Votre question

Virus satan.vbe (+ gestionnaire des taches inaccessible )

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
30 Décembre 2011 19:19:49

Bonjour à tous ,
y a pas longtemps un fichier s'est affiché dans une de mes clef USB , satab.vbe . Quand je l'efface il revient tout seul . J'ai fais un scan complet au démarage avec avast mais il est toujours là . mon ordinateur portable commence a faire bien plus de bruits et à se chauffer plus qu'avant .
on m'a dit de télécharger OTL et d'envoyer un rapport . Je vais vous l'envoyer ci joint .

Je vous remercie d'avance pour votre aide

Autres pages sur : virus satan vbe gestionnaire taches inaccessible

30 Décembre 2011 19:31:50

OTL logfile created on: 30/12/2011 19:21:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\geant\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,86 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 57,19% Memory free
7,71 Gb Paging File | 5,69 Gb Available in Paging File | 73,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 250,05 Gb Total Space | 177,20 Gb Free Space | 70,87% Space Free | Partition Type: NTFS
Drive D: | 321,12 Gb Total Space | 291,93 Gb Free Space | 90,91% Space Free | Partition Type: NTFS
Drive R: | 24,98 Gb Total Space | 8,94 Gb Free Space | 35,80% Space Free | Partition Type: FAT32

Computer Name: RASSOUL-PC | User Name: geant | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\geant\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Nonoh.net\Nonoh\Nonoh.exe (Nonoh)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe (asus)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avformat-53.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswcore.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswsysmon.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ResItf.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\cxcmrt.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipsw_cfgmgr.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\LogonStartup.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\iphelper.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswui.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswobj.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswhlp.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswgblset.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswds.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswresmgr.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (BITCOMET_HELPER_SERVICE) -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe (www.BitComet.com)
SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys (Sonix Technology Co., Ltd.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\geant\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)


[2011/11/20 00:54:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\geant\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions
[2011/11/20 00:54:45 | 000,000,000 | ---D | M] (Яндекс.Бар) -- C:\Users\geant\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\yasearch@yandex.ru

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:o riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\geant\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Recherche Google = C:\Users\geant\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Users\geant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2011/10/31 02:04:50 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\geant\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Nonoh] C:\Program Files (x86)\Nonoh.net\Nonoh\Nonoh.exe (Nonoh)
O4 - HKCU..\Run: [Praetorian] C:\Users\geant\AppData\Local\Yandex\Updater\praetorian.exe File not found
O4 - HKCU..\Run: [VkontakteDJ] C:\VkontakteDJ\VkontakteDJ.exe /H File not found
O4 - HKCU..\Run: [wiLink] C:\Program Files (x86)\wiLink\bin\wiLink.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Updates = C:\Users\geant\s4t4n\s4t4n.vbe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 1
O8:64bit: - Extra context menu item: Télécharger avec BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Tout télécharger avec BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Télécharger avec BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Tout télécharger avec BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-wind... (Java Plug-in 1.6.0_29)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-wind... (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-wind... (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15C57D73-6D0A-48F4-804C-3961BC9D3E88}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE50BA76-B439-4C33-88D3-3252416EC64D}: DhcpNameServer = 10.188.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/12/30 14:50:18 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\VCCLSID.exe
[2011/12/30 14:50:18 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\SrchSTS.exe
[2011/12/30 14:50:18 | 000,135,168 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swreg.exe
[2011/12/30 14:50:18 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\VACFix.exe
[2011/12/30 14:50:18 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.exe
[2011/12/30 14:50:18 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.C.exe
[2011/12/30 14:50:18 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\404Fix.exe
[2011/12/30 14:50:18 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\o4Patch.exe
[2011/12/30 14:50:18 | 000,079,360 | ---- | C] (SteelWerX) -- C:\Windows\SysWow64\swxcacls.exe
[2011/12/30 14:50:18 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\Agent.OMZ.Fix.exe
[2011/12/30 14:50:18 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\SysWow64\Process.exe
[2011/12/29 21:19:14 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{97785704-F57B-4298-9AC7-CC96E23C989A}
[2011/12/29 21:19:00 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{AFCE6685-F86C-42B6-A355-4F2ADD141F54}
[2011/12/28 20:51:45 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{27A72A85-80D3-408F-9C88-68D54D9D7164}
[2011/12/28 20:51:32 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{765F8114-EC4C-4052-974F-44728BEA9F82}
[2011/12/27 22:15:52 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{2F3F860B-28CA-449F-8424-B604A91B1947}
[2011/12/27 22:15:39 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{12FE59D1-7FAB-474F-B3BA-B881FCEF0FC4}
[2011/12/26 20:25:26 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{AE04FC0C-1A46-4120-B079-32D67F2401F9}
[2011/12/26 20:25:02 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{A77BB706-28FC-4F2A-96F1-6D43BAF2C9C0}
[2011/12/25 16:09:48 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{1BC65C03-60FF-4868-8360-B76A359C6228}
[2011/12/25 16:09:10 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{03FBA522-16D0-4043-ACC7-F9306D9F5C2F}
[2011/12/25 03:56:51 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{CC9AC74D-1F1A-46F8-8511-FC7A44800F0E}
[2011/12/25 03:56:38 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{E77BD508-D53A-4449-ADE7-8CE8D8F498D0}
[2011/12/24 15:51:32 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{3C9DB9CC-798F-44C0-82E2-3D0319B38451}
[2011/12/24 15:51:20 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{FEFCD993-42CC-44B1-B86B-16FD4119F9BA}
[2011/12/23 22:01:39 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{4D8F3776-5656-4045-AEC2-26542803115D}
[2011/12/23 22:01:28 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{B0025099-08AB-4102-BDE5-061B184F9726}
[2011/12/23 00:11:41 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\geant\Desktop\OTL.exe
[2011/12/22 23:14:23 | 000,000,000 | ---D | C] -- C:\Users\geant\Desktop\Jeux PC
[2011/12/22 04:32:36 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{56AC1993-C98B-4BCC-9EBA-3075371FF015}
[2011/12/22 04:32:24 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{23B84D70-5D1E-4164-9188-4A37E30C7033}
[2011/12/21 16:28:14 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{F22E8DCF-FE53-4E0C-BAB2-833FA2CD5893}
[2011/12/21 16:27:42 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{812A1E3C-83BF-4D6B-825E-C4B6D2C1622D}
[2011/12/20 15:11:28 | 000,000,000 | ---D | C] -- C:\Users\geant\Desktop\Cours
[2011/12/15 16:11:12 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/12/14 13:42:25 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/14 13:42:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/14 13:42:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/14 13:42:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/14 13:42:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/14 13:42:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/14 13:42:22 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/14 13:42:22 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/14 13:42:22 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/14 13:42:21 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/14 13:42:21 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/14 12:46:09 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/14 12:44:40 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/14 12:44:39 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/08 18:23:00 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{A1041B1B-5B4F-44AF-8E03-020DE3D09233}
[2011/12/08 18:22:47 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{3C0E6617-61EC-47AA-B5A6-EBD4603F8DF9}
[2011/12/06 00:43:57 | 000,000,000 | ---D | C] -- C:\Users\geant\Desktop\SecureII
[2011/12/06 00:43:56 | 000,000,000 | ---D | C] -- C:\Users\geant\Desktop\Nouveau dossier (4)
[2011/12/06 00:43:55 | 000,000,000 | ---D | C] -- C:\Users\geant\Desktop\CV
[2011/12/06 00:43:02 | 000,000,000 | ---D | C] -- C:\Users\geant\Desktop\COURS 1ere Année GEA
[2011/12/06 00:43:01 | 000,000,000 | ---D | C] -- C:\Users\geant\Desktop\bureautique
[2011/12/06 00:43:01 | 000,000,000 | ---D | C] -- C:\Users\geant\Desktop\__MACOSX
[2011/12/05 01:16:57 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\Microsoft Games
[2011/12/04 23:05:20 | 000,000,000 | -HSD | C] -- C:\Users\geant\Windows
[2011/12/04 23:05:20 | 000,000,000 | -HSD | C] -- C:\Users\geant\s4t4n
[2011/12/04 13:01:13 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Roaming\AnkamaCertificates
[2011/12/02 19:11:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheating-Death
[2011/12/02 19:10:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheating-Death
[2011/12/02 17:25:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dofus 2
[2011/12/02 12:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/12/02 12:25:02 | 000,304,472 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/12/02 12:25:02 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/12/02 12:24:58 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/12/02 12:24:57 | 000,591,192 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/12/02 12:24:57 | 000,058,712 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/12/02 12:24:53 | 000,066,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/12/02 12:24:40 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/12/02 12:24:40 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/12/01 21:17:17 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{F486924F-18F7-43A6-8F36-4087A007BD89}
[2011/12/01 21:17:04 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{1D4ACC90-618B-47C1-824E-07D55B41B962}
[2011/12/01 08:12:02 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Roaming\FLEXnet
[2011/12/01 08:12:01 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Roaming\Nuance
[2011/12/01 08:11:58 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Roaming\Zeon
[2011/12/01 00:54:15 | 000,000,000 | ---D | C] -- C:\Users\geant\AppData\Local\{72AA0A6A-B8C0-4EFD-9BB7-6593B4E696A6}

========== Files - Modified Within 30 Days ==========

[2011/12/30 18:31:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2160658884-1236480440-2057630873-1000UA.job
[2011/12/30 18:25:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/30 17:38:13 | 000,000,008 | ---- | M] () -- C:\Users\geant\AppData\Roaming\DofusAppId0_1
[2011/12/30 17:38:06 | 000,000,008 | ---- | M] () -- C:\Users\geant\AppData\Roaming\DofusAppId0_3
[2011/12/30 17:29:52 | 000,000,169 | ---- | M] () -- C:\Users\geant\AppData\Roaming\D2Info0
[2011/12/30 17:04:24 | 000,000,008 | ---- | M] () -- C:\Users\geant\AppData\Roaming\DofusAppId0_2
[2011/12/30 15:05:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/30 15:05:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/30 14:58:01 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/30 14:57:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/30 14:57:33 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/30 14:56:11 | 000,003,456 | ---- | M] () -- C:\Windows\SysWow64\tmp.reg
[2011/12/30 14:53:41 | 000,007,625 | ---- | M] () -- C:\Users\geant\AppData\Local\Resmon.ResmonCfg
[2011/12/29 21:31:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2160658884-1236480440-2057630873-1000Core.job
[2011/12/27 19:35:02 | 000,089,048 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/12/26 14:02:49 | 000,015,960 | ---- | M] () -- C:\Users\geant\Desktop\Correction DS2 janvier 2011.pdf
[2011/12/26 14:02:40 | 000,025,476 | ---- | M] () -- C:\Users\geant\Desktop\DS2 janvier 2011.pdf
[2011/12/25 15:13:50 | 1470,455,808 | ---- | M] () -- C:\Users\geant\Desktop\``[SbK]´´M0n3yb@ll.2011.(Fr)L1b3rtyl@nd.tv.avi
[2011/12/23 00:11:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\geant\Desktop\OTL.exe
[2011/12/23 00:02:29 | 001,693,982 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/23 00:02:29 | 000,757,162 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011/12/23 00:02:29 | 000,664,004 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/23 00:02:29 | 000,152,730 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011/12/23 00:02:29 | 000,125,018 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/15 17:55:21 | 000,000,008 | ---- | M] () -- C:\Users\geant\AppData\Roaming\DofusAppId0_4
[2011/12/14 16:34:59 | 000,275,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/09 20:10:48 | 000,065,298 | ---- | M] () -- C:\Users\geant\Desktop\373915_2496876380208_1201813318_32298965_460352409_n.jpg
[2011/12/08 01:09:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/12/02 17:17:27 | 001,082,211 | ---- | M] () -- C:\Users\geant\Desktop\IMG_0116.JPG
[2011/12/02 17:17:14 | 001,095,142 | ---- | M] () -- C:\Users\geant\Desktop\IMG_0115.JPG
[2011/11/30 20:26:38 | 1469,509,632 | ---- | M] () -- C:\Users\geant\Desktop\.1.DAy.2011.French.2.CD's..avi
[2011/11/30 20:06:49 | 733,822,976 | ---- | M] () -- C:\Users\geant\Desktop\Spitfire.(2011.French).avi
[2011/11/30 19:28:32 | 733,763,584 | ---- | M] () -- C:\Users\geant\Desktop\THE NOTEBOOK.avi

========== Files Created - No Company Name ==========

[2011/12/30 14:50:49 | 000,003,456 | ---- | C] () -- C:\Windows\SysWow64\tmp.reg
[2011/12/30 14:50:18 | 000,075,776 | ---- | C] () -- C:\Windows\SysWow64\WS2Fix.exe
[2011/12/30 14:50:18 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\dumphive.exe
[2011/12/30 14:50:18 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\swsc.exe
[2011/12/28 23:29:35 | 004,153,472 | ---- | C] () -- C:\Users\geant\Desktop\My immortal.mp3
[2011/12/27 19:35:02 | 000,089,048 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/12/26 14:02:51 | 000,015,960 | ---- | C] () -- C:\Users\geant\Desktop\Correction DS2 janvier 2011.pdf
[2011/12/26 14:02:46 | 000,025,476 | ---- | C] () -- C:\Users\geant\Desktop\DS2 janvier 2011.pdf
[2011/12/25 23:07:43 | 1470,455,808 | ---- | C] () -- C:\Users\geant\Desktop\``[SbK]´´M0n3yb@ll.2011.(Fr)L1b3rtyl@nd.tv.avi
[2011/12/22 23:24:00 | 721,012,736 | ---- | C] () -- C:\Users\geant\Desktop\Valkyrie.avi
[2011/12/22 23:23:52 | 730,619,904 | ---- | C] () -- C:\Users\geant\Desktop\The.Lost.Bladesman.(2011.french[SbK]).avi
[2011/12/22 23:23:40 | 733,242,368 | ---- | C] () -- C:\Users\geant\Desktop\Un jour sans fin.by_PQOI.avi
[2011/12/22 23:23:31 | 733,763,584 | ---- | C] () -- C:\Users\geant\Desktop\THE NOTEBOOK.avi
[2011/12/22 23:23:06 | 730,185,728 | ---- | C] () -- C:\Users\geant\Desktop\The Big Lebowsky.avi
[2011/12/22 23:22:55 | 733,822,976 | ---- | C] () -- C:\Users\geant\Desktop\Spitfire.(2011.French).avi
[2011/12/22 23:22:38 | 732,555,264 | ---- | C] () -- C:\Users\geant\Desktop\Requiem for a Dream.avi
[2011/12/22 23:22:31 | 728,143,872 | ---- | C] () -- C:\Users\geant\Desktop\Pulp Fiction.avi
[2011/12/22 23:22:20 | 735,178,752 | ---- | C] () -- C:\Users\geant\Desktop\Mafia Blues 2.avi
[2011/12/22 23:21:45 | 739,246,080 | ---- | C] () -- C:\Users\geant\Desktop\heat.avi
[2011/12/22 23:21:11 | 1469,509,632 | ---- | C] () -- C:\Users\geant\Desktop\.1.DAy.2011.French.2.CD's..avi
[2011/12/15 16:11:12 | 000,000,008 | ---- | C] () -- C:\Users\geant\AppData\Roaming\DofusAppId0_4
[2011/12/09 20:10:53 | 000,065,298 | ---- | C] () -- C:\Users\geant\Desktop\373915_2496876380208_1201813318_32298965_460352409_n.jpg
[2011/12/02 20:39:28 | 000,007,625 | ---- | C] () -- C:\Users\geant\AppData\Local\Resmon.ResmonCfg
[2011/12/02 17:18:35 | 001,095,142 | ---- | C] () -- C:\Users\geant\Desktop\IMG_0115.JPG
[2011/12/02 17:18:34 | 001,082,211 | ---- | C] () -- C:\Users\geant\Desktop\IMG_0116.JPG
[2011/11/12 22:32:10 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2011/11/12 22:32:10 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2011/11/12 22:32:09 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\vp6install.exe
[2011/11/04 19:14:19 | 000,000,008 | ---- | C] () -- C:\Users\geant\AppData\Roaming\DofusAppId0_3
[2011/11/03 18:17:51 | 000,000,008 | ---- | C] () -- C:\Users\geant\AppData\Roaming\DofusAppId0_1
[2011/11/03 18:10:38 | 000,000,169 | ---- | C] () -- C:\Users\geant\AppData\Roaming\D2Info0
[2011/11/03 18:10:38 | 000,000,008 | ---- | C] () -- C:\Users\geant\AppData\Roaming\DofusAppId0_2
[2011/11/01 23:32:57 | 001,672,528 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/25 01:44:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/10/25 01:42:37 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/04/13 03:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011/04/08 04:50:48 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2009/07/29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/02/26 07:50:32 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config

========== LOP Check ==========

[2011/12/04 13:01:13 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\AnkamaCertificates
[2011/11/03 18:10:40 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\app
[2011/10/28 01:58:25 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\ASUS WebStorage
[2011/12/02 19:13:37 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\BitComet
[2011/11/01 23:30:34 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\CometPlayer
[2011/11/02 00:24:10 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\DAEMON Tools Lite
[2011/12/30 04:29:56 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Dofus 2
[2011/11/03 18:10:38 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/11/04 19:14:19 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/12/15 16:11:12 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/11/03 18:17:51 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/11/19 14:35:09 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Nonoh
[2011/12/01 08:12:01 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Nuance
[2011/11/20 00:54:36 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Opera
[2011/10/31 03:14:13 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\redsn0w
[2011/11/03 18:10:40 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/11/12 22:34:49 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Sierra
[2011/12/26 03:27:58 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\SoftGrid Client
[2011/11/01 20:23:10 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\tigerplayer
[2011/11/01 23:34:12 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\TP
[2011/11/08 19:27:33 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Uniblue
[2011/11/20 00:55:26 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\VKDJ
[2011/10/29 05:46:09 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Windows Live Writer
[2011/12/02 20:40:07 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Yandex
[2011/12/01 08:11:58 | 000,000,000 | ---D | M] -- C:\Users\geant\AppData\Roaming\Zeon
[2011/12/29 21:31:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2160658884-1236480440-2057630873-1000Core.job
[2011/12/30 18:31:02 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2160658884-1236480440-2057630873-1000UA.job
[2011/12/26 11:17:03 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/12/28 23:30:56 | 001,024,678 | ---- | C] ()(C:\Users\geant\Desktop\?1???? .amr) -- C:\Users\geant\Desktop\Т1ИЛДШ .amr
[2010/08/05 11:03:56 | 001,024,678 | ---- | M] ()(C:\Users\geant\Desktop\?1???? .amr) -- C:\Users\geant\Desktop\Т1ИЛДШ .amr

========== Alternate Data Streams ==========

@Alternate Data Stream - 184 bytes -> C:\HiddenBootMount:$WIMMOUNTDATA
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:52DBE86F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:D 20FFA63

< End of report >
m
0
l
30 Décembre 2011 19:32:24

OTL Extras logfile created on: 30/12/2011 19:21:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\geant\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,86 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 57,19% Memory free
7,71 Gb Paging File | 5,69 Gb Available in Paging File | 73,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 250,05 Gb Total Space | 177,20 Gb Free Space | 70,87% Space Free | Partition Type: NTFS
Drive D: | 321,12 Gb Total Space | 291,93 Gb Free Space | 90,91% Space Free | Partition Type: NTFS
Drive R: | 24,98 Gb Total Space | 8,94 Gb Free Space | 35,80% Space Free | Partition Type: FAT32

Computer Name: RASSOUL-PC | User Name: geant | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cmd [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cpl [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.inf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.ini [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.url [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.js [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.jse [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.pif [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.vbe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.vbs [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- Reg Error: Key error.
batfile [open] -- Reg Error: Key error.
batfile [print] -- Reg Error: Key error.
chm.file [open] -- Reg Error: Key error.
cmdfile [edit] -- Reg Error: Key error.
cmdfile [open] -- Reg Error: Key error.
cmdfile [print] -- Reg Error: Key error.
comfile [open] -- Reg Error: Key error.
cplfile [cplopen] -- Reg Error: Key error.
exefile [open] -- Reg Error: Key error.
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- Reg Error: Key error.
htafile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- Reg Error: Key error.
inffile [open] -- Reg Error: Key error.
inffile [print] -- Reg Error: Key error.
inifile [open] -- Reg Error: Key error.
inifile [print] -- Reg Error: Key error.
InternetShortcut [open] -- Reg Error: Key error.
InternetShortcut [print] -- Reg Error: Key error.
jsfile [edit] -- Reg Error: Key error.
jsfile [open] -- Reg Error: Key error.
jsfile [print] -- Reg Error: Key error.
jsefile [edit] -- Reg Error: Key error.
jsefile [open] -- Reg Error: Key error.
jsefile [print] -- Reg Error: Key error.
piffile [open] -- Reg Error: Key error.
regfile [edit] -- Reg Error: Key error.
regfile [open] -- Reg Error: Key error.
regfile [merge] -- Reg Error: Key error.
regfile [print] -- Reg Error: Key error.
scrfile [config] -- Reg Error: Key error.
scrfile [install] -- Reg Error: Key error.
scrfile [open] -- Reg Error: Key error.
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- Reg Error: Key error.
txtfile [print] -- Reg Error: Key error.
txtfile [printto] -- Reg Error: Key error.
vbefile [edit] -- Reg Error: Key error.
vbefile [open] -- Reg Error: Key error.
vbefile [print] -- Reg Error: Key error.
vbsfile [edit] -- Reg Error: Key error.
vbsfile [open] -- Reg Error: Key error.
vbsfile [print] -- Reg Error: Key error.
wsffile [edit] -- Reg Error: Key error.
wsffile [open] -- Reg Error: Key error.
wsffile [print] -- Reg Error: Key error.
wshfile [open] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Folder [open] -- Reg Error: Key error.
Folder [explore] -- Reg Error: Key error.
Drive [find] -- Reg Error: Key error.
Applications\iexplore.exe [open] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{2998191E-A35E-47E2-BE38-7702C731D722}" = SRS Premium Sound Control Panel
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3CE222BA-66A6-4D18-BEE9-5D21C5798C3E}" = Windows Live Family Safety
"{3D7F836A-AE1F-4FA6-8DB9-4FE06697AB0A}" = Windows Live Family Safety
"{3E776E7A-F4C3-4A89-8EAD-535E722C8397}" = Windows Live Family Safety
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{53375A2B-FE08-42B6-8EB8-16818CD27B2C}" = Windows Live Family Safety
"{583EE643-CF83-A1F2-A90F-ADB75F7B532D}" = ATI Catalyst Install Manager
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{63919769-655A-48A8-AD6C-39B471F683ED}" = Windows Live Family Safety
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DDCFF78-6F91-438C-9567-C5CAA9D7F56C}" = Windows Live Family Safety
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-040C-1000-0000000FF1CE}" = Microsoft Office « Démarrer en un clic » 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{A39AE3AE-9808-39D2-AB7B-FF5F0335095E}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ACF2B885-BBDB-6DC9-8469-71AEAAF80496}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B36055BF-5F0E-4EAB-804D-9203DFB34ADC}" = Windows Live Family Safety
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BEE7DC03-E310-8AD4-F45D-B5A5163F697F}" = ATI AVIVO64 Codecs
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E60F14FA-E114-4F25-AEE0-33FE9EC9B1C3}" = Windows Live Family Safety
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F11009B0-F4DB-463B-B717-5266E47498AA}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"Elantech" = ETDWare PS/2-x64 7.0.5.16_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"USB2.0 UVC VGA WebCam" = USB2.0 UVC VGA WebCam

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{094FFEEE-A373-34AE-6BDD-DEA32B48C726}" = Catalyst Control Center InstallProxy
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0DF28A6E-A72B-85B0-48C9-990FD63EA176}" = CCC Help Turkish
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1BD51F9B-5306-F4DC-21B6-DFF0071C2075}" = CCC Help Polish
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{280CF8DE-D980-1CB9-50BD-EA8B352B34CB}" = CCC Help Japanese
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{342997EA-A365-D0CE-6398-51FA82684BBE}" = CCC Help English
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4639068E-09AE-31C6-5617-7BBDC337F3A1}" = CCC Help Korean
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4CA28B46-276B-B71D-F8F3-24D71E2B0EFC}" = CCC Help Chinese Standard
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F9BE8FA-50D3-9528-FFFD-AF1EEB43589C}" = CCC Help Norwegian
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6B0F9EE2-6044-CD5C-AA72-3DD14169BB9E}" = CCC Help German
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6F94B707-E02E-926A-265A-C6FE9A2341DF}" = Catalyst Control Center Localization All
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E50C69-B330-47BA-8BA3-FA0B73B50E2F}" = CCC Help Dutch
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{76669BC4-5547-5B50-53C0-C061C198F077}" = ccc-core-static
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{783168D6-A0FD-95FD-1566-DE713F657B31}" = Catalyst Control Center Graphics Previews Vista
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80B014E0-824D-D0AE-3FE0-545E03C68C13}" = CCC Help Russian
"{81BEA2F5-4F9B-4AF5-A9B2-3210F71931D3}" = Catalyst Control Center - Branding
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86DF393B-85DC-C979-015E-16F653D519FA}" = CCC Help Chinese Traditional
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140011-0066-040C-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Français
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{937BCC13-53F9-84E0-8F21-56F736132E3D}" = CCC Help Thai
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{98A6D1FB-7A75-EFE4-300C-925997829A26}" = CCC Help Italian
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2149B0A-60C2-D0CD-0BE4-E61207977EF8}" = CCC Help Finnish
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A4692B7D-06B6-CE18-3263-6C6A6D0A3523}" = Catalyst Control Center Graphics Previews Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8608C12-5A96-B569-8FD7-119E0A5C9F6F}" = CCC Help Spanish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B3E55EDC-69C4-0E25-915B-E62AF7D4C66D}" = CCC Help Portuguese
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B967BF4F-7862-F925-C4ED-87D30C7B3202}" = CCC Help Greek
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BB6BCE21-FB0C-65AA-41DD-DA5C4D7CF8B1}" = CCC Help French
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CDF915E6-B46E-D09A-430A-4E1EDB6B8006}" = CCC Help Hungarian
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D16F6061-E568-7C91-A442-9A0999B7858B}" = CCC Help Danish
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9ED2CE0-D7D8-EDE1-78B9-93F4943B1E49}" = CCC Help Swedish
"{EC424449-9726-17B6-F320-3E19771FB7CC}" = CCC Help Czech
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires 3 Trilogy_is1" = 0.6.7.9
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"avast" = avast! Free Antivirus
"BitComet" = BitComet 1.29
"Bookworm Deluxe" = Bookworm Deluxe
"Cooking Dash" = Cooking Dash
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"Governor of Poker" = Governor of Poker
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"Jewel Quest 3" = Jewel Quest 3
"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN
"Luxor 3" = Luxor 3
"Mahjongg dimensions" = Mahjongg dimensions
"MpcStar" = MpcStar 5.3
"Nonoh_is1" = Nonoh
"Office14.Click2Run" = Microsoft Office « Démarrer en un clic » 2010
"Plants vs Zombies" = Plants vs Zombies
"VLC media player" = VLC media player 1.1.11
"vShare.tv plugin" = vShare.tv plugin 1.3
"wiLink" = wiLink
"WinLiveSuite" = Windows Live
"WinRAR archiver" = WinRAR 4.01 (32 bits)
"World of Goo" = World of Goo

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15/12/2011 12:55:35 | Computer Name = Rassoul-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1014

Error - 15/12/2011 12:55:36 | Computer Name = Rassoul-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 15/12/2011 12:55:36 | Computer Name = Rassoul-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2059

Error - 15/12/2011 12:55:36 | Computer Name = Rassoul-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2059

Error - 15/12/2011 13:02:00 | Computer Name = Rassoul-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 15/12/2011 13:02:00 | Computer Name = Rassoul-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 385868

Error - 15/12/2011 13:02:00 | Computer Name = Rassoul-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 385868

Error - 15/12/2011 13:02:01 | Computer Name = Rassoul-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 15/12/2011 13:02:01 | Computer Name = Rassoul-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 386867

Error - 15/12/2011 13:02:01 | Computer Name = Rassoul-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 386867

[ System Events ]
Error - 21/12/2011 14:19:17 | Computer Name = Rassoul-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 21/12/2011 14:19:17 | Computer Name = Rassoul-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 25/12/2011 14:29:59 | Computer Name = Rassoul-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 25/12/2011 14:30:00 | Computer Name = Rassoul-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 25/12/2011 14:30:00 | Computer Name = Rassoul-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 25/12/2011 14:30:01 | Computer Name = Rassoul-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 26/12/2011 06:17:46 | Computer Name = Rassoul-PC | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la réponse transactionnelle du service iphlpsvc.

Error - 26/12/2011 06:18:16 | Computer Name = Rassoul-PC | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la réponse transactionnelle du service LanmanServer.

Error - 26/12/2011 06:18:16 | Computer Name = Rassoul-PC | Source = Service Control Manager | ID = 7000
Description = Le service Serveur n’a pas pu démarrer en raison de l’erreur : %%1053

Error - 26/12/2011 06:25:25 | Computer Name = Rassoul-PC | Source = Service Control Manager | ID = 7024
Description = Le service Explorateur d’ordinateurs s’est arrêté avec l’erreur service
particulière %%2331.


< End of report >
m
0
l
Contenus similaires
a c 620 8 Sécurité
31 Décembre 2011 15:53:21

Bonjour,

On va regarder pour le ver USB, par contre niveau bruit, c'est ça :
Citation :
Error - 25/12/2011 14:30:01 | Computer Name = Rassoul-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.


Tu as des erreurs sur le disque dur, donc possible souci matériel, comme un disque dur qui commence à flancher.
Je t'invite donc fortement à sauvegarder tes données rapidement, au cas où ...

Pour le reste :

Télécharge UsbFix (de El Desaparecido) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes les applications en cours /!\
/!\ Branche tous tes périphériques ayant pu être infectés (clés usb, disque dur externe, etc ...) /!\


  • Double-clique sur "UsbFix" pour lancer le programme
    (Utilisateur de Vista/Windows 7, clique-droit sur UsbFix > Exécuter en tant qu'administrateur)
  • Clique sur "Recherche" pour lancer le scan. Branche tes périphériques si ce n'est pas fait, puis valide l'avertissement.
  • Laisse travailler l'outil.
  • A la fin, un rapport apparaitra (sinon, il est situé ici C:\Usbfix.txt). Poste-le dans ta prochaine réponse


    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    m
    0
    l
    31 Décembre 2011 16:38:09

    ############################## | UsbFix V 7.077 | [Recherche]

    Utilisateur: geant (Administrateur) # RASSOUL-PC
    Mis à jour le 28/12/2011 par El Desaparecido
    Lancé à 16:33:09 | 31/12/2011

    Site Web: http://eldesaparecido.com
    Fichier suspect ? : http://eldesaparecido.com/upload.html
    Contact: contact@eldesaparecido.com

    PC: ASUSTeK Computer Inc. (K72JT) (x64-based PC) # Notebook
    CPU: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz (2667)
    RAM -> [ Total : 3949 | Free : 2484 ]
    BIOS: BIOS Date: 10/30/09 15:13:23 Ver: 08.00.10
    BOOT: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
    WB: Windows Internet Explorer 9.0.8112.16421

    SC: Security Center Service [ Enabled ]
    WU: Windows Update Service [ Enabled ]
    AV: avast! Antivirus [ Enabled | Updated ]
    FW: Windows FireWall Service [ Enabled ]

    C:\ (%systemdrive%) -> Disque fixe # 250 Go (177 Go libre(s) - 71%) [OS] # NTFS
    D:\ -> Disque fixe # 321 Go (292 Go libre(s) - 91%) [Data] # NTFS
    E:\ -> CD-ROM
    F:\ -> CD-ROM
    G:\ -> Disque amovible # 4 Go (3 Go libre(s) - 77%) [Lexar] # FAT32
    R:\ -> Disque fixe # 25 Go (9 Go libre(s) - 36%) [RECOVERY] # FAT32

    ################## | Processus Actif |

    C:\Windows\system32\csrss.exe (476)
    C:\Windows\system32\wininit.exe (544)
    C:\Windows\system32\csrss.exe (568)
    C:\Windows\system32\services.exe (612)
    C:\Windows\system32\lsass.exe (628)
    C:\Windows\system32\lsm.exe (636)
    C:\Windows\system32\svchost.exe (736)
    C:\Windows\system32\svchost.exe (828)
    C:\Windows\system32\atiesrxx.exe (876)
    C:\Windows\system32\winlogon.exe (924)
    C:\Windows\System32\svchost.exe (968)
    C:\Windows\System32\svchost.exe (1012)
    C:\Windows\system32\svchost.exe (392)
    C:\Windows\system32\svchost.exe (1036)
    C:\Windows\system32\atieclxx.exe (1164)
    C:\Windows\system32\svchost.exe (1212)
    C:\Windows\system32\FBAgent.exe (1404)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (1432)
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (1472)
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1504)
    C:\Windows\System32\spoolsv.exe (2000)
    C:\Windows\system32\svchost.exe (2040)
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1668)
    C:\Program Files\Bonjour\mDNSResponder.exe (1948)
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (2140)
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (2184)
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (2480)
    C:\Windows\system32\svchost.exe (2500)
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2536)
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2596)
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2668)
    C:\Windows\system32\wbem\wmiprvse.exe (2948)
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3032)
    C:\Windows\system32\svchost.exe (3232)
    C:\Windows\system32\taskhost.exe (3664)
    C:\Windows\system32\taskeng.exe (3676)
    C:\Windows\system32\Dwm.exe (3740)
    C:\Windows\Explorer.EXE (3764)
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe (3904)
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (3916)
    C:\Program Files\P4G\BatteryLife.exe (3924)
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (3932)
    C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe (3940)
    C:\Windows\AsScrPro.exe (4088)
    C:\Windows\System32\WScript.exe (1632)
    C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (1244)
    C:\Program Files\Elantech\ETDCtrl.exe (3380)
    C:\Windows\vsnp2uvc.exe (2784)
    C:\Windows\system32\svchost.exe (1956)
    C:\Program Files\Elantech\ETDCtrlHelper.exe (944)
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe (1584)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (3436)
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (4124)
    C:\Windows\system32\wbem\wmiprvse.exe (4144)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (4308)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (4324)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (4332)
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (4436)
    C:\Windows\system32\SearchIndexer.exe (4160)
    C:\Program Files\Windows Media Player\wmpnetwk.exe (692)
    C:\Windows\System32\svchost.exe (4476)
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe (3024)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (5192)
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (5204)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (5212)
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (5220)
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (5228)
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe (5244)
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (5340)
    C:\Program Files\AVAST Software\Avast\AvastUI.exe (5348)
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (5592)
    C:\Program Files\iPod\bin\iPodService.exe (5632)
    C:\Windows\system32\DllHost.exe (5940)
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (5444)
    C:\Windows\System32\svchost.exe (5736)
    C:\Windows\system32\svchost.exe (6332)
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe (6800)
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (7044)
    C:\Windows\system32\WUDFHost.exe (6752)
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (824)
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5752)
    C:\Windows\SysWOW64\rundll32.exe (6456)
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5956)
    C:\UsbFix\Go.exe (6792)
    C:\Windows\system32\WUDFHost.exe (696)
    C:\Windows\SysWOW64\DllHost.exe (2980)

    ################## | Éléments infectieux |

    Présent! C:\Users\geant\AppData\Local\Temp\b.bat

    ################## | Registre |

    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFolderOptions
    Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Updates

    ################## | Mountpoints2 |



    ################## | Vaccin |

    (!) Cet ordinateur n'est pas vacciné!

    ################## | E.O.F |
    m
    0
    l
    31 Décembre 2011 16:40:13

    Pour sauvegarder les données , faudrait enlever le virus d'abord non ?
    m
    0
    l
    a c 620 8 Sécurité
    31 Décembre 2011 17:41:59

    Re,

    Ouais mais franchement y'a rien de réellement viral là à première vue ...

    Il est toujours détecté le ver satan.vbe ?


    Télécharge UsbFix (de El Desaparecido ) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
    /!\ Branche tous tes périphériques ayant pu être infectés (clés usb, disque dur externe, etc ...) /!\


  • Double-clique sur "UsbFix" pour lancer le programme
    (Utilisateur de Vista/Windows 7, clique-droit sur UsbFix > Exécuter en tant qu'administrateur)
  • Clique sur "Suppression" pour lancer le nettoyage. Branche tes périphériques si ce n'est pas fait, puis valide l'avertissement.
  • Laisse travailler l'outil, ton bureau va disparaitre, c'est normal.
  • S'il te demande d'envoyer un fichier .zip, accepte.
  • A la fin, un rapport apparaitra (sinon, il est situé ici C:\Usbfix.txt). Poste-le dans ta prochaine réponse


    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.


    Télécharge MalwareByte's Anti-Malware :

  • Installe le programme (aide ici)
  • Lance-le et met à jour la base de définition.

  • Choisi ensuite "Exécuter un examen complet" puis "Rechercher"
  • Sélectionne les disques dur et clique sur "Lancer l'examen"
  • Laisse l'analyse se faire (cela peut durer longtemps).
  • A la fin, vérifie que les éléments trouvés soient coché (dans "Résultat de l'examen).
  • Puis clique sur "Supprimer la sélection" en bas.
  • Un redémarrage peut être nécessaire.

  • Un rapport va s'afficher, enregistre-le sur ton bureau.
  • ou sinon, après le démarrage, il se trouvera dans "Rapports/logs"
    m
    0
    l
    31 Décembre 2011 18:15:17

    ############################## | UsbFix V 7.077 | [Suppression]

    Utilisateur: geant (Administrateur) # RASSOUL-PC
    Mis à jour le 28/12/2011 par El Desaparecido
    Lancé à 18:06:22 | 31/12/2011

    Site Web: http://eldesaparecido.com
    Fichier suspect ? : http://eldesaparecido.com/upload.html
    Contact: contact@eldesaparecido.com

    PC: ASUSTeK Computer Inc. (K72JT) (x64-based PC) # Notebook
    CPU: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz (2667)
    RAM -> [ Total : 3949 | Free : 2236 ]
    BIOS: BIOS Date: 10/30/09 15:13:23 Ver: 08.00.10
    BOOT: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
    WB: Windows Internet Explorer 9.0.8112.16421

    SC: Security Center Service [ Enabled ]
    WU: Windows Update Service [ Enabled ]
    AV: avast! Antivirus [ Enabled | Updated ]
    FW: Windows FireWall Service [ Enabled ]

    C:\ (%systemdrive%) -> Disque fixe # 250 Go (176 Go libre(s) - 70%) [OS] # NTFS
    D:\ -> Disque fixe # 321 Go (292 Go libre(s) - 91%) [Data] # NTFS
    E:\ -> CD-ROM
    F:\ -> CD-ROM
    G:\ -> Disque amovible # 4 Go (3 Go libre(s) - 77%) [Lexar] # FAT32
    R:\ -> Disque fixe # 25 Go (9 Go libre(s) - 36%) [RECOVERY] # FAT32

    ################## | Processus Actif |

    C:\Windows\system32\csrss.exe (476)
    C:\Windows\system32\wininit.exe (544)
    C:\Windows\system32\csrss.exe (568)
    C:\Windows\system32\services.exe (612)
    C:\Windows\system32\lsass.exe (628)
    C:\Windows\system32\lsm.exe (636)
    C:\Windows\system32\svchost.exe (736)
    C:\Windows\system32\svchost.exe (828)
    C:\Windows\system32\atiesrxx.exe (876)
    C:\Windows\system32\winlogon.exe (924)
    C:\Windows\System32\svchost.exe (968)
    C:\Windows\System32\svchost.exe (1012)
    C:\Windows\system32\svchost.exe (392)
    C:\Windows\system32\svchost.exe (1036)
    C:\Windows\system32\atieclxx.exe (1164)
    C:\Windows\system32\svchost.exe (1212)
    C:\Windows\system32\FBAgent.exe (1404)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (1432)
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (1472)
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1504)
    C:\Windows\System32\spoolsv.exe (2000)
    C:\Windows\system32\svchost.exe (2040)
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1668)
    C:\Program Files\Bonjour\mDNSResponder.exe (1948)
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (2140)
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (2184)
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (2480)
    C:\Windows\system32\svchost.exe (2500)
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2536)
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2596)
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2668)
    C:\Windows\system32\wbem\wmiprvse.exe (2948)
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3032)
    C:\Windows\system32\svchost.exe (3232)
    C:\Windows\system32\taskhost.exe (3664)
    C:\Windows\system32\taskeng.exe (3676)
    C:\Windows\system32\Dwm.exe (3740)
    C:\Windows\Explorer.EXE (3764)
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe (3904)
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (3916)
    C:\Program Files\P4G\BatteryLife.exe (3924)
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (3932)
    C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe (3940)
    C:\Windows\AsScrPro.exe (4088)
    C:\Windows\System32\WScript.exe (1632)
    C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (1244)
    C:\Program Files\Elantech\ETDCtrl.exe (3380)
    C:\Windows\vsnp2uvc.exe (2784)
    C:\Windows\system32\svchost.exe (1956)
    C:\Program Files\Elantech\ETDCtrlHelper.exe (944)
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe (1584)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (3436)
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (4124)
    C:\Windows\system32\wbem\wmiprvse.exe (4144)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (4308)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (4324)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (4332)
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (4436)
    C:\Windows\system32\SearchIndexer.exe (4160)
    C:\Program Files\Windows Media Player\wmpnetwk.exe (692)
    C:\Windows\System32\svchost.exe (4476)
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe (3024)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (5192)
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (5204)
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (5212)
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (5220)
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (5228)
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe (5244)
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (5340)
    C:\Program Files\AVAST Software\Avast\AvastUI.exe (5348)
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (5592)
    C:\Program Files\iPod\bin\iPodService.exe (5632)
    C:\Windows\system32\DllHost.exe (5940)
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (5444)
    C:\Windows\System32\svchost.exe (5736)
    C:\Windows\system32\svchost.exe (6332)
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe (6800)
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (7044)
    C:\Windows\system32\WUDFHost.exe (6304)
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1704)
    C:\Windows\SysWOW64\rundll32.exe (6728)
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3732)
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (4556)
    C:\Windows\system32\WUDFHost.exe (4960)
    C:\UsbFix\Go.exe (2872)

    ################## | Processus Stoppés |

    Stoppé! C:\Windows\system32\atiesrxx.exe (876)
    Stoppé! C:\Windows\system32\atieclxx.exe (1164)
    Stoppé! C:\Windows\system32\FBAgent.exe (1404)
    Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (1432)
    Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (1472)
    Stoppé! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1504)
    Stoppé! C:\Windows\System32\spoolsv.exe (2000)
    Stoppé! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1668)
    Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (1948)
    Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (2140)
    Stoppé! C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (2184)
    Stoppé! C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (2480)
    Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2536)
    Stoppé! C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2596)
    Stoppé! C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3032)
    Stoppé! C:\Windows\system32\taskhost.exe (3664)
    Stoppé! C:\Windows\system32\taskeng.exe (3676)
    Stoppé! C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe (3904)
    Stoppé! C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (3916)
    Stoppé! C:\Program Files\P4G\BatteryLife.exe (3924)
    Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (3932)
    Stoppé! C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe (3940)
    Stoppé! C:\Windows\AsScrPro.exe (4088)
    Stoppé! C:\Windows\System32\WScript.exe (1632)
    Stoppé! C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (1244)
    Stoppé! C:\Program Files\Elantech\ETDCtrl.exe (3380)
    Stoppé! C:\Windows\vsnp2uvc.exe (2784)
    Stoppé! C:\Program Files\Elantech\ETDCtrlHelper.exe (944)
    Stoppé! C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe (1584)
    Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (3436)
    Stoppé! C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (4124)
    Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (4308)
    Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (4324)
    Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (4332)
    Stoppé! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (4436)
    Stoppé! C:\Windows\system32\SearchIndexer.exe (4160)
    Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (692)
    Stoppé! C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe (3024)
    Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (5192)
    Stoppé! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (5204)
    Stoppé! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (5212)
    Stoppé! C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (5220)
    Stoppé! C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (5228)
    Stoppé! C:\Program Files (x86)\CyberLink\Shared files\brs.exe (5244)
    Stoppé! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (5340)
    Stoppé! C:\Program Files\AVAST Software\Avast\AvastUI.exe (5348)
    Stoppé! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (5592)
    Stoppé! C:\Program Files\iPod\bin\iPodService.exe (5632)
    Stoppé! C:\Windows\system32\DllHost.exe (5940)
    Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (5444)
    Stoppé! C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe (6800)
    Stoppé! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (7044)
    Stoppé! C:\Windows\system32\WUDFHost.exe (6304)
    Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1704)
    Stoppé! C:\Windows\SysWOW64\rundll32.exe (6728)
    Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3732)
    Stoppé! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (4556)
    Stoppé! C:\Windows\system32\WUDFHost.exe (4960)
    Stoppé! C:\Windows\system32\taskhost.exe (6564)

    ################## | Éléments infectieux |

    Supprimé! C:\Users\geant\AppData\Local\Temp\b.bat
    Supprimé! C:\$RECYCLE.BIN\S-1-5-20
    Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2160658884-1236480440-2057630873-1000
    Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2160658884-1236480440-2057630873-500
    Supprimé! D:\$RECYCLE.BIN\S-1-5-21-2160658884-1236480440-2057630873-1000
    Supprimé! D:\$RECYCLE.BIN\S-1-5-21-2160658884-1236480440-2057630873-500
    Supprimé! G:\autorun.inf
    Supprimé! G:\satan.vbe

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
    Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFolderOptions
    Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Updates

    ################## | Mountpoints2 |


    ################## | Listing |

    [31/12/2011 - 18:08:38 | SHD ] C:\$Recycle.Bin
    [28/10/2011 - 20:01:31 | D ] C:\ASUS.DAT
    [13/04/2011 - 03:49:40 | D ] C:\AsusVibeData
    [29/07/2009 - 07:03:34 | D ] C:\Boot
    [14/07/2009 - 02:38:58 | RASH | 383562] C:\bootmgr
    [29/07/2009 - 07:03:37 | N | 8192] C:\BOOTSECT.BAK
    [25/10/2011 - 02:03:51 | N | 13874] C:\devlist.txt
    [14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
    [02/12/2011 - 18:52:30 | D ] C:\Downloads
    [25/10/2011 - 01:50:32 | D ] C:\eSupport
    [24/10/2011 - 11:03:51 | N | 9] C:\Finish.log
    [31/12/2011 - 16:16:30 | ASH | 3105259520] C:\hiberfil.sys
    [03/06/2011 - 10:04:47 | D ] C:\HiddenBootMount
    [25/10/2011 - 01:40:24 | D ] C:\Intel
    [22/02/2011 - 02:36:38 | N | 2097152] C:\K72JT.BIN
    [08/04/2011 - 04:57:47 | N | 19] C:\K72JT_K72JU_WIN7.40
    [22/02/2011 - 02:59:18 | N | 2097152] C:\K72JU.BIN
    [09/11/2011 - 10:47:43 | RHD ] C:\MSOCache
    [31/12/2011 - 16:16:31 | ASH | 4140347392] C:\pagefile.sys
    [25/10/2011 - 10:01:28 | N | 28] C:\Pass.txt
    [14/07/2009 - 04:20:08 | D ] C:\PerfLogs
    [01/11/2011 - 21:48:34 | N | 402] C:\prefs.js
    [03/11/2011 - 23:37:12 | D ] C:\Program Files
    [18/12/2011 - 18:10:13 | D ] C:\Program Files (x86)
    [02/12/2011 - 20:40:06 | HD ] C:\ProgramData
    [30/12/2011 - 14:56:12 | N | 5483] C:\rapport.txt
    [27/10/2011 - 04:13:32 | SHD ] C:\Recovery
    [08/04/2011 - 04:57:47 | N | 14] C:\RECOVERY.DAT
    [25/10/2011 - 01:49:15 | N | 2405] C:\RHDSetup.log
    [28/10/2011 - 20:13:42 | N | 90] C:\setup.log
    [30/12/2011 - 14:47:13 | SHD ] C:\System Volume Information
    [28/10/2011 - 19:32:16 | D ] C:\temp
    [28/10/2011 - 04:20:41 | N | 60] C:\TempCmd.txt
    [31/12/2011 - 18:08:38 | D ] C:\UsbFix
    [31/12/2011 - 18:07:06 | A | 12600] C:\UsbFix.txt
    [31/12/2011 - 16:18:13 | D ] C:\Users
    [20/11/2011 - 13:35:45 | D ] C:\VkontakteDJ
    [25/10/2011 - 02:33:11 | D ] C:\WIMAPPLY
    [08/12/2011 - 01:09:51 | D ] C:\Windows
    [31/12/2011 - 18:08:38 | SHD ] D:\$RECYCLE.BIN
    [30/11/2011 - 19:04:21 | N | 1304] D:\Circuit Décembre (début) - Fullbody Low Rest .txt
    [30/11/2011 - 19:03:50 | N | 931] D:\Circuit Novembre - CrossFit Fullbody.txt
    [02/12/2011 - 20:20:10 | D ] D:\CV
    [20/12/2011 - 15:19:05 | D ] D:\films
    [09/12/2011 - 22:57:21 | D ] D:\GBA
    [28/12/2011 - 23:37:54 | D ] D:\images
    [02/12/2011 - 20:16:51 | D ] D:\Iphone
    [20/12/2011 - 02:46:14 | D ] D:\Jeux
    [02/12/2011 - 20:17:39 | D ] D:\Logiciels
    [07/11/2011 - 20:24:51 | D ] D:\msdownld.tmp
    [02/12/2011 - 20:17:11 | D ] D:\Outils d'information et de communication
    [02/12/2011 - 20:16:59 | D ] D:\playstation
    [03/12/2011 - 15:11:50 | D ] D:\Sega
    [25/10/2011 - 01:36:23 | SHD ] D:\System Volume Information
    [26/01/2011 - 09:18:08 | D ] G:\__MACOSX
    [26/01/2011 - 09:18:08 | D ] G:\SecureII
    [19/11/2011 - 19:50:06 | D ] G:\CV
    [23/08/2011 - 12:50:22 | D ] G:\COURS 1ere Année GEA
    [06/12/2011 - 20:31:46 | N | 52087] G:\Cours.docx
    [06/12/2011 - 22:56:02 | N | 296] G:\WMPInfo.xml
    [15/12/2011 - 19:21:52 | D ] G:\GEA !
    [20/10/2011 - 11:26:26 | D ] G:\Thiago
    [21/09/2011 - 18:48:54 | N | 47104] G:\~WRL0001.tmp
    [22/09/2011 - 12:33:46 | D ] G:\bureautique
    [29/09/2011 - 20:58:00 | D ] G:\Nouveau dossier (4)
    [30/03/2010 - 01:21:52 | D ] R:\ASUSLog
    [17/09/2009 - 22:33:32 | D ] R:\boot
    [17/09/2009 - 22:33:34 | D ] R:\DisableS3S4
    [17/09/2009 - 22:33:34 | D ] R:\efi
    [26/04/2011 - 03:24:32 | D ] R:\sources
    [09/06/2011 - 08:37:08 | N | 61440] R:\AsChange.exe
    [09/06/2011 - 08:40:22 | N | 69632] R:\AsDeploy.exe
    [08/06/2011 - 18:03:54 | N | 30] R:\AsToolCDVer.txt
    [18/01/2008 - 06:45:46 | A | 333203] R:\bootmgr
    [13/07/2009 - 15:10:26 | N | 481680] R:\imagex.exe
    [07/12/2010 - 10:11:48 | N | 57] R:\AsPartition.log
    [15/06/2011 - 12:11:38 | N | 381] R:\AsDiskpart.log
    [29/06/2011 - 22:09:16 | N | 978] R:\PQA.CMD
    [04/05/2011 - 22:05:50 | N | 243] R:\ASHDI_N-CE-W71M6-01.00_02.03.md5
    [05/05/2011 - 11:14:56 | N | 40960] R:\ASHDI_N-CE-W71M6-01.00_02.03.xls
    [04/05/2011 - 22:04:22 | N | 4054395197] R:\asus.swm
    [04/05/2011 - 22:04:22 | N | 3849716901] R:\asus2.swm
    [04/05/2011 - 22:04:22 | N | 4087789044] R:\asus3.swm
    [04/05/2011 - 22:04:22 | N | 3993783047] R:\asus4.swm
    [24/10/2011 - 17:34:28 | N | 141088] R:\AsFac.log
    [30/06/2011 - 07:44:44 | N | 57] R:\AsConfig.ini
    [25/04/2011 - 15:53:22 | N | 1059679026] R:\Driver64.wim
    [24/10/2011 - 17:34:26 | N | 127996] R:\AsDeploy.log
    [29/06/2011 - 17:17:00 | SHD ] R:\$RECYCLE.BIN
    [24/10/2011 - 17:34:26 | N | 35] R:\Pass.txt
    [25/10/2011 - 01:00:12 | N | 1322] R:\SWPackage.ini.bak
    [24/10/2011 - 17:33:12 | N | 1322] R:\SWPackage.ini

    ################## | Vaccin |

    C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    R:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | Upload |

    Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_RASSOUL-PC.zip
    http://eldesaparecido.com/upload.html
    Merci de votre contribution.

    ################## | E.O.F |
    m
    0
    l
    a c 620 8 Sécurité
    31 Décembre 2011 18:47:57

    Re,

    Ok il a été supprimé à ce passage, mais manque encore le rapport avec Malwarebyte's ;) 
    m
    0
    l
    31 Décembre 2011 19:31:16

    Malwarebytes Anti-Malware 1.60.0.1800
    www.malwarebytes.org

    Version de la base de données: v2011.12.31.04

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    geant :: RASSOUL-PC [administrateur]

    31/12/2011 18:16:34
    mbam-log-2011-12-31 (18-16-34).txt

    Type d'examen: Examen complet
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 336799
    Temps écoulé: 49 minute(s), 10 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 15
    HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.

    Valeur(s) du Registre détectée(s): 2
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Données: VShareTB -> Mis en quarantaine et supprimé avec succès.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Données: -> Mis en quarantaine et supprimé avec succès.

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 1
    C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (PUP.VShareRedir) -> Mis en quarantaine et supprimé avec succès.

    (fin)
    m
    0
    l
    a c 620 8 Sécurité
    1 Janvier 2012 10:28:28

    Re,

    Ok il n'a viré qu'une toolbar publicitaire.

    As-tu encore des alertes concernant ce satan.vbs ?
    m
    0
    l
    2 Janvier 2012 17:21:16

    non plus de satan :)  Merci .
    le gestionnaire des taches est à nouveau accessible !

    Encore Merci
    m
    0
    l
    a c 620 8 Sécurité
    2 Janvier 2012 19:01:39

    Re,

    Ok et niveau "bruit" sur le pc ?


    On va nettoyer les outils utilisés :


    Désinstalle USBFix :

  • Relance-le via le raccourci USBFix situé sur ton Bureau.
    (Utilisateur de Vista/Windows 7, clique-droit sur le raccourci de USBFix -> Exécuter en tant qu'administrateur)
  • Dans la fenêtre principal, choisis l'option Désinstaller, et valide avec "Oui"

    Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Clique sur "Purge d'outils"
  • Valide l'avertissement par "ok" et laisse le pc redémarrer.


    Purge de la restauration système :

    Elle contient des restes de l'infection, suis ce tuto pour la purger (supprimer tous les points, puis en recréer un nouveau) :

    Vista/7 :
    http://www.inforumatique.fr/forum/post82670.html#p82670


    A supprimer via ajout/suppression des programmes (si encore présent)

    - Adobe Flash Player 10 Plugin -> Si tu ne possèdes plus de navigateur de type Firefox, Opera ou Safari, ce plugin est inutile et potentiellement dangereux car non à jour, autant le suppirmer.


    :jap: 
    m
    0
    l
    6 Mars 2012 02:47:03

    Salut,

    Moi aussi je souffre de l'existence de satan.vbe dans ma clé, j'ai essayé usbfixe à maintes fois mais en vain

    je vais poster le rapport de suppression, et je vous prie de m'aider :( 

    merci d'avance :) 


    ############################## | UsbFix V 7.083 | [Suppression]

    Utilisateur: mido dison (Administrateur) # MIDODISON
    Mis à jour le 03/03/2012 par El Desaparecido
    Lancé à 01:06:00 | 06/03/2012

    Site Web: http://eldesaparecido.com
    Fichier suspect ? : http://eldesaparecido.com/upload.html
    Contact: contact@eldesaparecido.com

    PC: Sony Corporation (VPCEB3L1E) (x64-based PC) # Notebook
    CPU: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz (2399)
    RAM -> [ Total : 3950 | Free : 2325 ]
    BIOS: BIOS Date: 09/23/09 11:58:43 Ver: 08.00.10
    BOOT: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
    WB: Windows Internet Explorer 8.0.7600.16385

    SC: Security Center Service [ Enabled ]
    WU: Windows Update Service [ Enabled ]
    AV: ESET Smart Security 5.0 [ Enabled | Updated ]
    FW: Windows FireWall Service [ Enabled ]

    C:\ (%systemdrive%) -> Disque fixe # 285 Go (128 Go libre(s) - 45%) [] # NTFS
    D:\ -> CD-ROM
    E:\ -> CD-ROM
    F:\ -> CD-ROM
    G:\ -> CD-ROM
    I:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [] # FAT32

    ################## | Processus Actif |

    C:\Windows\system32\csrss.exe (592)
    C:\Windows\system32\wininit.exe (676)
    C:\Windows\system32\csrss.exe (700)
    C:\Windows\system32\services.exe (736)
    C:\Windows\system32\winlogon.exe (780)
    C:\Windows\system32\lsass.exe (792)
    C:\Windows\system32\lsm.exe (800)
    C:\Windows\system32\svchost.exe (912)
    C:\Windows\system32\svchost.exe (988)
    C:\Windows\system32\atiesrxx.exe (308)
    C:\Windows\System32\svchost.exe (564)
    C:\Windows\System32\svchost.exe (556)
    C:\Windows\system32\svchost.exe (1040)
    C:\Windows\system32\svchost.exe (1148)
    C:\Windows\system32\svchost.exe (1244)
    C:\Windows\system32\atieclxx.exe (1324)
    C:\Windows\system32\svchost.exe (1480)
    C:\Windows\System32\spoolsv.exe (1544)
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1620)
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (1656)
    C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe (1684)
    C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (1740)
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (1788)
    C:\Program Files (x86)\PC Auto Shutdown\ShutdownService.exe (1828)
    C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (1884)
    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (1980)
    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (2020)
    C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (1212)
    C:\Windows\SysWOW64\DllHost.exe (1988)
    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (2208)
    C:\Windows\system32\svchost.exe (2632)
    C:\Windows\system32\WUDFHost.exe (2692)
    C:\Windows\system32\taskhost.exe (2812)
    C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe (2908)
    C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (2964)
    C:\Windows\system32\Dwm.exe (2996)
    C:\Windows\system32\taskeng.exe (3004)
    C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (2192)
    C:\Windows\Explorer.EXE (2392)
    C:\Windows\system32\taskeng.exe (2656)
    C:\Program Files\Sony\VAIO Care\VCSpt.exe (3156)
    C:\Windows\system32\wbem\wmiprvse.exe (3220)
    C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (3256)
    C:\Windows\system32\wbem\wmiprvse.exe (3328)
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (3540)
    C:\Program Files\Apoint\Apoint.exe (3552)
    C:\Program Files\ESET\ESET Smart Security\egui.exe (3576)
    C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe (3600)
    C:\Windows\system32\svchost.exe (3608)
    C:\Program Files\Windows Sidebar\sidebar.exe (3732)
    C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe (3800)
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (3936)
    C:\Windows\System32\WScript.exe (3956)
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (4040)
    C:\Program Files (x86)\HSPA USB MODEM\ModemListener.exe (4084)
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (4092)
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3080)
    C:\Program Files\Apoint\ApMsgFwd.exe (1388)
    C:\Program Files\Apoint\Apntex.exe (2844)
    C:\Program Files\Apoint\Apvfb.exe (3788)
    C:\Windows\system32\conhost.exe (3728)
    C:\Windows\SysWOW64\RunDll32.exe (3716)
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (3084)
    C:\Program Files\Sony\VAIO Care\VCsystray.exe (4976)
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (1284)
    C:\Program Files\Sony\VAIO Care\VCPerfService.exe (1492)
    C:\Program Files\Sony\VAIO Care\listener.exe (4228)
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (2608)
    C:\Program Files\Sony\VAIO Power Management\SPMService.exe (4276)
    C:\Windows\System32\svchost.exe (5108)
    C:\Program Files\Windows Media Player\wmpnetwk.exe (4392)
    C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (4032)
    C:\Program Files (x86)\Internet Mobile+\Internet Mobile+.exe (164)
    C:\Windows\System32\svchost.exe (864)
    C:\Windows\system32\taskhost.exe (1012)
    C:\UsbFix\Go.exe (2548)

    ################## | Processus Stoppés |

    Stoppé! C:\Windows\system32\atiesrxx.exe (308)
    Stoppé! C:\Windows\system32\atieclxx.exe (1324)
    Stoppé! C:\Windows\System32\spoolsv.exe (1544)
    Stoppé! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1620)
    Stoppé! C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (1656)
    Stoppé! C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe (1684)
    Stoppé! C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (1740)
    Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (1788)
    Stoppé! C:\Program Files (x86)\PC Auto Shutdown\ShutdownService.exe (1828)
    Stoppé! C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (1884)
    Stoppé! C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (1980)
    Stoppé! C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (2020)
    Stoppé! C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (1212)
    Stoppé! C:\Windows\SysWOW64\DllHost.exe (1988)
    Stoppé! C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (2208)
    Stoppé! C:\Windows\system32\WUDFHost.exe (2692)
    Stoppé! C:\Windows\system32\taskhost.exe (2812)
    Stoppé! C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (2964)
    Stoppé! C:\Windows\system32\taskeng.exe (3004)
    Stoppé! C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (2192)
    Stoppé! C:\Windows\system32\taskeng.exe (2656)
    Stoppé! C:\Program Files\Sony\VAIO Care\VCSpt.exe (3156)
    Stoppé! C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (3256)
    Stoppé! C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (3540)
    Stoppé! C:\Program Files\Apoint\Apoint.exe (3552)
    Stoppé! C:\Program Files\ESET\ESET Smart Security\egui.exe (3576)
    Stoppé! C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe (3600)
    Stoppé! C:\Program Files\Windows Sidebar\sidebar.exe (3732)
    Stoppé! C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe (3800)
    Stoppé! C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (3936)
    Stoppé! C:\Windows\System32\WScript.exe (3956)
    Stoppé! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (4040)
    Stoppé! C:\Program Files (x86)\HSPA USB MODEM\ModemListener.exe (4084)
    Stoppé! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (4092)
    Stoppé! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3080)
    Stoppé! C:\Program Files\Apoint\ApMsgFwd.exe (1388)
    Stoppé! C:\Program Files\Apoint\Apntex.exe (2844)
    Stoppé! C:\Program Files\Apoint\Apvfb.exe (3788)
    Stoppé! C:\Windows\SysWOW64\RunDll32.exe (3716)
    Stoppé! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (3084)
    Stoppé! C:\Program Files\Sony\VAIO Care\VCsystray.exe (4976)
    Stoppé! C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (1284)
    Stoppé! C:\Program Files\Sony\VAIO Care\VCPerfService.exe (1492)
    Stoppé! C:\Program Files\Sony\VAIO Care\listener.exe (4228)
    Stoppé! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (2608)
    Stoppé! C:\Program Files\Sony\VAIO Power Management\SPMService.exe (4276)
    Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (4392)
    Stoppé! C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (4032)
    Stoppé! C:\Program Files (x86)\Internet Mobile+\Internet Mobile+.exe (164)
    Stoppé! C:\Windows\system32\taskhost.exe (1012)

    ################## | Éléments infectieux |

    Supprimé! I:\Nouveau dossier.lnk
    Non supprimé ! G:\AutoRun.exe
    Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3717979866-1124443094-4166226302-1000
    Non supprimé ! G:\AUTORUN.INF

    (!) Fichiers temporaires supprimés.

    ################## | Registre |


    ################## | Mountpoints2 |


    ################## | Listing |

    [06/03/2012 - 01:06:57 | SHD ] C:\$Recycle.Bin
    [08/07/2011 - 11:13:47 | D ] C:\ado
    [14/01/2012 - 16:54:48 | D ] C:\ats.ucla
    [06/03/2012 - 00:16:18 | RASHD ] C:\Autorun.inf
    [10/09/2010 - 09:58:40 | D ] C:\Documentation
    [14/07/2009 - 05:08:56 | SHD ] C:\Documents and Settings
    [22/02/2012 - 17:04:02 | D ] C:\dynare
    [06/03/2012 - 00:20:04 | ASH | 3106480128] C:\hiberfil.sys
    [25/04/2011 - 20:52:23 | D ] C:\icones à ne pas supprimer
    [12/07/2010 - 20:49:45 | D ] C:\Intel
    [25/04/2011 - 18:48:22 | D ] C:\LINDO61
    [10/09/2010 - 10:25:46 | N | 321052] C:\lv.log
    [05/03/2012 - 23:28:54 | D ] C:\mido stuff
    [24/04/2011 - 04:45:54 | RHD ] C:\MSOCache
    [06/03/2012 - 00:20:05 | ASH | 4141977600] C:\pagefile.sys
    [14/07/2009 - 03:20:08 | D ] C:\PerfLogs
    [21/02/2012 - 15:32:00 | D ] C:\Program Files
    [11/12/2011 - 19:26:05 | D ] C:\Program Files (x86)
    [05/10/2011 - 12:09:02 | HD ] C:\ProgramData
    [10/09/2010 - 09:53:01 | N | 2935] C:\RHDSetup.log
    [25/04/2011 - 22:36:42 | D ] C:\SphinxV5demo
    [10/09/2010 - 10:25:39 | D ] C:\SPLASH.000
    [10/09/2010 - 10:25:39 | N | 73] C:\splash.idx
    [10/09/2010 - 10:25:23 | D ] C:\SPLASH.SYS
    [09/01/2012 - 22:59:50 | D ] C:\Stata11
    [05/03/2012 - 10:14:14 | SHD ] C:\System Volume Information
    [10/09/2010 - 10:31:32 | D ] C:\Temp
    [18/02/2012 - 18:37:56 | N | 157690] C:\test.xml
    [24/04/2011 - 00:16:10 | D ] C:\Update
    [06/03/2012 - 01:06:57 | D ] C:\UsbFix
    [06/03/2012 - 01:06:07 | A | 10327] C:\UsbFix.txt
    [06/03/2012 - 00:16:19 | N | 60423] C:\UsbFix_Upload_Me_MIDODISON.zip
    [23/04/2011 - 17:45:51 | D ] C:\Users
    [10/09/2010 - 10:33:05 | D ] C:\VAIO Sample Contents
    [22/06/2010 - 22:14:20 | N | 4112] C:\version
    [03/04/2010 - 18:33:31 | N | 2088501] C:\VS_EXPBSLN_x64_fra.CAB
    [03/04/2010 - 18:35:56 | N | 555008] C:\VS_EXPBSLN_x64_fra.MSI
    [06/03/2012 - 00:20:02 | D ] C:\Windows
    [10/09/2010 - 09:58:41 | D ] C:\_FS_SWRINFO
    [24/04/2008 - 13:44:40 | R | 114688] G:\AutoRun.exe
    [07/11/2007 - 15:41:52 | R | 47] G:\AUTORUN.INF
    [24/04/2008 - 13:44:40 | R | 114688] G:\DataCard_Setup.exe
    [24/04/2008 - 13:44:50 | R | 152576] G:\DataCard_Setup64.exe
    [02/03/2009 - 01:41:38 | D ] G:\Internet Mobile+
    [20/02/2008 - 13:16:48 | R | 7168] G:\ResetDevice.exe
    [20/02/2009 - 13:51:58 | R | 29926] G:\Startup.ico
    [27/02/2009 - 14:49:24 | R | 1436] G:\SysConfig.dat
    [06/03/2012 - 00:16:20 | RASHD ] I:\Autorun.inf

    ################## | Vaccin |

    C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    I:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    m
    0
    l
    a c 620 8 Sécurité
    6 Mars 2012 10:18:29

    Bonjour,

    Merci de créer ton propre sujet, aucune prise en charge dans le sujet d'un autre.
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS