03 15:44:46 ----D---- C:\rsit
2010-02-03 15:44:46 ----D---- C:\Program Files\trend micro
2010-02-03 15:28:36 ----A---- C:\FyK.txt
2010-02-03 15:24:20 ----D---- C:\FyK
2010-02-03 14:41:33 ----D---- C:\WINDOWS\system32\Lang
2010-02-03 11:40:27 ----D---- C:\Program Files\S.N.Safe&Software
2010-02-03 11:40:27 ----D---- C:\Documents and Settings\All Users\Application Data\S.N.Safe&Software
2010-02-03 10:59:57 ----SHD---- C:\Config.Msi
2010-02-03 00:16:36 ----A---- C:\WINDOWS\ban_list.txt
2010-02-03 00:13:02 ----D---- C:\Program Files\Realtek AC97
2010-02-03 00:13:01 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
2010-02-03 00:12:57 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2010-02-03 00:12:57 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2010-02-03 00:12:56 ----A---- C:\WINDOWS\alcupd.exe
2010-02-03 00:12:56 ----A---- C:\WINDOWS\Alcrmv.exe
2010-02-03 00:09:06 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2010-02-02 23:32:50 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-02-02 23:32:50 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\app
2010-02-02 23:32:24 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-02-02 23:32:24 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Dofus 2
2010-02-02 11:03:08 ----D---- C:\Program Files\Dofus 2
2010-02-02 11:03:04 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2010-02-01 18:17:39 ----D---- C:\Documents and Settings\All Users\Application Data\Komity
2010-01-31 23:07:32 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2010-01-31 22:06:25 ----D---- C:\WINDOWS\Minidump
2010-01-31 15:49:46 ----HD---- C:\Documents and Settings\manuel.pamart\Application Data\m
2010-01-31 15:44:20 ----HD---- C:\Documents and Settings\manuel.pamart\Application Data\drivers
2010-01-31 15:19:23 ----D---- C:\Program Files\BoontyGames
2010-01-31 15:19:21 ----D---- C:\Program Files\Boonty
2010-01-27 19:21:17 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\IMVU
2010-01-25 13:16:12 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\IMVUClient
2010-01-25 10:26:35 ----D---- C:\Program Files\MeowMultiSound100
2010-01-22 01:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-01-14 01:34:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-14 01:34:42 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-07 08:47:52 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-01-07 08:46:02 ----D---- C:\Program Files\Winsudate
2010-01-07 08:46:01 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Icones

======List of files/folders modified in the last 1 months======

2010-02-03 15:44:46 ----D---- C:\Program Files
2010-02-03 15:39:21 ----D---- C:\WINDOWS\Temp
2010-02-03 15:24:45 ----D---- C:\Program Files\Mozilla Firefox
2010-02-03 15:22:47 ----D---- C:\WINDOWS\Prefetch
2010-02-03 15:19:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-03 14:48:24 ----D---- C:\WINDOWS
2010-02-03 14:41:33 ----D---- C:\WINDOWS\system32
2010-02-03 13:53:36 ----D---- C:\Documents and Settings
2010-02-03 13:18:06 ----D---- C:\WINDOWS\system32\drivers
2010-02-03 13:16:42 ----SHD---- C:\WINDOWS\Installer
2010-02-03 13:15:43 ----D---- C:\Program Files\Google
2010-02-03 12:34:14 ----D---- C:\Program Files\Windows Live Safety Center
2010-02-03 12:12:36 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-03 11:41:48 ----A---- C:\WINDOWS\win.ini
2010-02-03 10:54:31 ----HD---- C:\WINDOWS\inf
2010-02-03 00:13:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-03 00:13:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-03 00:12:55 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-03 00:10:26 ----SD---- C:\Documents and Settings\manuel.pamart\Application Data\Microsoft
2010-02-03 00:08:39 ----RSD---- C:\WINDOWS\assembly
2010-02-02 11:03:08 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-02-02 11:03:07 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Adobe
2010-02-02 11:03:04 ----D---- C:\Program Files\Fichiers communs
2010-02-02 09:37:23 ----D---- C:\Program Files\Windows Media Player
2010-02-01 18:17:02 ----D---- C:\WINDOWS\system32\DirectX
2010-02-01 18:16:37 ----D---- C:\WINDOWS\WinSxS
2010-01-27 19:13:15 ----D---- C:\Program Files\Astonsoft
2010-01-21 23:32:47 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-21 18:25:18 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-14 09:02:54 ----D---- C:\WINDOWS\AppPatch
2010-01-14 01:34:57 ----A---- C:\WINDOWS\imsins.BAK
2010-01-07 08:47:55 ----AC---- C:\WINDOWS\OEWABLog.txt
2010-01-07 08:46:01 ----D---- C:\Program Files\Internet Explorer
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 is-MHKIVdrv;is-MHKIVdrv; C:\WINDOWS\system32\DRIVERS\61124868.sys [2008-07-08 148496]
R1 SnsCore;SnSCore; C:\WINDOWS\system32\DRIVERS\snscore.sys [2009-11-17 58432]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2006-10-24 170392]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 RTL8187B;TG123g USB Wireless Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187B.sys [2008-11-06 264576]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
S3 ay3krgr8;ay3krgr8; C:\WINDOWS\system32\drivers\ay3krgr8.sys []
S3 ay3krgr8;ay3krgr8; C:\WINDOWS\system32\drivers\ay3krgr8.sys []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-20 3198368]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-07 47360]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2004-03-17 117248]
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-10 124832]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-06-20 65536]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-25 153376]
R2 SafenSec;SafenSec; C:\Program Files\S.N.Safe&Software\Safe'n'Sec\safensec.exe [2009-11-30 1932680]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files\Winsudate\gibsvc.exe [2010-01-07 70896]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-27 135664]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-07-20 127043]
S2 vkservice;VirusKeeper antivirus/antispyware; C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_service.exe [2009-09-24 1121664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-28 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Lorea62
 Posté le 03/02/2010 à 17:06 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3683
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

03/02/2010 17:06:33
mbam-log-2010-02-03 (17-06-13).txt

Type de recherche: Examen rapide
Eléments examinés: 155366
Temps écoulé: 18 minute(s), 19 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 247

Processus mémoire infecté(s):
C:\documents and settings\manuel.pamart\local settings\application data\bdsmi.exe (Adware.Navipromo.H) -> No action taken.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c3b806c-c5da-4f6e-ba43-b1ff982f0a02} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1c3b806c-c5da-4f6e-ba43-b1ff982f0a02} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\idwbho2.idwbhocl (Adware.SpeedDownloader) -> No action taken.
HKEY_CLASSES_ROOT\idwbho2.idwbhocl.1 (Adware.SpeedDownloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1c3b806c-c5da-4f6e-ba43-b1ff982f0a02} (Adware.SpeedDownloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\bisoft (Worm.Bagle) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\srosa (Worm.Bagle) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bdsmi (Adware.Navipromo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Worm.Bagle) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Worm.Bagle) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Worm.Bagle) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\m (Trojan.Agent) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\manuel.pamart\Local Settings\Application Data\bdsmi_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\manuel.pamart\Local Settings\Application Data\bdsmi_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\manuel.pamart\Local Settings\Application Data\bdsmi.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\manuel.pamart\Local Settings\Application Data\bdsmi.exe (Adware.Navipromo.H) -> No action taken.
C:\temp\idwbho2.dll (Trojan.BHO.H) -> No action taken.
C:\Documents and Settings\manuel.pamart\Local Settings\Temp\MVC4436\crack\keygen.exe (Worm.Bagle) -> No action taken.
C:\WINDOWS\wintems.exe (Worm.Bagle) -> No action taken.
C:\WINDOWS\mdelk.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\162062.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\162421.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\162671.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\163187.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\163515.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\163984.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\167625.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\168468.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\169234.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\170250.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\174046.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\175437.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\176281.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\177468.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\178187.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\179328.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\179937.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\180390.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\193593.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\194062.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\197234.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\197703.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\197984.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\198453.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\200734.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\201593.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\266187.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\266609.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\267000.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\268187.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\268406.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\268625.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\268796.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\269656.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\270265.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\270468.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\270671.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\270953.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\271281.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\271921.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\272312.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\273281.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\274187.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\275531.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\275765.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\280578.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\281375.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\281734.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\282062.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\282609.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\282968.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\283515.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\283750.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\284875.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\286218.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\287031.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\287250.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\288250.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\291781.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\292578.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\293203.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\293531.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\293921.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\294406.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\294609.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\296156.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\297250.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\297453.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\298906.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\300609.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\301359.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\301937.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\302593.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\302859.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\303328.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\303953.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\304390.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\304671.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\304828.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\305046.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\305281.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\306843.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\307421.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\309171.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\310578.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\311015.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\311296.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\311500.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\316484.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\317218.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\317625.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\317828.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\318343.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\318718.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\319093.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\319593.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\319968.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\320531.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\321093.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\321718.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\322265.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\322515.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\322875.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\323171.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\365937.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\367671.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\368390.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\368640.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\368906.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\369875.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\370250.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\370609.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\370968.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\372015.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\372796.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\373890.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\375078.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\375578.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\375843.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\376046.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\379218.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\379843.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\380234.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\381640.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\383218.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\384671.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\405234.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\405671.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\406109.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\407875.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\408515.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\408734.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\408937.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\409203.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\409390.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\409734.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\410078.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\410968.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\411453.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\411984.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\412484.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\412828.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\413109.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\413437.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\413656.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\414140.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\414515.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\415484.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\416484.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\416796.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\417062.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\417359.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\417593.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\417843.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\418046.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\419750.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\420468.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\421562.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\421718.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\422343.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\422593.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\423578.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\423953.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\427406.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\428718.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\428906.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\429093.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\429359.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\429609.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\430062.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\430375.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\430578.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\430734.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\430921.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\431125.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\431375.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\431562.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\432937.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\433859.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\434312.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\434687.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\435234.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\435734.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\436656.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\437328.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\437734.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\438171.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\438359.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\438625.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\438921.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\439437.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\439953.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\440312.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\440468.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\440718.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\441265.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\441609.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\442031.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\442578.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\444140.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\444687.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\445062.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\445546.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\448078.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\449312.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\449812.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\450015.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\450187.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\450343.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\450718.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\450937.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\451203.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\451437.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\452078.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\452453.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\452687.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\457531.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\458453.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\459218.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\459500.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\459781.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\469828.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\472687.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\474265.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\475484.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\476921.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\477640.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\478843.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\479843.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\480500.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\519625.exe (Worm.Bagle) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\m\data.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\m\list.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\m\srvlist.oct (Trojan.Agent) -> No action taken.
C:\Program Files\Internet Explorer\minftnet.exe (Adware.Agent) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\winupgro.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\manuel.pamart\Application Data\m\flec006.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\srosa2.sys (Worm.Bagle) -> No action taken.
C:\WINDOWS\system32\wfsintwq.sys (Worm.Bagle) -> No action taken.

Lorea62
 Posté le 03/02/2010 à 17:15 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

le rapport de findykill bloque à 50 % ....

Lorea62
 Posté le 03/02/2010 à 17:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

le scan* pardon

Lorea62
 Posté le 03/02/2010 à 17:29 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

2eme rapport maleware apres suppression :

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3683
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

03/02/2010 17:28:35
mbam-log-2010-02-03 (17-28-35).txt

Type de recherche: Examen rapide
Eléments examinés: 155366
Temps écoulé: 18 minute(s), 19 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 247

Processus mémoire infecté(s):
C:\documents and settings\manuel.pamart\local settings\application data\bdsmi.exe (Adware.Navipromo.H) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c3b806c-c5da-4f6e-ba43-b1ff982f0a02} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1c3b806c-c5da-4f6e-ba43-b1ff982f0a02} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\idwbho2.idwbhocl (Adware.SpeedDownloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\idwbho2.idwbhocl.1 (Adware.SpeedDownloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1c3b806c-c5da-4f6e-ba43-b1ff982f0a02} (Adware.SpeedDownloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\bisoft (Worm.Bagle) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\srosa (Worm.Bagle) -> Delete on reboot.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bdsmi (Adware.Navipromo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Worm.Bagle) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Worm.Bagle) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Worm.Bagle) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\m (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Documents and Settings\manuel.pamart\Local Settings\Application Data\bdsmi_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Local Settings\Application Data\bdsmi_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Local Settings\Application Data\bdsmi.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Local Settings\Application Data\bdsmi.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\temp\idwbho2.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Local Settings\Temp\MVC4436\crack\keygen.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\wintems.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\mdelk.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\162062.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\162421.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\162671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\163187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\163515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\163984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\167625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\168468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\169234.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\170250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\174046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\175437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\176281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\177468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\178187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\179328.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\179937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\180390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\193593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\194062.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\197234.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\197703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\197984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\198453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\200734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\201593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\266187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\266609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\267000.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\268187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\268406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\268625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\268796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\269656.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\270265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\270468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\270671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\270953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\271281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\271921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\272312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\273281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\274187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\275531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\275765.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\280578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\281375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\281734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\282062.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\282609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\282968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\283515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\283750.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\284875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\286218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\287031.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\287250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\288250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\291781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\292578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\293203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\293531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\293921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\294406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\294609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\296156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\297250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\297453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\298906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\300609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\301359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\301937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\302593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\302859.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\303328.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\303953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\304390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\304671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\304828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\305046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\305281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\306843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\307421.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\309171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\310578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\311015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\311296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\311500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\316484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\317218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\317625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\317828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\318343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\318718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\319093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\319593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\319968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\320531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\321093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\321718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\322265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\322515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\322875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\323171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\365937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\367671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\368390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\368640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\368906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\369875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\370250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\370609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\370968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\372015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\372796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\373890.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\375078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\375578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\375843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\376046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\379218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\379843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\380234.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\381640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\383218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\384671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\405234.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\405671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\406109.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\407875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\408515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\408734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\408937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\409203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\409390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\409734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\410078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\410968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\411453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\411984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\412484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\412828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\413109.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\413437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\413656.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\414140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\414515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\415484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\416484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\416796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\417062.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\417359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\417593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\417843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\418046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\419750.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\420468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\421562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\421718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\422343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\422593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\423578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\423953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\427406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\428718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\428906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\429093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\429359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\429609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\430062.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\430375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\430578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\430734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\430921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\431125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\431375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\431562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\432937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\433859.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\434312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\434687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\435234.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\435734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\436656.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\437328.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\437734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\438171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\438359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\438625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\438921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\439437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\439953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\440312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\440468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\440718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\441265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\441609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\442031.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\442578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\444140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\444687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\445062.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\445546.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\448078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\449312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\449812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\450015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\450187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\450343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\450718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\450937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\451203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\451437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\452078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\452453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\452687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\457531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\458453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\459218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\459500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\459781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\469828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\472687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\474265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\475484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\476921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\477640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\478843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\479843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\480500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\downld\519625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\minftnet.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\drivers\winupgro.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\manuel.pamart\Application Data\m\flec006.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\srosa2.sys (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wfsintwq.sys (Worm.Bagle) -> Quarantined and deleted successfully.

nardino
 Posté le 03/02/2010 à 17:33 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonsoir,

Refais un scan FindyKill.

Et refais un scan RSIT puis postes les deux rapports : celui de findykill et log.txt.

@+

Lorea62
 Posté le 03/02/2010 à 17:37 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Dernier rapport rsit :

Logfile of random's system information tool 1.06 (written by random/random)
Run by manuel.pamart at 2010-02-03 17:37:20
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 37 GB (49%) free of 76 GB
Total RAM: 1534 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:44:55, on 03/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\S.N.Safe&Software\Safe'n'Sec\safensec.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Winsudate\gibsvc.exe
C:\Program Files\S.N.Safe&Software\Safe'n'Sec\protect.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Program Files\S.N.Safe&Software\Safe'n'Sec\snsmcon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LG Electronics\LG PC Suite III\LG_PCSuiteIII.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Winsudate\gibusr.exe
C:\documents and settings\manuel.pamart\local settings\application data\bdsmi.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\manuel.pamart\Bureau\RSIT.exe
C:\Program Files\trend micro\manuel.pamart.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: HelloWorldBHO - {1C3B806C-C5DA-4F6E-BA43-B1FF982F0A02} - C:\temp\idwbho2.dll (file missing)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\VirusKeeper.exe
O4 - HKLM\..\Run: [Safe'n'Sec Pro] "C:\Program Files\S.N.Safe&Software\Safe'n'Sec\snsmcon.exe" autostart
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [LG PC Suite III] C:\Program Files\LG Electronics\LG PC Suite III\LG_PCSuiteIII.exe /icon
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\Run: [bdsmi] "c:\documents and settings\manuel.pamart\local settings\application data\bdsmi.exe" bdsmi
O4 - Startup: IMVU.lnk = C:\Documents and Settings\manuel.pamart\Application Data\IMVUClient\IMVUQualityAgent.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\manuel.pamart\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O21 - SSODL: SnsShell - {A38300ED-853B-462b-A69F-DF0BB36B496A} - C:\Program Files\S.N.Safe&Software\Safe'n'Sec\snsshex.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SafenSec - S.N.Safe&Software - C:\Program Files\S.N.Safe&Software\Safe'n'Sec\safensec.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_service.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe

--
End of file - 8518 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{66886C4D-B307-4ECA-A228-52CA9B9851A4}
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-07-20 7110656]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-07-20 86016]
"ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2008-06-10 107248]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [2007-09-10 67488]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-25 149280]
"VirusKeeper"=C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\VirusKeeper.exe [2010-02-03 5921152]
"Safe'n'Sec Pro"=C:\Program Files\S.N.Safe&Software\Safe'n'Sec\snsmcon.exe [2009-11-30 460168]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2005-09-09 845312]
"LG PC Suite III"=C:\Program Files\LG Electronics\LG PC Suite III\LG_PCSuiteIII.exe [2009-04-20 180224]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"WinUsr"=C:\Program Files\Winsudate\gibusr.exe [2010-01-07 88304]

C:\Documents and Settings\manuel.pamart\Menu Démarrer\Programmes\Démarrage
IMVU.lnk - C:\Documents and Settings\manuel.pamart\Application Data\IMVUClient\IMVUQualityAgent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
SnsShell - {A38300ED-853B-462b-A69F-DF0BB36B496A} - C:\Program Files\S.N.Safe&Software\Safe'n'Sec\snsshex.dll [2009-11-30 296328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Documents and Settings\manuel.pamart\Application Data\IMVUClient\1VivoxVoice.exe"="C:\Documents and Settings\manuel.pamart\Application Data\IMVUClient\1VivoxVoice.exe:*:Enabled:1VivoxVoice"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\USBAutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5366db91-d8df-11de-a2a3-0018e76c0e6d}]
shell\AutoRun\command - F:\USBAutoRun.exe


======List of files/folders created in the last 1 months======

2010-02-03 17:10:20 ----A---- C:\FyK.txt
2010-02-03 15:57:19 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Malwarebytes
2010-02-03 15:57:12 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-02-03 15:57:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-03 15:44:46 ----D---- C:\rsit
2010-02-03 15:44:46 ----D---- C:\Program Files\trend micro
2010-02-03 15:24:20 ----D---- C:\FyK
2010-02-03 14:41:33 ----D---- C:\WINDOWS\system32\Lang
2010-02-03 11:40:27 ----D---- C:\Program Files\S.N.Safe&Software
2010-02-03 11:40:27 ----D---- C:\Documents and Settings\All Users\Application Data\S.N.Safe&Software
2010-02-03 10:59:57 ----SHD---- C:\Config.Msi
2010-02-03 00:16:36 ----A---- C:\WINDOWS\ban_list.txt
2010-02-03 00:13:02 ----D---- C:\Program Files\Realtek AC97
2010-02-03 00:13:01 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
2010-02-03 00:12:57 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2010-02-03 00:12:57 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2010-02-03 00:12:56 ----A---- C:\WINDOWS\alcupd.exe
2010-02-03 00:12:56 ----A---- C:\WINDOWS\Alcrmv.exe
2010-02-03 00:09:06 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2010-02-02 23:32:50 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-02-02 23:32:50 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\app
2010-02-02 23:32:24 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-02-02 23:32:24 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Dofus 2
2010-02-02 11:03:08 ----D---- C:\Program Files\Dofus 2
2010-02-02 11:03:04 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2010-02-01 18:17:39 ----D---- C:\Documents and Settings\All Users\Application Data\Komity
2010-01-31 23:07:32 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2010-01-31 22:06:25 ----D---- C:\WINDOWS\Minidump
2010-01-31 15:49:46 ----HD---- C:\Documents and Settings\manuel.pamart\Application Data\m
2010-01-31 15:44:20 ----HD---- C:\Documents and Settings\manuel.pamart\Application Data\drivers
2010-01-31 15:19:23 ----D---- C:\Program Files\BoontyGames
2010-01-31 15:19:21 ----D---- C:\Program Files\Boonty
2010-01-27 19:21:17 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\IMVU
2010-01-25 13:16:12 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\IMVUClient
2010-01-25 10:26:35 ----D---- C:\Program Files\MeowMultiSound100
2010-01-22 01:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-01-14 01:34:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-14 01:34:42 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-07 08:47:52 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-01-07 08:46:02 ----D---- C:\Program Files\Winsudate
2010-01-07 08:46:01 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Icones

======List of files/folders modified in the last 1 months======

2010-02-03 17:36:49 ----D---- C:\WINDOWS\system32\drivers
2010-02-03 17:36:49 ----D---- C:\WINDOWS\Sun
2010-02-03 17:28:34 ----D---- C:\WINDOWS\system32
2010-02-03 17:28:31 ----D---- C:\WINDOWS
2010-02-03 17:11:25 ----D---- C:\WINDOWS\Temp
2010-02-03 16:44:46 ----D---- C:\Program Files\Mozilla Firefox
2010-02-03 15:57:11 ----D---- C:\Program Files
2010-02-03 15:22:47 ----D---- C:\WINDOWS\Prefetch
2010-02-03 15:19:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-03 13:53:36 ----D---- C:\Documents and Settings
2010-02-03 13:16:42 ----SHD---- C:\WINDOWS\Installer
2010-02-03 13:15:43 ----D---- C:\Program Files\Google
2010-02-03 12:34:14 ----D---- C:\Program Files\Windows Live Safety Center
2010-02-03 12:12:36 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-03 11:41:48 ----A---- C:\WINDOWS\win.ini
2010-02-03 10:54:31 ----HD---- C:\WINDOWS\inf
2010-02-03 00:13:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-03 00:13:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-03 00:12:55 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-03 00:10:26 ----SD---- C:\Documents and Settings\manuel.pamart\Application Data\Microsoft
2010-02-03 00:08:39 ----RSD---- C:\WINDOWS\assembly
2010-02-02 11:03:08 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-02-02 11:03:07 ----D---- C:\Documents and Settings\manuel.pamart\Application Data\Adobe
2010-02-02 11:03:04 ----D---- C:\Program Files\Fichiers communs
2010-02-02 09:37:23 ----D---- C:\Program Files\Windows Media Player
2010-02-01 18:17:02 ----D---- C:\WINDOWS\system32\DirectX
2010-02-01 18:16:37 ----D---- C:\WINDOWS\WinSxS
2010-01-27 19:13:15 ----D---- C:\Program Files\Astonsoft
2010-01-21 23:32:47 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-21 18:25:18 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-14 09:02:54 ----D---- C:\WINDOWS\AppPatch
2010-01-14 01:34:57 ----A---- C:\WINDOWS\imsins.BAK
2010-01-07 08:47:55 ----AC---- C:\WINDOWS\OEWABLog.txt
2010-01-07 08:46:01 ----D---- C:\Program Files\Internet Explorer
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 is-MHKIVdrv;is-MHKIVdrv; C:\WINDOWS\system32\DRIVERS\61124868.sys [2008-07-08 148496]
R1 SnsCore;SnSCore; C:\WINDOWS\system32\DRIVERS\snscore.sys [2009-11-17 58432]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2006-10-24 170392]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 RTL8187B;TG123g USB Wireless Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187B.sys [2008-11-06 264576]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
S3 ay3krgr8;ay3krgr8; C:\WINDOWS\system32\drivers\ay3krgr8.sys []
S3 ay3krgr8;ay3krgr8; C:\WINDOWS\system32\drivers\ay3krgr8.sys []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-20 3198368]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-07 47360]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2004-03-17 117248]
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-10 124832]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-06-20 65536]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-25 153376]
R2 SafenSec;SafenSec; C:\Program Files\S.N.Safe&Software\Safe'n'Sec\safensec.exe [2009-11-30 1932680]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files\Winsudate\gibsvc.exe [2010-01-07 70896]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-27 135664]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-07-20 127043]
S2 vkservice;VirusKeeper antivirus/antispyware; C:\Program Files\AxBx\VirusKeeper 2010 Pro Evaluation\vk_service.exe [2009-09-24 1121664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-28 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Publicité
Pages : [1] 2 3 ... Fin
Page 1 sur 3 [Fin]

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
79,99 €SSD WD Blue SN550 1 To (NMVe M.2, 2400 Mo/s) à 79,99 €
Valable jusqu'au 22 Janvier

Cdiscount fait une promotion sur le SSD WD Blue SN550 1 To (NMVe M.2) qui passe à 79,99 € alors qu'on le trouve ailleurs à partir de 99 €. Ce SSD utilise une interface M.2 NVMe PCIe Gen3 x 4 pour une connexion simple et des performances exceptionnelles : jusqu’à 2 400 Mo/s en lecture séquentielle et jusqu’à 1 950 Mo/s en écriture séquentielle.

Le SSD est doté de la technologie 3D TLC NAND haute densité offrant une endurance d’écriture durable et assorti d’une garantie de cinq ans.


> Voir l'offre
1199,99 €PC portable 15.6 pouces Dell Inspiron G15 (FHD 120Hz, Core i7, 16Go/512Go, RTX 3060) à 1199,99 €
Valable jusqu'au 19 Janvier

Darty fait une promotion sur le PC portable 15.6 pouces Dell Inspiron G15 qui passe à 1199,99 € au lieu de 1499 €. Ce portable possède un écran Full HD antireflet 120 Hz, un processeur Intel Core i7 10870H, 16 Go de RAM, un SSD NVMe de 512 Go et une carte graphique NVIDIA GeForce RTX 3600 avec 6 Go de mémoire. Avec WiFi 6 et Bluetooth 5.1. Le tout tourne sous Windows 10 que vous pourrez passer à Windows 11.


> Voir l'offre
349,99 €Ecran PC 34 pouces Samsung S34J552WQR ultralarge (WQHD, 4 ms, 75Hz) à 349,99 €
Valable jusqu'au 22 Janvier

Amazon fait une promotion sur l'écran PC 34 pouces Samsung S34J552WQR ultralarge qui passe à 349,99 € au lieu de 399 €. Cet écran possède une dalle VA de résolution 3440x1440 à 75 Hz (compatible FreeSync). La fonction Picture-by-Picture intégrée (PBP) permet l'affichage de deux sources différentes côte à côté à leur résolution native. Entrées HDMI et DP.


> Voir l'offre

Sujets relatifs
Impossible de faire une analyse complet avec Avast
Impossible de déplacer icônes du bureau + problème d'ouverture de dossiers
impossible de faire un scan avec ZHP.
impossible de faire les mise a jour
Impossible de faire ma desinfection !!
Impossible de faire fonctionner Malwarebytes
impossible de faire proprieté du poste de travail!
Problème compte ebay impossible de me connecter
impossible de faire sauvegarde de mes fichiers
Impossible faire mises à jour cause virus
Plus de sujets relatifs à Probleme impossible de faire le dignostic !!!
 > Tous les forums > Forum Sécurité