Se connecter / S'enregistrer
Votre question

Virus or not Virus?Rapport hijackthis joint

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Décembre 2009 17:59:25


Bonjour, j'ai de nombreux pb, je pense suite a un virus !(je ne peux pas faire de restauration systeme ,mon son ne marche pas, ma barre de tache a disparue, etc etc) pourriez vous m'aider svp? Ci joint un petit rapport hijackthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:20, on 01/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\a-squared Free\a2service.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Nader\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F3 - REG:win.ini: run=
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,D:\DOCUME~1\Nader\LOCALS~1\Temp\winlogon.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {228E6BE4-B3E8-411B-B142-BBEBF27E6369} - D:\WINDOWS\system32\cbXRIXom.dll (file missing)
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - D:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - D:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1c9f266f342bfd6) (gupdate1c9f266f342bfd6) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

--
End of file - 6836 bytes

Autres pages sur : virus not virus rapport hijackthis joint

2 Décembre 2009 10:32:36

Quelqu'un saurait quelque chose svp?
a c 267 8 Sécurité
a b 9 Windows
2 Décembre 2009 16:13:07

Bonjour,

AVG Anti-Spyware n'est plus mis à jour, il est donc obsolète.


1/

  • Relance HijackThis.
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,D:\DOCUME~1\Nader\LOCALS~1\Temp\winlogon.exe

    F3 - REG:win.ini: run=

    O2 - BHO: (no name) - {228E6BE4-B3E8-411B-B142-BBEBF27E6369} - D:\WINDOWS\system32\cbXRIXom.dll (file missing)

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.


    2/

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    3 Décembre 2009 14:30:30

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Nader at 2009-12-03 14:29:46
    WIN_XP Service Pack 2
    System drive D: has 19 GB (29%) free of 64 GB
    Total RAM: 958 MB (62% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:29:50, on 03/12/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\Mixer.exe
    D:\Program Files\Windows Live\Messenger\msnmsgr.exe
    D:\Program Files\a-squared Free\a2service.exe
    D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    D:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\WINDOWS\system32\NOTEPAD.EXE
    D:\Documents and Settings\Nader\Bureau\RSIT.exe
    D:\Documents and Settings\Nader\Bureau\Nader.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - D:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [svchost.exe] D:\WINDOWS\system32\svchost.exe
    O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-21-842925246-1383384898-725345543-1003\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - D:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service Google Update (gupdate1c9f266f342bfd6) (gupdate1c9f266f342bfd6) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

    --
    End of file - 6771 bytes

    ======Scheduled tasks folder======

    D:\WINDOWS\tasks\AppleSoftwareUpdate.job
    D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5ab669665ac6.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38D3FE60-3D53-4F37-BB0E-C7A97A26A156}]
    CInterceptor Object - D:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll [2008-05-09 577536]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - D:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - D:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-02-07 352256]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - D:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-03-29 79224]
    "C-Media Mixer"=Mixer.exe /startup []
    "svchost.exe"=D:\WINDOWS\system32\svchost [2009-12-02 24427]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=D:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    D:\WINDOWS\system32\Ati2evxx.dll [2006-03-22 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "authentication packages"=msv1_0
    D:\WINDOWS\system32\cbXRIXom

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=1
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSMHelp"=01000000
    "NoLogoff"=0
    "NoBandCustomize"=0
    "NoMovingBands"=0
    "NoCloseDragDropBands"=0
    "NoActiveDesktop"=0
    "NoToolbarCustomize"=0
    "LockTaskbar"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoResolveSearch"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\Program Files\World of Warcraft\WoW-1.12.0-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-1.12.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "D:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe"="D:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe:*:Enabled:Blizzard Downloader"
    "D:\Program Files\World of Warcraft\WoW-2.0.3-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.3-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "D:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.7.6383-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.7.6383-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "D:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "D:\Program Files\VideoLAN\VLC\vlc.exe"="D:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
    "D:\Program Files\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "D:\Program Files\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "D:\Program Files\PPStream\PPStream.exe"="D:\Program Files\PPStream\PPStream.exe:*:Enabled:p PStream"
    "D:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.12.6546-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.12.6546-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "D:\WINDOWS\system32\dpvsetup.exe"="D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "D:\WINDOWS\system32\rundll32.exe"="D:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
    "D:\Program Files\FlashGet\flashget.exe"="D:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
    "D:\Program Files\Freeplayer\vlc\vlc.exe"="D:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
    "D:\Program Files\UUSee\UUSeePlayer.exe"="D:\Program Files\uusee\UUSeePlayer.exe:*:Enabled:UUPlayer"
    "D:\Program Files\PPMate\ppmate.exe"="D:\Program Files\PPMate\ppmate.exe:*:Enabled:p PMate"
    "D:\Program Files\PPMate\ppmnet.exe"="D:\Program Files\PPMate\ppmnet.exe:*:Enabled:p PMate"
    "D:\Program Files\TVAnts\Tvants.exe"="D:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
    "D:\Program Files\UUSee\UURecorder.exe"="D:\Program Files\UUSee\UURecorder.exe:*:Enabled:UUSEE"
    "D:\Program Files\SopCast\SopCast.exe"="D:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
    "D:\Documents and Settings\Nader\Application Data\SopCast\adv\SopAdver.exe"="D:\Documents and Settings\Nader\Application Data\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
    "D:\Program Files\Ratajik Software\StationRipper\StationRipperConsole.exe"="D:\Program Files\Ratajik Software\StationRipper\StationRipperConsole.exe:*:Enabled:StationRipperConsole"
    "D:\Program Files\TVUPlayer\TVUPlayer.exe"="D:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVU Player Component"
    "D:\Program Files\World of Warcraft\BackgroundDownloader.exe"="D:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
    "D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:uTorrent"
    "D:\PROGRA~1\PPMate\PPMate\ppmate.exe"="D:\PROGRA~1\PPMate\PPMate\ppmate.exe:*:Enabled:Share Streaming"
    "D:\Program Files\Steam\steamapps\boubouabou\counter-strike\hl.exe"="D:\Program Files\Steam\steamapps\boubouabou\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
    "D:\Program Files\Steam\steamapps\boubouabou\condition zero\hl.exe"="D:\Program Files\Steam\steamapps\boubouabou\condition zero\hl.exe:*:Enabled:Half-Life Launcher"
    "D:\Program Files\Windows Media Player\wmplayer.exe"="D:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Lecteur Windows Media"
    "D:\Program Files\SopCast\adv\SopAdver.exe"="D:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
    "D:\Program Files\eMule\emule.exe"="D:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "D:\Documents and Settings\Nader\Bureau\emule.exe"="D:\Documents and Settings\Nader\Bureau\emule.exe:*:Enabled:eMule"
    "D:\Program Files\Internet Explorer\iexplore.exe"="D:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
    "D:\Program Files\Advanced System Optimizer\adblock.exe"="D:\Program Files\Advanced System Optimizer\adblock.exe:*:Enabled:Ad and Popup Blocker.lnk"
    "D:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="D:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"
    "D:\Documents and Settings\Nader\Bureau\PES2008.exe"="D:\Documents and Settings\Nader\Bureau\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"
    "D:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="D:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:D isabled:Veoh Client"
    "D:\Documents and Settings\Nader\Local Settings\Temp\Rar$EX00.782\PES2008.exe"="D:\Documents and Settings\Nader\Local Settings\Temp\Rar$EX00.782\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"
    "D:\DOCUME~1\Nader\LOCALS~1\Temp\winlogon.exe"="D:\DOCUME~1\Nader\LOCALS~1\Temp\winlogon.exe:*:Enabled:Streams Drivers"
    "D:\Program Files\Counter-Strike Source\hl2.exe"="D:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
    "D:\Program Files\Pando Networks\Pando\pando.exe"="D:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:p ando Application"
    "D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
    "D:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="D:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009"
    "D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "D:\Documents and Settings\Nader\Local Settings\Temp\pes2010.exe"="D:\Documents and Settings\Nader\Local Settings\Temp\pes2010.exe:*:Enabled:p ro Evolution Soccer 2010"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b5c380a-a0fd-11dc-8de3-001109ba809c}]
    shell\AutoRun\command - K:\start.exe
    shell\iledefrance\command - K:\start.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74a4a11d-fc43-11dd-9090-0011675eeb03}]
    shell\AutoRun\command - K:\start.exe
    shell\iledefrance\command - K:\start.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf91a856-8588-11dc-8d8e-001109ba809c}]
    shell\AutoRun\command - J:\autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed740006-191d-11dd-8efb-001109ba809c}]
    shell\AutoRun\command - K:\qh.com
    shell\explore\command - K:\qh.com
    shell\open\command - K:\qh.com


    ======File associations======

    .reg - open -

    ======List of files/folders created in the last 1 months======

    2009-12-03 14:29:45 ----D---- D:\rsit
    2009-12-03 05:16:40 ----A---- D:\WINDOWS\OEWABLog.txt
    2009-12-01 17:26:35 ----D---- D:\Documents and Settings\Nader\Application Data\QuickScan
    2009-12-01 17:10:57 ----A---- D:\WINDOWS\setuplog.txt
    2009-12-01 12:24:05 ----RA---- D:\WINDOWS\system32\cmnprop.dll
    2009-12-01 12:24:05 ----RA---- D:\WINDOWS\mixer.exe
    2009-12-01 12:08:19 ----RA---- D:\WINDOWS\SET26.tmp
    2009-12-01 11:58:53 ----RA---- D:\WINDOWS\system32\Audio3D.dll
    2009-12-01 11:58:53 ----RA---- D:\WINDOWS\cmuninst.exe
    2009-11-17 21:57:26 ----A---- D:\WINDOWS\system32\MSVBVM60.dll
    2009-11-17 21:56:06 ----A---- D:\WINDOWS\system32\bibliotheques-msvbvm60-dll_bibliotheques_msvbvm60.dll_francais_13454.DLL
    2009-11-17 21:30:12 ----D---- D:\Program Files\KONAMI

    ======List of files/folders modified in the last 1 months======

    2009-12-03 14:25:27 ----D---- D:\Program Files\Mozilla Firefox
    2009-12-03 06:07:25 ----D---- D:\WINDOWS
    2009-12-03 06:05:57 ----D---- D:\WINDOWS\Temp
    2009-12-03 05:59:18 ----HD---- D:\WINDOWS\inf
    2009-12-03 05:36:38 ----SHD---- D:\RECYCLER
    2009-12-03 05:23:17 ----D---- D:\WINDOWS\system32\CatRoot2
    2009-12-03 05:15:34 ----AD---- D:\Documents and Settings
    2009-12-01 17:59:18 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-12-01 17:57:51 ----D---- D:\Program Files\a-squared Free
    2009-12-01 12:46:47 ----D---- D:\WINDOWS\system32\drivers
    2009-12-01 12:46:46 ----D---- D:\WINDOWS\system32
    2009-12-01 12:24:05 ----D---- D:\WINDOWS\system
    2009-12-01 12:11:28 ----AC---- D:\WINDOWS\mixerdef.ini
    2009-12-01 12:08:13 ----D---- D:\WINDOWS\system32\ReinstallBackups
    2009-12-01 11:18:34 ----D---- D:\Program Files\Lavalys
    2009-12-01 11:01:39 ----AC---- D:\WINDOWS\win.ini
    2009-12-01 11:01:39 ----AC---- D:\WINDOWS\system.ini
    2009-12-01 11:01:23 ----D---- D:\WINDOWS\pss
    2009-11-26 17:43:02 ----D---- D:\Program Files\Everest Poker
    2009-11-26 12:37:06 ----D---- D:\Documents and Settings\Nader\Application Data\uTorrent
    2009-11-17 21:41:16 ----SHD---- D:\WINDOWS\Installer
    2009-11-17 21:30:12 ----D---- D:\Documents and Settings\All Users\Application Data\KONAMI
    2009-11-17 21:30:12 ----AD---- D:\Program Files
    2009-11-06 00:45:50 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
    2009-11-06 00:42:14 ----RSHDC---- D:\WINDOWS\system32\dllcache

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2008-03-29 26944]
    R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 75856]
    R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2008-03-29 42912]
    R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
    R1 AvgAsCln;AVG Anti-Spyware Clean Driver; D:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
    R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-27 75072]
    R1 cpuidlep;CpuIdle Pro System Driver; D:\WINDOWS\system32\drivers\cpuidlep.sys [2007-04-19 4484]
    R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 20560]
    R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2008-03-29 94544]
    R2 fssfltr;FssFltr; D:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
    R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-22 1522688]
    R3 avgntflt;avgntflt; \??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 BlueletAudio;Bluetooth Audio Service; D:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-08-31 20480]
    R3 BlueletSCOAudio;Bluetooth SCO Audio Service; D:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
    R3 BT;Bluetooth PAN Network Adapter; D:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-09-29 9696]
    R3 BTHidEnum;Bluetooth HID Enumerator; D:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-29 11988]
    R3 cmpci;C-Media PCI Audio Driver (WDM); D:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
    R3 HidUsb;Pilote de classe HID Microsoft; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 mouhid;Pilote HID de souris; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-24 5888]
    R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;Concentrateur USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
    R3 usbstor;Pilote de stockage de masse USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    R3 VComm;Virtual Serial port driver; D:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
    R3 VcommMgr;Bluetooth VComm Manager Service; D:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
    S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS []
    S3 Arp1394;Protocole client ARP 1394; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-03 60800]
    S3 asl2b2kl;asl2b2kl; D:\WINDOWS\system32\drivers\asl2b2kl.sys []
    S3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2008-03-29 23152]
    S3 Btcsrusb;Bluetooth USB For Bluetooth Service; D:\WINDOWS\System32\Drivers\btcusb.sys [2005-07-29 23000]
    S3 CCDECODE;Décodeur sous-titre fermé; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 cmuda3;C-Media PCI Audio Interface; D:\WINDOWS\system32\drivers\cmuda3.sys [2004-06-18 798592]
    S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
    S3 driverhardwarev2;driverhardwarev2; \??\D:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 hidgame;Activateur de port HID à manette de jeu Microsoft; D:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
    S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; D:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; D:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 NIC1394;Pilote réseau 1394; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-03 61824]
    S3 ovt519;Eye Toy; D:\WINDOWS\System32\Drivers\ov519vid.sys [2003-10-15 174530]
    S3 SLIP;Détrameur décalage BDA; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 USBAAPL;Apple Mobile USB Driver; D:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
    S3 usbaudio;Pilote USB audio (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
    S3 usbccgp;Pilote parent générique USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    S3 usbprint;Classe d'imprimantes USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 Wdf01000;Wdf01000; D:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    S3 WSTCODEC;Codec Teletext standard; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; D:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-08-28 55808]
    S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 a2free;a-squared Free Service; D:\Program Files\a-squared Free\a2service.exe [2009-12-01 1858144]
    R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-25 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-25 151297]
    R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
    R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-03-29 17272]
    R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2006-03-22 405504]
    R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
    R2 BlueSoleil Hid Service;BlueSoleil Hid Service; D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
    R2 Bonjour Service;Service Bonjour; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 StarWindServiceAE;StarWind AE Service; D:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
    S2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-03-29 144760]
    S2 gupdate1c9f266f342bfd6;Service Google Update (gupdate1c9f266f342bfd6); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-21 133104]
    S2 SeaPort;SeaPort; D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
    S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-03-29 247160]
    S3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-03-29 345464]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 fsssvc;Windows Live Contrôle parental; D:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
    S4 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2006-03-17 520192]

    -----------------EOF-----------------
    3 Décembre 2009 14:31:39

    CE QUI SUIT EST L4INFO TEXTE

    info.txt logfile of random's system information tool 1.06 2009-12-03 14:29:53

    ======Uninstall list======

    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
    AbiWord 2.7.4-->D:\Program Files\AbiWord\UninstallAbiWord2.exe
    Actionaz 2.0.7.2-->"D:\Program Files\Jmgr.info\Actionaz 2\unins000.exe"
    Adobe Flash Player 10 Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Adobe Shockwave Player-->D:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE D:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Advanced WindowsCare Personal 2.6.0-->"D:\Program Files\IObit\Advanced WindowsCare V2\unins000.exe"
    AnalogX Virtual Piano-->D:\Program Files\AnalogX\VPiano\vpianou.exe
    Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
    Arovax AntiSpyware 2.1.153-->D:\Program Files\Arovax AntiSpyware\uninst.exe
    a-squared Free 3.5-->"D:\Program Files\a-squared Free\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    ATI Display Driver-->rundll32 D:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    avast! Antivirus-->D:\Program Files\Alwil Software\Avast4\aswRunDll.exe "D:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AVG Anti-Spyware 7.5-->D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    Avira AntiVir Personal - Free Antivirus-->D:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    BlueSoleil-->MsiExec.exe /X{57D5CF00-60C0-43AB-80CD-84D0EB1BBE39}
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    CCleaner (remove only)-->"D:\Program Files\CCleaner\uninst.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    C-Media WDM Audio Driver-->D:\WINDOWS\system32\CMRMDRV3.exe
    Correctif Explorer 2.0-->"D:\Program Files\Correctif Explorer\unins000.exe"
    Counter-Strike: Source-->D:\Program Files\Counter-Strike Source\Uninst.exe
    DivX Codec 3.1alpha release-->D:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 D:\WINDOWS\INF\DivX.inf
    DivX Web Player-->D:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    D-Link VGA Webcam-->D:\WINDOWS\CleanDev.exe D:\WINDOWS\ov519.TXT
    EA SPORTS online 2008-->D:\Program Files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
    eMule-->"D:\Program Files\eMule\Uninstall.exe"
    EVEREST Home Edition v2.20-->"D:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
    Everest Poker (Remove Only)-->D:\Program Files\Everest Poker\cstart.exe /uninstall
    EVEREST Ultimate Edition v4.00-->"D:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
    Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
    FIFA 08-->MsiExec.exe /X{0A2A5039-B37F-489D-B1DC-A5258DF9E697}
    Freeplayer-->D:\Program Files\Freeplayer\Uninstall.exe
    FreeUndelete-->D:\Program Files\FreeUndelete\GLF3F.exe /handle:fru
    Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
    GoldWave v5.22-->"D:\Program Files\GoldWave\unstall.exe" "GoldWave v5.22" "D:\Program Files\GoldWave\unstall.log"
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Guitar Pro 5.0-->"D:\Program Files\Guitar Pro 5\unins000.exe"
    HijackThis 2.0.2-->"D:\Documents and Settings\Nader\Bureau\HijackThis.exe" /uninstall
    Installation Windows Live-->D:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    iPod for Windows 2006-01-10-->D:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1036
    iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
    J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    Java DB 10.3.1.4-->MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C59E29B5D02}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) SE Development Kit 6 Update 5-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160050}
    Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Jitbit Macro Recorder-->MsiExec.exe /I{2D57FB4E-6277-4A6D-8739-304C38051B89}
    Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
    Ma-Config.com plugin-->MsiExec.exe /I{D2D7529F-6B55-4C1C-BC9C-D6F1BCC066B6}
    MemTurbo-->D:\WINDOWS\IsUninst.exe -f"D:\Program Files\Silicon Prairie Software\MemTurbo\Uninst.isu"
    Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
    Messenger Plus! Live & Sponsor (CiD)-->"D:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"D:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
    Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
    Mise à jour de sécurité pour Windows XP (KB923789)-->D:\WINDOWS\system32\MacroMed\Flash\genuinst.exe D:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938829)-->"D:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.15)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Mozilla Firefox (3.0b2)-->D:\Program Files\Mozilla Firefox 3 Beta 2\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    newObjects ActiveX Pack1 Family v.2.5.0-->D:\Program Files\newObjects\AXPack1\ALPInstall.exe /u AXPack1Uninst.cfg
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Pack Vista Inspirat 2 1.0-->D:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
    Pando-->MsiExec.exe /I{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}
    PCI Audio Driver-->cmuninst.exe
    Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
    Pro Evolution Soccer 2010-->MsiExec.exe /X{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}
    QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
    RAM Idle LE-->"D:\Program Files\RAM Idle LE\unins000.exe"
    RamBoost XP 4.0.6-->"D:\Program Files\RamBoost XP\unins000.exe"
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Sony Eyetoy USB Webcam Drivers and Software-->"D:\Program Files\SEUCDaS\0.8\unins002.exe"
    SopCast 2.0.4-->D:\Program Files\SopCast\uninst.exe
    Spybot - Search & Destroy 1.4-->"D:\Program Files\Spybot - Search & Destroy\unins000.exe"
    StationRipper 2.82-->D:\Program Files\Ratajik Software\StationRipper\uninstall-StationRipper.exe
    Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
    TeamSpeak 2 RC2-->"D:\Program Files\Teamspeak2_RC2\unins000.exe"
    Totalidea RAM-Disk Driver-->MsiExec.exe /I{C184D1AB-53A1-42D9-9ECA-109F6DEE8EF3}
    TVAnts 1.0-->D:\PROGRA~1\TVAnts\UNWISE.EXE D:\PROGRA~1\TVAnts\INSTALL.LOG
    UxTheme Multipatcher Fr-->D:\Program Files\UxTheme Multipatcher Fr\uninstall.exe
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VeohTV BETA-->D:\Program Files\InstallShield Installation Information\{D1B11537-EA51-4DD8-BF1E-098BEE48868D}\setup.exe -runfromtemp -l0x0409
    VideoLAN VLC media player 0.8.6d-->D:\Program Files\VideoLAN\VLC\uninstall.exe
    Virtual DJ - Atomix Productions-->D:\PROGRA~1\VIRTUA~1\UNWISE.EXE D:\PROGRA~1\VIRTUA~1\INSTALL.LOG
    VobSub v2.05 (Remove Only)-->"D:\Program Files\Gabest\VobSub\uninstall.exe"
    VTTV 1.0.1-->D:\Program Files\VTTV\uninst.exe
    Windows Imaging Component-->"D:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
    Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
    Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
    WinSCP 4.1.9-->"D:\Program Files\WinSCP\unins000.exe"
    World of Warcraft-->D:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
    Wow Cartographe 1.07-->D:\Program Files\WowCartographe\uninst.exe
    xp-AntiSpy 3.96-4-->D:\Program Files\xp-AntiSpy\Uninstall.exe
    YesMessenger 2.2.30-->"D:\Program Files\YesMessenger\unins000.exe"

    =====HijackThis Backups=====

    F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,D:\DOCUME~1\Nader\LOCALS~1\Temp\winlogon.exe [2009-12-03]
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-12-03]
    O2 - BHO: (no name) - {228E6BE4-B3E8-411B-B142-BBEBF27E6369} - D:\WINDOWS\system32\cbXRIXom.dll (file missing) [2009-12-03]
    F3 - REG:win.ini: run= [2009-12-03]
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) [2009-12-03]

    ======Hosts File======

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

    Securitycenter WMI appears to be broken

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;D:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 31 Stepping 0, AuthenticAMD
    "PROCESSOR_REVISION"=1f00
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;D:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
    "QTJAVA"=D:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

    -----------------EOF-----------------
    a c 267 8 Sécurité
    a b 9 Windows
    3 Décembre 2009 16:56:02

    Il ne faut avoir qu'un seul antivirus, je te conseille de garder AntiVir.

  • Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    4 Décembre 2009 21:01:02

    je n'utilise rien qui se branche en externe appart un iphone ... comment je règle le problème de process.exe?(ece cela qui fait que mon son marche pas, copier coller non plus, mannette de jeu non plus etc?)
    4 Décembre 2009 21:04:07


    ############################## | UsbFix V6.059 |


    ############################## | Processus actifs |

    D:\WINDOWS\System32\smss.exe 688
    D:\WINDOWS\system32\csrss.exe 752
    D:\WINDOWS\system32\winlogon.exe 780
    D:\WINDOWS\system32\services.exe 824
    D:\WINDOWS\system32\lsass.exe 836
    D:\WINDOWS\system32\Ati2evxx.exe 992
    D:\WINDOWS\System32\svchost.exe 1068
    D:\WINDOWS\system32\svchost.exe 1228
    D:\WINDOWS\system32\svchost.exe 1272
    D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1300
    D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe 1316
    D:\WINDOWS\system32\Ati2evxx.exe 1420
    D:\WINDOWS\Explorer.EXE 1488
    D:\WINDOWS\Mixer.exe 1680
    D:\Program Files\Windows Live\Messenger\msnmsgr.exe 1696
    D:\Program Files\a-squared Free\a2service.exe 588
    D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe 628
    D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 640
    D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 304
    D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe 728
    D:\Program Files\Bonjour\mDNSResponder.exe 756
    D:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 1064
    D:\Program Files\Mozilla Firefox\firefox.exe 1780

    ################## | Fichiers # Dossiers infectieux |


    ################## | Spyware.OnlineGames |


    ################## | Registre # Clés infectieuses |

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"

    ################## | Registre # Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{2b5c380a-a0fd-11dc-8de3-001109ba809c}
    Shell\AutoRun\command =K:\start.exe
    Shell\iledefrance\command =K:\start.exe

    HKCU\..\..\Explorer\MountPoints2\{74a4a11d-fc43-11dd-9090-0011675eeb03}
    Shell\AutoRun\command =K:\start.exe
    Shell\iledefrance\command =K:\start.exe

    HKCU\..\..\Explorer\MountPoints2\{bf91a856-8588-11dc-8d8e-001109ba809c}
    Shell\AutoRun\command =J:\autorun.exe

    HKCU\..\..\Explorer\MountPoints2\{ed740006-191d-11dd-8efb-001109ba809c}
    Shell\AutoRun\command =K:\qh.com
    Shell\explore\Command =K:\qh.com
    Shell\open\Command =K:\qh.com

    ################## | Cracks / Keygens / Serials |

    "D:\Program Files\Java\jdk1.6.0_05\bin\serialver.exe"
    22/02/2008 02:12 |Size 25600 |Crc32 fd453e20 |Md5 d6ec9456324a57b68b206d2f91277882

    "D:\Documents and Settings\Nader\Mes documents\Downloads\Pro Evolution Soccer 2010 Crack Only & Serial Keys.zip"
    -> Contain : Pro Evolution Soccer 2010 Crack Only & Serial Keys\pes2010.exe

    "D:\Documents and Settings\Nader\Mes documents\eMule Downloads\Incoming\keygen pes 2009 serial cds.zip"
    -> Contain : 22_gui_5.exe 6439936 DFLT-N 36% 4146437 14-10-2008 03:48:58 48e5d940


    ################## | ! Fin du rapport # UsbFix V6.059 ! |
    a c 267 8 Sécurité
    a b 9 Windows
    4 Décembre 2009 21:06:41

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    4 Décembre 2009 21:21:10


    ############################## | UsbFix V6.059 |


    ############################## | Processus actifs |

    D:\WINDOWS\System32\smss.exe 688
    D:\WINDOWS\system32\csrss.exe 752
    D:\WINDOWS\system32\winlogon.exe 780
    D:\WINDOWS\system32\services.exe 824
    D:\WINDOWS\system32\lsass.exe 836
    D:\WINDOWS\system32\Ati2evxx.exe 992
    D:\WINDOWS\System32\svchost.exe 1068
    D:\WINDOWS\system32\svchost.exe 1228
    D:\WINDOWS\system32\svchost.exe 1264
    D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1284
    D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe 1300
    D:\WINDOWS\system32\Ati2evxx.exe 1472
    D:\WINDOWS\Explorer.EXE 1552

    ################## | Fichiers # Dossiers infectieux |


    ################## | Spyware.OnlineGames |


    ################## | Registre # Clés infectieuses |

    Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"

    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{2b5c380a-a0fd-11dc-8de3-001109ba809c}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{74a4a11d-fc43-11dd-9090-0011675eeb03}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{bf91a856-8588-11dc-8d8e-001109ba809c}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{ed740006-191d-11dd-8efb-001109ba809c}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [18/04/2007 12:37|--a------|2] C:\-1471302155
    [16/12/2006 18:54|--a------|0] C:\AUTOEXEC.BAT
    [11/06/2007 14:24|--a------|140] C:\baseclasses.log
    [01/12/2009 12:32|-rahs----|439] C:\boot.ini
    [24/08/2001 17:00|-rahs----|4952] C:\Bootfont.bin
    [16/12/2006 18:54|--a------|0] C:\CONFIG.SYS
    [07/11/2007 07:00|--a------|17734] C:\eula.1028.txt
    [07/11/2007 07:00|--a------|17734] C:\eula.1031.txt
    [07/11/2007 07:00|--a------|10134] C:\eula.1033.txt
    [07/11/2007 07:00|--a------|17734] C:\eula.1036.txt
    [07/11/2007 07:00|--a------|17734] C:\eula.1040.txt
    [07/11/2007 07:00|--a------|118] C:\eula.1041.txt
    [07/11/2007 07:00|--a------|17734] C:\eula.1042.txt
    [07/11/2007 07:00|--a------|17734] C:\eula.2052.txt
    [07/11/2007 07:00|--a------|17734] C:\eula.3082.txt
    [07/11/2007 07:00|--a------|1110] C:\globdata.ini
    [07/11/2007 07:03|--a------|562688] C:\install.exe
    [07/11/2007 07:00|--a------|843] C:\install.ini
    [07/11/2007 07:03|--a------|76304] C:\install.res.1028.dll
    [07/11/2007 07:03|--a------|96272] C:\install.res.1031.dll
    [07/11/2007 07:03|--a------|91152] C:\install.res.1033.dll
    [07/11/2007 07:03|--a------|97296] C:\install.res.1036.dll
    [07/11/2007 07:03|--a------|95248] C:\install.res.1040.dll
    [07/11/2007 07:03|--a------|81424] C:\install.res.1041.dll
    [07/11/2007 07:03|--a------|79888] C:\install.res.1042.dll
    [07/11/2007 07:03|--a------|75792] C:\install.res.2052.dll
    [07/11/2007 07:03|--a------|96272] C:\install.res.3082.dll
    [16/12/2006 18:54|-rahs----|0] C:\IO.SYS
    [13/04/2008 13:52|--a------|9082515] C:\log_fs.log
    [16/12/2006 18:54|-rahs----|0] C:\MSDOS.SYS
    [04/08/2004 01:38|-rahs----|47564] C:\NTDETECT.COM
    [04/08/2004 01:59|-rahs----|251712] C:\ntldr
    [05/01/2007 15:56|--a------|7218088] C:\psa30se_fr_fr.exe
    [07/11/2007 07:00|--a------|5686] C:\vcredist.bmp
    [07/11/2007 07:09|--a------|1442522] C:\VC_RED.cab
    [07/11/2007 07:12|--a------|232960] C:\VC_RED.MSI
    [?|?|?] D:\hiberfil.sys
    [?|?|?] D:\pagefile.sys
    [04/12/2009 21:19|--a------|3427] D:\UsbFix.txt
    [28/12/2007 13:28|--a------|4] D:\WINDOWSRegDefrag.dat

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.
    # D:\autorun.inf -> Dossier créé par UsbFix.
    # W:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Cracks / Keygens / Serials |

    "D:\Program Files\Java\jdk1.6.0_05\bin\serialver.exe"
    22/02/2008 02:12 |Size 25600 |Crc32 fd453e20 |Md5 d6ec9456324a57b68b206d2f91277882

    "D:\Documents and Settings\Nader\Mes documents\Downloads\Pro Evolution Soccer 2010 Crack Only & Serial Keys.zip"
    -> Contain : Pro Evolution Soccer 2010 Crack Only & Serial Keys\pes2010.exe

    "D:\Documents and Settings\Nader\Mes documents\eMule Downloads\Incoming\keygen pes 2009 serial cds.zip"
    -> Contain : 22_gui_5.exe 6439936 DFLT-N 36% 4146437 14-10-2008 03:48:58 48e5d940


    ################## | ! Fin du rapport # UsbFix V6.059 ! |
    a c 267 8 Sécurité
    a b 9 Windows
    4 Décembre 2009 21:38:55

  • Relance UsbFix et choisis l'option 5 pour le désinstaller.

  • Télécharge Lop S&D (par Eric_71) sur ton Bureau.
  • Puis double-clique sur Lop S&D présent sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    4 Décembre 2009 21:59:11

    Je ne suis pas chez moi mais des que je rentre je te tiens au courant...gentil de maider en tout cas!
    5 Décembre 2009 11:31:00


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista


    "D:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 05/12/2009|11:27 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [21/02/2007|10:38] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [28/08/2009|15:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    [01/04/2009|19:46] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [28/08/2009|17:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [01/03/2007|19:03] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [23/03/2008|11:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Arovax
    [12/10/2008|17:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [04/07/2008|01:03] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
    [19/04/2007|12:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [15/10/2007|18:05] D:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
    [14/10/2007|22:49] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [14/10/2007|22:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
    [17/11/2009|21:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\KONAMI
    [01/05/2007|20:56] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [08/03/2009|13:43] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [15/10/2007|18:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\New Owns Safe Surf
    [01/12/2009|17:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [14/10/2007|22:37] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [16/03/2007|17:49] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [24/02/2008|23:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [21/02/2007|10:38] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [20/11/2007|13:24] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [19/02/2008|12:12] D:\DOCUME~1\Nader\APPLIC~1\Adobe
    [21/10/2007|00:28] D:\DOCUME~1\Nader\APPLIC~1\ALLCapture
    [28/08/2009|17:41] D:\DOCUME~1\Nader\APPLIC~1\Apple Computer
    [17/05/2007|21:16] D:\DOCUME~1\Nader\APPLIC~1\ConvertTemp
    [11/10/2008|15:38] D:\DOCUME~1\Nader\APPLIC~1\DAEMON Tools
    [10/02/2008|12:14] D:\DOCUME~1\Nader\APPLIC~1\eMule
    [18/04/2007|00:15] D:\DOCUME~1\Nader\APPLIC~1\Google
    [27/02/2008|00:03] D:\DOCUME~1\Nader\APPLIC~1\Grisoft
    [09/06/2008|00:59] D:\DOCUME~1\Nader\APPLIC~1\Help
    [21/02/2007|10:42] D:\DOCUME~1\Nader\APPLIC~1\Identities
    [31/05/2007|19:35] D:\DOCUME~1\Nader\APPLIC~1\Lavasoft
    [01/03/2008|15:55] D:\DOCUME~1\Nader\APPLIC~1\ma-config.com
    [21/02/2007|10:48] D:\DOCUME~1\Nader\APPLIC~1\Macromedia
    [13/03/2009|19:18] D:\DOCUME~1\Nader\APPLIC~1\Microsoft
    [06/12/2008|22:04] D:\DOCUME~1\Nader\APPLIC~1\Mozilla
    [29/04/2007|19:17] D:\DOCUME~1\Nader\APPLIC~1\PPMate
    [16/09/2007|15:01] D:\DOCUME~1\Nader\APPLIC~1\ppstream
    [01/12/2009|17:28] D:\DOCUME~1\Nader\APPLIC~1\QuickScan
    [08/11/2007|19:10] D:\DOCUME~1\Nader\APPLIC~1\Samsung
    [23/08/2007|20:15] D:\DOCUME~1\Nader\APPLIC~1\Screenshot Sender
    [15/10/2007|18:33] D:\DOCUME~1\Nader\APPLIC~1\secondexitford
    [09/12/2007|20:31] D:\DOCUME~1\Nader\APPLIC~1\SopCast
    [07/11/2007|20:27] D:\DOCUME~1\Nader\APPLIC~1\Styler
    [21/02/2007|10:56] D:\DOCUME~1\Nader\APPLIC~1\Sun
    [15/12/2007|20:50] D:\DOCUME~1\Nader\APPLIC~1\Systweak
    [01/08/2008|14:25] D:\DOCUME~1\Nader\APPLIC~1\teamspeak2
    [30/06/2007|19:59] D:\DOCUME~1\Nader\APPLIC~1\Temporary
    [30/06/2007|19:59] D:\DOCUME~1\Nader\APPLIC~1\TransRender
    [26/11/2009|12:37] D:\DOCUME~1\Nader\APPLIC~1\uTorrent
    [25/04/2007|21:33] D:\DOCUME~1\Nader\APPLIC~1\vlc
    [23/11/2008|22:50] D:\DOCUME~1\Nader\APPLIC~1\XnView

    [21/02/2007|10:40] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [03/12/2009|05:17] D:\DOCUME~1\Paco\APPLIC~1\Adobe
    [03/12/2009|05:16] D:\DOCUME~1\Paco\APPLIC~1\Identities
    [03/12/2009|05:17] D:\DOCUME~1\Paco\APPLIC~1\Macromedia
    [03/12/2009|05:30] D:\DOCUME~1\Paco\APPLIC~1\Microsoft
    [03/12/2009|05:17] D:\DOCUME~1\Paco\APPLIC~1\Mozilla


    --------------------\\ Tâches planifiées dans D:\WINDOWS\tasks

    [01/11/2009 06:44][--a------] D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5ab669665ac6.job
    [28/08/2009 15:16][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [20/05/2007 00:49][--ah-----] D:\WINDOWS\tasks\SA.DAT
    [24/08/2001 17:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans D:\Program Files

    [19/06/2009|11:50] D:\Program Files\AbiWord
    [01/04/2009|19:46] D:\Program Files\Adobe
    [12/01/2008|11:49] D:\Program Files\Advanced System Optimizer
    [28/10/2007|20:07] D:\Program Files\Alcohol Soft
    [27/05/2007|12:41] D:\Program Files\Alwil Software
    [27/03/2008|14:24] D:\Program Files\AnalogX
    [28/08/2009|15:16] D:\Program Files\Apple Software Update
    [04/05/2009|20:25] D:\Program Files\Arovax AntiSpyware
    [01/12/2009|17:57] D:\Program Files\a-squared Free
    [12/10/2008|17:59] D:\Program Files\Avira
    [28/08/2009|15:18] D:\Program Files\Bonjour
    [19/04/2007|12:34] D:\Program Files\CCleaner
    [21/02/2007|10:35] D:\Program Files\ComPlus Applications
    [12/10/2008|21:11] D:\Program Files\Correctif Explorer
    [18/05/2008|20:24] D:\Program Files\CpuIdle95
    [21/06/2009|12:53] D:\Program Files\DivX
    [08/04/2007|10:06] D:\Program Files\DivXCodec
    [13/01/2008|18:07] D:\Program Files\DMV
    [10/02/2008|12:57] D:\Program Files\eChanblard
    [31/05/2009|16:18] D:\Program Files\eMule
    [17/01/2008|21:14] D:\Program Files\eToro
    [26/11/2009|17:43] D:\Program Files\Everest Poker
    [21/06/2009|12:53] D:\Program Files\Fichiers communs
    [25/04/2007|21:07] D:\Program Files\Freeplayer
    [05/04/2008|23:37] D:\Program Files\FreeUndelete
    [08/04/2007|10:06] D:\Program Files\Gabest
    [14/03/2008|22:34] D:\Program Files\GoldWave
    [21/06/2009|12:54] D:\Program Files\Google
    [08/04/2007|10:06] D:\Program Files\GordianKnot
    [27/02/2008|00:01] D:\Program Files\Grisoft
    [15/05/2008|13:35] D:\Program Files\Guitar Pro 5
    [14/11/2007|01:09] D:\Program Files\Help
    [08/03/2008|16:03] D:\Program Files\IDoser v4
    [13/02/2008|15:10] D:\Program Files\InstallShield Installation Information
    [11/05/2008|13:49] D:\Program Files\Internet Explorer
    [18/05/2008|17:45] D:\Program Files\IObit
    [28/08/2009|15:19] D:\Program Files\iPod
    [28/08/2009|15:19] D:\Program Files\iTunes
    [04/07/2008|00:56] D:\Program Files\IVT Corporation
    [14/03/2008|23:25] D:\Program Files\Java
    [10/06/2008|17:49] D:\Program Files\JitBit
    [10/06/2008|17:40] D:\Program Files\Jmgr.info
    [17/11/2009|21:30] D:\Program Files\KONAMI
    [01/12/2009|11:18] D:\Program Files\Lavalys
    [16/01/2008|14:49] D:\Program Files\ma-config.com
    [20/05/2007|01:39] D:\Program Files\Messenger
    [08/03/2009|13:57] D:\Program Files\Messenger Plus! Live
    [08/03/2009|13:40] D:\Program Files\Microsoft
    [07/11/2007|21:19] D:\Program Files\Microsoft Bootvis
    [21/02/2007|10:38] D:\Program Files\microsoft frontpage
    [08/03/2009|13:44] D:\Program Files\Microsoft Silverlight
    [24/02/2008|23:55] D:\Program Files\Microsoft SQL Server Compact Edition
    [08/03/2009|13:43] D:\Program Files\Microsoft Sync Framework
    [21/02/2007|10:38] D:\Program Files\movie maker
    [04/12/2009|21:20] D:\Program Files\Mozilla Firefox
    [21/02/2007|10:35] D:\Program Files\MSN
    [21/02/2007|10:35] D:\Program Files\MSN Gaming Zone
    [10/05/2008|13:28] D:\Program Files\MSXML 4.0
    [21/02/2007|10:36] D:\Program Files\NetMeeting
    [27/05/2007|21:54] D:\Program Files\newObjects
    [08/11/2007|18:37] D:\Program Files\NudgeMania
    [21/02/2007|10:35] D:\Program Files\Online Services
    [11/05/2008|13:46] D:\Program Files\Outlook Express
    [14/05/2008|19:54] D:\Program Files\Pando Networks
    [28/05/2007|19:55] D:\Program Files\PTDD Group
    [28/08/2009|15:18] D:\Program Files\QuickTime
    [07/11/2007|21:41] D:\Program Files\RAM Idle LE
    [15/12/2008|19:14] D:\Program Files\RamBoost XP
    [02/05/2007|19:02] D:\Program Files\Ratajik Software
    [08/11/2007|19:09] D:\Program Files\Samsung
    [10/10/2007|12:14] D:\Program Files\secondexitford
    [21/02/2007|10:36] D:\Program Files\Services en ligne
    [15/07/2008|17:29] D:\Program Files\SEUCDaS
    [20/11/2007|13:39] D:\Program Files\Shareaza
    [17/01/2008|21:01] D:\Program Files\SharkMate
    [05/10/2008|21:11] D:\Program Files\SopCast
    [14/10/2007|22:22] D:\Program Files\Spybot - Search & Destroy
    [07/11/2007|20:23] D:\Program Files\Stardock
    [08/11/2007|19:14] D:\Program Files\Styler
    [14/03/2008|23:25] D:\Program Files\Sun
    [19/05/2008|21:35] D:\Program Files\Teamspeak2_RC2
    [14/10/2007|22:18] D:\Program Files\Trend Micro
    [20/09/2009|19:42] D:\Program Files\TVAnts
    [13/01/2008|18:19] D:\Program Files\Tweak-XP Pro 4
    [21/02/2007|10:42] D:\Program Files\Uninstall Information
    [30/08/2007|14:28] D:\Program Files\uTorrent
    [07/11/2007|20:01] D:\Program Files\UxTheme Multipatcher Fr
    [16/01/2008|21:47] D:\Program Files\Veoh Networks
    [21/02/2007|10:47] D:\Program Files\VideoLAN
    [26/05/2007|12:20] D:\Program Files\VirtualDJ
    [08/03/2008|15:14] D:\Program Files\VTTV
    [08/11/2007|18:38] D:\Program Files\Webteh
    [08/03/2009|13:44] D:\Program Files\Windows Live
    [24/02/2008|23:55] D:\Program Files\Windows Live Favorites
    [08/03/2009|13:40] D:\Program Files\Windows Live SkyDrive
    [08/03/2009|13:43] D:\Program Files\Windows Live Toolbar
    [03/12/2009|22:33] D:\Program Files\Windows Media Player
    [14/04/2007|01:01] D:\Program Files\Windows NT
    [21/02/2007|10:36] D:\Program Files\WindowsUpdate
    [09/06/2008|00:59] D:\Program Files\WinRAR
    [20/09/2009|13:42] D:\Program Files\WinSCP
    [15/12/2007|20:53] D:\Program Files\WowCartographe
    [21/02/2007|10:38] D:\Program Files\xerox
    [20/05/2007|00:48] D:\Program Files\xp-AntiSpy
    [13/01/2008|18:19] D:\Program Files\Yahoo!
    [02/07/2008|13:59] D:\Program Files\YesMessenger

    --------------------\\ Listing des dossiers dans D:\Program Files\Fichiers communs

    [01/04/2009|19:46] D:\Program Files\Fichiers communs\Adobe
    [28/08/2009|15:19] D:\Program Files\Fichiers communs\Apple
    [21/02/2007|10:54] D:\Program Files\Fichiers communs\Blizzard Entertainment
    [21/06/2009|12:53] D:\Program Files\Fichiers communs\DivX Shared
    [26/02/2007|02:11] D:\Program Files\Fichiers communs\InstallShield
    [21/02/2007|10:51] D:\Program Files\Fichiers communs\Java
    [19/06/2009|11:50] D:\Program Files\Fichiers communs\Microsoft Shared
    [21/02/2007|10:36] D:\Program Files\Fichiers communs\MSSoap
    [27/05/2007|21:54] D:\Program Files\Fichiers communs\newObjects
    [21/02/2007|11:30] D:\Program Files\Fichiers communs\ODBC
    [21/02/2007|10:36] D:\Program Files\Fichiers communs\Services
    [21/02/2007|11:30] D:\Program Files\Fichiers communs\SpeechEngines
    [11/05/2008|13:46] D:\Program Files\Fichiers communs\System
    [08/03/2009|13:32] D:\Program Files\Fichiers communs\Windows Live
    [19/12/2007|20:24] D:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 21 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    D:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
    D:\DOCUME~1\Nader\LOCALS~1\Temp\nsp87.tmp

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 [ 70 ## added by CiD ]

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-05 11:28:53
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 299

    --------------------\\ Recherche d'autres infections

    D:\WINDOWS\system32\moXIRXbc.ini
    D:\WINDOWS\system32\moXIRXbc.ini2
    D:\WINDOWS\system32\nXEKnnmp.ini
    D:\WINDOWS\system32\nXEKnnmp.ini2
    ==> VUNDO <==

    --------------------\\ Cracks & Keygens ..

    D:\DOCUME~1\Nader\Application Data\uTorrent\Pro Evolution Soccer 2010 Crack Only & Serial Keys.zip.torrent
    D:\DOCUME~1\Nader\Mes documents\Downloads\Pro Evolution Soccer 2010 Crack Only & Serial Keys.zip
    D:\DOCUME~1\Nader\Mes documents\eMule Downloads\Incoming\keygen pes 2009 serial cds.zip
    D:\DOCUME~1\Nader\Mes documents\eMule Downloads\Incoming\pes 2009 crack-serial-keygen.exe


    [F:2833][D:244]-> D:\DOCUME~1\Nader\LOCALS~1\Temp
    [F:127][D:0]-> D:\DOCUME~1\Nader\Cookies
    [F:222][D:14]-> D:\DOCUME~1\Nader\LOCALS~1\TEMPOR~1\content.IE5

    1 - "D:\Lop SD\LopR_1.txt" - 05/12/2009|11:29 - Option : [1]

    --------------------\\ Fin du rapport a 11:29:40
    a c 267 8 Sécurité
    a b 9 Windows
    5 Décembre 2009 20:23:14

  • Relance Lop S&D.
    (Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS