Se connecter / S'enregistrer
Votre question

Virus avec message d'erreur ( Virusgarde)

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Septembre 2008 07:54:32

Bonjour tout le monde !

J'ai un réel problème sur mon ordinateur, un message d'erreur s'affiche constamment en me disant de télécharger un antivirus (virusgarde) je ne l'ai pas fait bien sur mais apparement j'ai été infecter puisque en re démarrant mon ordinateur plus rien ne marchait, je veux dire par là qu'il m'était impossible de manipuler mon ordinateur sans qu'il ne se bloque et donc je suis obligé de l'éteindre via l'unité centrale.
Je suis obligé de me mettre en Mode sans echec sinon je peux plus accéder a mon ordinateur.
J'espère que quelqun pourra m'aider.
Merci.

Autres pages sur : virus message erreur virusgarde

20 Septembre 2008 08:43:39

bonjour et [:bienvenue]

1

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

essaye de scanner en mode normal car en mode sans échec, je verrai moins de choses...

2

~Télécharge SmitfraudFix

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

~Dezippe la totalité de l'archive SmitfraudFix.zip
Recherche:
~Double clique sur SmitfraudFix.cmd
~Sélectionne 1 et presse Entrée dans le menu pour créer un rapport des fichiers responsables de l'infection. Le rapport se trouve à la racine du disque système C:\rapport.txt
~Poste ce rapport.
process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

20 Septembre 2008 10:00:02

Voici mon rapport pour Hijackthis, désolé je n'ai pas pu le faire en mode normal.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:46:37, on 20/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [BDWizReg] "C:\Program Files\BitDefender\BitDefender 2009\bdwizreg.exe" /complete
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Fan club Christophe Maé.lnk = C:\Program Files\Warner\Christophe_Mae\FanClubMae.exe
O4 - Startup: Widget_MTV.lnk = ?
O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - (no file)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - (no file)
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

--
End of file - 9825 bytes
Contenus similaires
20 Septembre 2008 10:33:19

Voilà mon rapport pour SmitfraudFix. Merci pour votre aide.

SmitFraudFix v2.352

Rapport fait à 10:28:25,52, 20/09/2008
Executé à partir de C:\Users\American Dream\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6001] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\wbem\wmiprvse.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\American Dream


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\American Dream\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\AMERIC~1\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000000


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Atheros AR5007EG Wireless Network Adapter
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{D3F07395-FF0B-4328-A750-11C477F67234}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D3F07395-FF0B-4328-A750-11C477F67234}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D3F07395-FF0B-4328-A750-11C477F67234}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin





20 Septembre 2008 13:44:31

re

on va faire autrement,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM


    20 Septembre 2008 18:55:02

    Voici mon rapport pour Malwarebytes.


    Malwarebytes' Anti-Malware 1.28
    Version de la base de données: 1181
    Windows 6.0.6001 Service Pack 1

    20/09/2008 18:50:55
    mbam-log-2008-09-20 (18-50-55).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 180363
    Temps écoulé: 51 minute(s), 6 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    20 Septembre 2008 19:23:50

    re

    Télécharge OTViewIt et sauvegarde-le sur ton bureau.

    * Ferme toutes les fenêtres et double-clique sur l'icône d'OTviewIT pour l'ouvrir.
    * Clique sur le bouton Run Scan et laisse le programme travailler sans l'interrompre.
    * Il va produire deux rapports, l'un nommé OTViewIt.txt, et un autre nommé Extras qui sera sauvegardé sur ton bureau. Merci de me poster les deux rapports dans ta prochaine réponse.
    20 Septembre 2008 20:47:01

    Voilà le rapport OTViewIt.Txt



    OTViewIt logfile created on: 20/09/2008 20:33:25 - Run 1
    OTViewIt by OldTimer - Version 1.0.7.0 Folder = C:\Users\American Dream\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JPBNVZTJ
    Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.6001.18000)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 79,20% Memory free
    4,00 Gb Paging File | 3,92 Gb Available in Paging File | 98,10% Paging File free
    Paging file location(s): ?:\pagefile.sys;

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 116,44 Gb Total Space | 33,96 Gb Free Space | 29,17% Space Free | Partition Type: NTFS
    Drive D: | 109,60 Gb Total Space | 42,09 Gb Free Space | 38,41% Space Free | Partition Type: NTFS
    Drive E: | 1007,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-AMERICAND
    Current User Name: American Dream
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Whitelist: On
    Files within: 30 Days

    ========== Processes - Non-Microsoft Only ==========
    [2008/09/20 20:33:02 | 00,424,448 | ---- | M] (OldTimer Tools) -- C:\Users\American Dream\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JPBNVZTJ\OTViewIt[1].exe

    ========== (O23) Win32 Services - Non-Microsoft Only ==========

    [2007/05/18 12:31:16 | 00,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService [Auto | Stopped])
    [2007/02/06 04:13:14 | 00,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService [Auto | Stopped])
    [2007/06/11 21:30:42 | 00,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv [Auto | Stopped])
    [2008/09/20 05:55:46 | 00,214,280 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP [On_Demand | Stopped])
    File not found -- %SystemRoot%\system32\svchost.exe -- (CertPropSvc [Unknown | Stopped])
    File not found -- %SystemRoot%\system32\svchost.exe -- (DcomLaunch [Unknown | Running])
    File not found -- %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
    File not found -- %systemroot%\system32\svchost.exe -- (Schedule [Unknown | Stopped])
    File not found -- %SystemRoot%\system32\svchost.exe -- (SCPolicySvc [Unknown | Stopped])
    [2006/12/29 02:17:50 | 00,123,248 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr [Auto | Stopped])
    File not found -- %SystemRoot%\servicing\TrustedInstaller.exe -- (TrustedInstaller [Unknown | Stopped])
    File not found -- %SystemRoot%\System32\svchost.exe -- (WdiServiceHost [Unknown | Stopped])
    File not found -- %SystemRoot%\System32\svchost.exe -- (WdiSystemHost [Unknown | Stopped])
    File not found -- %ProgramFiles%\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

    ========== Driver Services - Non-Microsoft Only ==========

    [2007/07/24 21:09:04 | 00,013,880 | ---- | M] () -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP [Auto | Stopped])
    File not found -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive [Disabled | Stopped])
    File not found -- C:\Users\AMERIC~1\AppData\Local\Temp\catchme.sys -- (catchme [On_Demand | Stopped])
    File not found -- -- (CLFS [Unknown | Running])
    [2006/12/28 10:17:17 | 00,018,688 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio [Auto | Stopped])
    File not found -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp [On_Demand | Stopped])
    File not found -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt [On_Demand | Stopped])
    File not found -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd [On_Demand | Stopped])
    [2008/02/16 16:21:59 | 00,716,272 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys -- (sptd [Boot | Running])
    [2008/09/20 05:55:45 | 00,108,368 | ---- | M] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\veteboot.sys -- (VETEBOOT [On_Demand | Stopped])
    [2008/09/20 05:55:45 | 00,880,560 | ---- | M] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vetefile.sys -- (VETEFILE [System | Stopped])


    ========== (R ) Internet Explorer ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&...
    "Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    "Default_Secondary_Page_URL"=
    "Extensions Off Page"=about:NoAdd-ons
    "Local Page"=C:\windows\system32\blank.htm
    "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    "Security Risk Page"=about:SecurityRisk
    "Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
    "CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    "Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    "Local Page"=C:\windows\system32\blank.htm
    "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    "Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&...
    "StartPageCache"=

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
    ""=http://home.microsoft.com/access/autosearch.asp?p=%s

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0
    "ProxyOverride" = *.local

    ========== (O1) Hosts File ==========

    HOSTS File = (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
    First 25 entries...
    127.0.0.1 localhost
    ::1 localhost

    ========== (O2) BHO's ==========

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
    {02478D38-C3F9-4efb-9B51-7695ECA05670} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Programmes\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll File not found
    {3049C3E9-B461-4BC5-8870-4C09146192CA} (HKLM) -- C:\Programmes\Real\RealPlayer\rpbrowserrecordplugin.dll File not found
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Programmes\Java\jre1.6.0_07\bin\ssv.dll File not found
    {7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
    {9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Programmes\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll File not found
    {AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- c:\Programmes\Google\GoogleToolbar1.dll File not found
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Programmes\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll File not found

    ========== (O3) Toolbars ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Programmes\Google\GoogleToolbar1.dll File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{381FFDE8-2394-4f90-B10D-FC6124A40F8C}" (HKLM) -- C:\Programmes\BitDefender\BitDefender 2009\IEToolbar.dll File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Programmes\MSN Toolbar\01.01.2607.0\fr\msntb.dll File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{D0943516-5076-4020-A3B5-AEFAF26AB263}" (HKLM) -- C:\Programmes\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll File not found

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Programmes\Google\GoogleToolbar1.dll File not found

    ========== (O4) Run Keys ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
    "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe File not found
    "ASUS Camera ScreenSaver"=C:\Windows\ASScrProlog.exe ()
    "ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe ()
    "ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE File not found
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min File not found
    "BDAgent"="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" File not found
    "BDWizReg"="C:\Program Files\BitDefender\BitDefender 2009\bdwizreg.exe" /complete File not found
    "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" File not found
    "CAVRID"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" File not found
    "cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" File not found
    "helpr"=C:\Program Files\SETI\helper.exe -loader -nolog File not found
    "InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe File not found
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" File not found
    "JMB36X IDE Setup"=C:\Windows\JM\JMInsIDE.exe ()
    "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe File not found
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime File not found
    "SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe File not found
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe File not found
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" File not found
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe File not found
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot File not found
    "Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide File not found

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    ""= File not found
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun File not found
    "LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
    "RegistryMechanic"=C:\Program Files\Registry Mechanic\RMTray.exe /H File not found
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun File not found
    "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon File not found
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
    "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide File not found

    ========== (O6 & O7) Current Version Policies ==========


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
    "ConsentPromptBehaviorAdmin"=2
    "ConsentPromptBehaviorUser"=1
    "EnableInstallerDetection"=1
    "EnableLUA"=1
    "EnableSecureUIAPaths"=1
    "EnableVirtualization"=1
    "PromptOnSecureDesktop"=1
    "ValidateAdminCodeSignatures"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "scforceoption"=0
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "FilterAdministratorToken"=0
    "EnableUIADesktopToggle"=0



    "CF_TEXT"=1
    "CF_BITMAP"=2
    "CF_OEMTEXT"=7
    "CF_DIB"=8
    "CF_PALETTE"=9
    "CF_UNICODETEXT"=13
    "CF_DIBV5"=17

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=157


    ========== (O8) IE Context Menu Extensions ==========

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
    E&xport to Microsoft Excel: C:\Programmes\Microsoft Office\Office12\EXCEL.EXE File not found

    ========== (O9) IE Extensions ==========

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Console Java (Sun) -- C:\Programmes\Java\jre1.6.0_07\bin\npjpi160_07.dll File not found
    {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Ajout Direct -- C:\Programmes\Windows Live\Writer\WriterBrowserExtension.dll File not found
    {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: &Ajout Direct dans Windows Live Writer -- C:\Programmes\Windows Live\Writer\WriterBrowserExtension.dll File not found
    {92780B25-18CC-41C8-B9BE-3C9C571A8263}: Research -- C:\Programmes\Microsoft Office\Office12\REFIEBAR.DLL File not found

    ========== (O12) Internet Explorer Plugins ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
    PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&m...
    PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

    ========== (O13) Default Prefixes ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
    ""=http://

    ========== (O16) DPF ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
    {8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... -- Java Plug-in 1.6.0_07
    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/curren... -- Reg Error: Key does not exist or could not be opened.
    {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... -- Java Plug-in 1.6.0
    {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-wind... -- Java Plug-in 1.6.0_04
    {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-wind... -- Java Plug-in 1.6.0_05
    {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... -- Java Plug-in 1.6.0_07
    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... -- Java Plug-in 1.6.0_07
    {D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... -- Shockwave Flash Object

    ========== (O17) DNS Name Servers ==========

    {934154C0-28F5-4452-AFBA-AEF7B2BA5650} (Servers: | Description: Sony Ericsson Device 616 USB Ethernet Emulation (NDIS 5))
    {AEDFBE27-9699-4167-AAF3-0EC881255659} (Servers: | Description: Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.0))
    {D3F07395-FF0B-4328-A750-11C477F67234} (Servers: | Description: Atheros AR5007EG Wireless Network Adapter)

    ========== Safeboot Options ==========

    "AlternateShell"=cmd.exe

    ========== CDRom AutoRun Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
    "AutoRun" = 1

    ========== Autorun Files on Drives ==========

    autoexec.bat [REM Dummy file for NTVDM | ]
    [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

    AutoRun []
    [2008/07/26 16:45:07 | 00,703,552 | R--- | M] (Electronic Arts Inc.) -- E:\AutoRun.exe -- [ UDF ]

    AutoRun.exe [MZ | ]
    [2008/07/26 16:45:07 | 00,703,552 | R--- | M] (Electronic Arts Inc.) -- E:\AutoRun.exe -- [ UDF ]

    AutoRunGUI.dll [MZ | ]
    [2008/07/26 16:45:08 | 00,662,592 | R--- | M] (Electronic Arts Inc.) -- E:\AutoRunGUI.dll -- [ UDF ]

    autorun.inf [[autorun] | open=Autorun.exe | Icon=Sims2EP8.ico | Name=The Sims 2 Apartment Life | | [Special] | Disk=1 | ProductGuiID={B6F5B704-06D3-4687-90F3-6195304AD755} | | ]
    [2008/07/26 16:44:48 | 00,000,156 | R--- | M] () -- E:\autorun.inf -- [ UDF ]



    ========== Files/Folders - Created Within 30 days ==========

    [2008/09/20 17:45:16 | 00,017,200 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2008/09/20 17:45:16 | 00,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2008/09/20 17:45:15 | 00,038,528 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2008/09/20 17:38:32 | 00,000,867 | ---- | C] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
    [2008/09/20 17:38:31 | 00,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml.dll
    [2008/09/20 17:38:31 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\STKIT432.DLL
    [2008/09/20 10:27:46 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\System32\Process.exe
    [2008/09/20 09:45:10 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\American Dream\Documents\HJTInstall.exe
    [2008/09/20 09:44:34 | 00,001,881 | ---- | C] () -- C:\Users\American Dream\Desktop\HijackThis.lnk
    [2008/09/20 07:39:50 | 00,000,759 | ---- | C] () -- C:\Users\American Dream\Documents\Navilog1.lnk
    [2008/09/20 07:34:45 | 00,571,505 | ---- | C] (IL-MAFIOSO ) -- C:\Users\American Dream\Documents\Navilog1.exe
    [2008/09/20 07:21:57 | 00,005,316 | ---- | C] () -- C:\Windows\System32\tmp.reg
    [2008/09/20 07:21:57 | 00,000,691 | ---- | C] () -- C:\Users\American Dream\AppData\Roaming\GetValue.vbs
    [2008/09/20 07:21:57 | 00,000,035 | ---- | C] () -- C:\Users\American Dream\AppData\Roaming\SetValue.bat
    [2008/09/20 07:21:03 | 00,289,144 | ---- | C] (S!Ri) -- C:\Windows\System32\VCCLSID.exe
    [2008/09/20 07:21:03 | 00,288,417 | ---- | C] (S!Ri) -- C:\Windows\System32\SrchSTS.exe
    [2008/09/20 07:21:03 | 00,135,168 | ---- | C] (SteelWerX) -- C:\Windows\System32\swreg.exe
    [2008/09/20 07:21:03 | 00,088,576 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\AntiXPVSTFix.exe
    [2008/09/20 07:21:03 | 00,086,528 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\VACFix.exe
    [2008/09/20 07:21:03 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.exe
    [2008/09/20 07:21:03 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe
    [2008/09/20 07:21:03 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\System32\404Fix.exe
    [2008/09/20 07:21:03 | 00,079,360 | ---- | C] (SteelWerX) -- C:\Windows\System32\swxcacls.exe
    [2008/09/20 07:21:03 | 00,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe
    [2008/09/20 07:21:03 | 00,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
    [2008/09/20 07:21:03 | 00,025,600 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe
    [2008/09/20 06:42:13 | 00,001,998 | ---- | C] () -- C:\Users\Public\Desktop\AntiVir PE Classic.lnk
    [2008/09/20 06:42:05 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
    [2008/09/20 06:42:05 | 00,028,352 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
    [2008/09/20 06:15:03 | 00,000,850 | ---- | C] () -- C:\Windows\System32\ProductTweaks.xml
    [2008/09/20 06:15:01 | 00,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
    [2008/09/20 06:01:00 | 00,002,042 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Total Security 2009.lnk
    [2008/09/20 05:55:54 | 00,108,368 | ---- | C] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\veteboot.sys
    [2008/09/20 05:55:53 | 00,880,560 | ---- | C] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vetefile.sys
    [2008/09/20 05:54:20 | 00,099,904 | ---- | C] (Computer Associates International, Inc.) -- C:\Windows\System32\isafeif.dll
    [2008/09/20 05:54:20 | 00,079,424 | ---- | C] (Computer Associates International, Inc.) -- C:\Windows\System32\vetredir.dll
    [2008/09/20 05:54:20 | 00,075,280 | ---- | C] (CA, Inc.) -- C:\Windows\System32\isafprod.dll
    [2008/09/20 05:54:20 | 00,032,528 | ---- | C] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vetmonnt.sys
    [2008/09/20 05:54:20 | 00,026,640 | ---- | C] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vet-filt.sys
    [2008/09/20 05:54:20 | 00,021,648 | ---- | C] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vetfddnt.sys
    [2008/09/20 05:54:20 | 00,021,392 | ---- | C] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vet-rec.sys
    [2008/09/20 05:11:37 | 06,870,339 | ---- | C] () -- C:\Users\American Dream\Documents\crispynews-050908_640.mp4
    [2008/09/20 05:11:30 | 07,529,311 | ---- | C] () -- C:\Users\American Dream\Documents\crispynews-080908.mp4
    [2008/09/20 05:11:16 | 07,536,174 | ---- | C] () -- C:\Users\American Dream\Documents\crispynews-090908.mp4
    [2008/09/20 05:10:54 | 08,092,830 | ---- | C] () -- C:\Users\American Dream\Documents\crispynews-150908.mp4
    [2008/09/20 05:10:39 | 16,602,702 | ---- | C] () -- C:\Users\American Dream\Documents\playhit-pc-120908.mp4
    [2008/09/20 05:10:02 | 08,471,183 | ---- | C] () -- C:\Users\American Dream\Documents\crispynews-160908.mp4
    [2008/09/20 05:05:26 | 08,471,923 | ---- | C] () -- C:\Users\American Dream\Documents\crispynews-170908.mp4
    [2008/09/20 04:30:14 | 00,002,901 | ---- | C] () -- C:\Users\American Dream\Documents\See you soon.gp4
    [2008/09/20 02:13:27 | 00,004,143 | ---- | C] () -- C:\Users\American Dream\Documents\See you soon.gp3
    [2008/09/20 02:13:06 | 00,051,991 | ---- | C] () -- C:\Users\American Dream\Documents\Yellow (2).gp3
    [2008/09/20 01:56:15 | 00,003,289 | ---- | C] () -- C:\Users\American Dream\Documents\Jeux interdits.gp3
    [2008/09/20 01:55:31 | 00,025,561 | ---- | C] () -- C:\Users\American Dream\Documents\Wonderwall (3).gp3
    [2008/09/19 20:05:07 | 01,968,195 | ---- | C] () -- C:\Users\American Dream\Documents\BO2ChristopheMaeendirect.mp3
    [2008/09/16 19:59:49 | 00,000,853 | ---- | C] () -- C:\Users\American Dream\Desktop\Virtual DJ Trial.lnk
    [2008/09/12 03:00:30 | 00,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2008/09/12 03:00:30 | 00,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
    [2008/09/12 03:00:30 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
    [2008/09/12 03:00:29 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
    [2008/09/12 03:00:28 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
    [2008/09/12 03:00:28 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
    [2008/09/12 03:00:28 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
    [2008/09/12 03:00:28 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
    [2008/09/12 03:00:28 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
    [2008/09/12 03:00:28 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
    [2008/09/12 03:00:27 | 11,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
    [2008/09/12 03:00:27 | 00,754,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
    [2008/09/12 03:00:27 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
    [2008/09/12 03:00:27 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
    [2008/09/12 03:00:27 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
    [2008/09/12 03:00:27 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
    [2008/09/12 03:00:27 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
    [2008/09/12 03:00:27 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
    [2008/09/12 03:00:27 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
    [2008/09/12 03:00:27 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
    [2008/09/12 03:00:27 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
    [2008/09/12 03:00:26 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
    [2008/09/12 03:00:26 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
    [2008/09/12 03:00:26 | 01,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
    [2008/09/12 03:00:26 | 00,439,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
    [2008/09/12 03:00:26 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
    [2008/09/12 03:00:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
    [2008/09/12 03:00:25 | 01,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
    [2008/09/12 03:00:25 | 00,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
    [2008/09/12 03:00:25 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
    [2008/09/12 03:00:25 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
    [2008/09/10 18:46:07 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
    [2008/09/10 18:45:07 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
    [2008/09/10 18:45:06 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
    [2008/09/10 18:43:38 | 00,565,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll
    [2008/09/10 18:43:37 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys
    [2008/09/10 18:43:37 | 00,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
    [2008/09/10 18:43:37 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys
    [2008/09/10 18:43:37 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
    [2008/09/10 18:43:36 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
    [2008/08/31 16:01:27 | 00,000,537 | ---- | C] () -- C:\Users\American Dream\Documents\Mes dossiers de partage.lnk
    [2008/08/30 21:32:51 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2008/08/30 21:31:08 | 00,001,733 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
    [2008/08/29 01:59:57 | 00,002,153 | ---- | C] () -- C:\Users\Public\Desktop\Les Sims™ 2 La Vie en Appartement.lnk
    [2008/08/29 01:56:22 | 00,000,181 | ---- | C] () -- C:\Users\American Dream\Documents\Document.rtf
    [2008/08/26 16:42:39 | 01,811,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
    [2008/08/26 16:42:39 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
    [2008/08/26 16:42:39 | 00,053,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
    [2008/08/26 16:42:39 | 00,045,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
    [2008/08/26 16:42:04 | 00,563,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
    [2008/08/26 16:42:04 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
    [2008/08/26 16:42:04 | 00,036,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
    [2008/08/26 16:41:45 | 00,163,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
    [2008/08/26 16:41:45 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
    [2008/08/23 19:57:11 | 00,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2008/08/23 19:45:51 | 00,238,206 | ---- | C] () -- C:\Users\American Dream\Documents\6XCA1DIX08-N.pdf
    [2008/08/23 19:45:46 | 00,418,474 | ---- | C] () -- C:\Users\American Dream\Documents\6XCA1DIX08-F.pdf

    ========== Files - Modified Within 30 days ==========

    [2008/09/20 19:54:47 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2008/09/20 19:44:14 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2008/09/20 19:44:14 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2008/09/20 19:44:14 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2008/09/20 17:47:02 | 00,001,356 | ---- | M] () -- C:\Users\American Dream\AppData\Local\d3d9caps.dat
    [2008/09/20 17:45:16 | 00,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2008/09/20 17:38:32 | 00,000,867 | ---- | M] () -- C:\Users\Public\Desktop\Registry Mechanic.lnk
    [2008/09/20 10:28:26 | 00,005,316 | ---- | M] () -- C:\Windows\System32\tmp.reg
    [2008/09/20 09:45:40 | 00,001,881 | ---- | M] () -- C:\Users\American Dream\Desktop\HijackThis.lnk
    [2008/09/20 09:45:10 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\American Dream\Documents\HJTInstall.exe
    [2008/09/20 08:15:18 | 00,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
    [2008/09/20 07:39:50 | 00,000,759 | ---- | M] () -- C:\Users\American Dream\Documents\Navilog1.lnk
    [2008/09/20 07:34:46 | 00,571,505 | ---- | M] (IL-MAFIOSO ) -- C:\Users\American Dream\Documents\Navilog1.exe
    [2008/09/20 07:33:40 | 00,000,691 | ---- | M] () -- C:\Users\American Dream\AppData\Roaming\GetValue.vbs
    [2008/09/20 07:33:40 | 00,000,035 | ---- | M] () -- C:\Users\American Dream\AppData\Roaming\SetValue.bat
    [2008/09/20 07:33:37 | 00,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2008/09/20 06:42:13 | 00,001,998 | ---- | M] () -- C:\Users\Public\Desktop\AntiVir PE Classic.lnk
    [2008/09/20 06:15:03 | 00,000,850 | ---- | M] () -- C:\Windows\System32\ProductTweaks.xml
    [2008/09/20 06:15:01 | 00,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
    [2008/09/20 06:14:47 | 00,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
    [2008/09/20 06:11:54 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
    [2008/09/20 06:08:34 | 00,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7AA3F663-3A3D-444A-9301-4C3419145266}.job
    [2008/09/20 06:01:00 | 00,002,042 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Total Security 2009.lnk
    [2008/09/20 05:58:01 | 01,535,446 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2008/09/20 05:58:01 | 00,682,174 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2008/09/20 05:58:01 | 00,598,850 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2008/09/20 05:58:01 | 00,129,296 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2008/09/20 05:58:01 | 00,106,120 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2008/09/20 05:55:45 | 00,880,560 | ---- | M] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\vetefile.sys
    [2008/09/20 05:55:45 | 00,108,368 | ---- | M] (Computer Associates International, Inc.) -- C:\Windows\System32\drivers\veteboot.sys
    [2008/09/20 05:11:38 | 06,870,339 | ---- | M] () -- C:\Users\American Dream\Documents\crispynews-050908_640.mp4
    [2008/09/20 05:11:31 | 07,529,311 | ---- | M] () -- C:\Users\American Dream\Documents\crispynews-080908.mp4
    [2008/09/20 05:11:17 | 07,536,174 | ---- | M] () -- C:\Users\American Dream\Documents\crispynews-090908.mp4
    [2008/09/20 05:10:55 | 08,092,830 | ---- | M] () -- C:\Users\American Dream\Documents\crispynews-150908.mp4
    [2008/09/20 05:10:40 | 16,602,702 | ---- | M] () -- C:\Users\American Dream\Documents\playhit-pc-120908.mp4
    [2008/09/20 05:10:03 | 08,471,183 | ---- | M] () -- C:\Users\American Dream\Documents\crispynews-160908.mp4
    [2008/09/20 05:05:26 | 08,471,923 | ---- | M] () -- C:\Users\American Dream\Documents\crispynews-170908.mp4
    [2008/09/20 04:30:14 | 00,002,901 | ---- | M] () -- C:\Users\American Dream\Documents\See you soon.gp4
    [2008/09/20 02:13:28 | 00,004,143 | ---- | M] () -- C:\Users\American Dream\Documents\See you soon.gp3
    [2008/09/20 02:13:07 | 00,051,991 | ---- | M] () -- C:\Users\American Dream\Documents\Yellow (2).gp3
    [2008/09/20 01:56:15 | 00,003,289 | ---- | M] () -- C:\Users\American Dream\Documents\Jeux interdits.gp3
    [2008/09/20 01:55:31 | 00,025,561 | ---- | M] () -- C:\Users\American Dream\Documents\Wonderwall (3).gp3
    [2008/09/19 20:05:14 | 01,968,195 | ---- | M] () -- C:\Users\American Dream\Documents\BO2ChristopheMaeendirect.mp3
    [2008/09/19 19:38:58 | 00,000,537 | ---- | M] () -- C:\Users\American Dream\Documents\Mes dossiers de partage.lnk
    [2008/09/19 18:00:46 | 00,000,426 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan.job
    [2008/09/19 12:26:48 | 00,082,944 | ---- | M] (S!Ri.URZ) -- C:\Windows\System32\IEDFix.C.exe
    [2008/09/17 05:56:52 | 00,371,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2008/09/16 22:27:03 | 00,101,408 | ---- | M] () -- C:\Users\American Dream\AppData\Local\GDIPFONTCACHEV1.DAT
    [2008/09/16 19:59:49 | 00,000,853 | ---- | M] () -- C:\Users\American Dream\Desktop\Virtual DJ Trial.lnk
    [2008/09/11 02:37:53 | 00,216,064 | ---- | M] () -- C:\Users\American Dream\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/09/10 00:04:02 | 00,038,528 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2008/09/10 00:03:56 | 00,017,200 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2008/09/08 23:38:55 | 00,088,576 | ---- | M] (S!Ri.URZ) -- C:\Windows\System32\AntiXPVSTFix.exe
    [2008/09/02 16:51:48 | 00,086,528 | ---- | M] (S!Ri.URZ) -- C:\Windows\System32\VACFix.exe
    [2008/08/30 21:32:51 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2008/08/30 21:31:08 | 00,001,733 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
    [2008/08/29 01:59:58 | 00,002,153 | ---- | M] () -- C:\Users\Public\Desktop\Les Sims™ 2 La Vie en Appartement.lnk
    [2008/08/29 01:56:22 | 00,000,181 | ---- | M] () -- C:\Users\American Dream\Documents\Document.rtf
    [2008/08/23 19:57:11 | 00,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2008/08/23 19:45:55 | 00,238,206 | ---- | M] () -- C:\Users\American Dream\Documents\6XCA1DIX08-N.pdf
    [2008/08/23 19:45:51 | 00,418,474 | ---- | M] () -- C:\Users\American Dream\Documents\6XCA1DIX08-F.pdf

    < End of report >
    20 Septembre 2008 20:52:15

    Et le rapport Extras.Txt.



    OTViewIt Extras logfile created on: 20/09/2008 20:33:25 - Run NETWORK
    OTViewIt by OldTimer - Version 1.0.7.0 Folder = C:\Users\American Dream\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JPBNVZTJ
    Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.6001.18000)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 79,20% Memory free
    4,00 Gb Paging File | 3,92 Gb Available in Paging File | 98,10% Paging File free
    Paging file location(s): ?:\pagefile.sys;

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 116,44 Gb Total Space | 33,96 Gb Free Space | 29,17% Space Free | Partition Type: NTFS
    Drive D: | 109,60 Gb Total Space | 42,09 Gb Free Space | 38,41% Space Free | Partition Type: NTFS
    Drive E: | 1007,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-AMERICAND
    Current User Name: American Dream
    Logged in as Administrator.

    Current Boot Mode: SafeMode with Networking
    Scan Mode: Current user
    Whitelist: On
    Files within: 30 Days


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Programmes\Mozilla Firefox\firefox.exe File not found
    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval"=0
    "AntiVirusDisableNotify"=0x00000000
    "FirewallDisableNotify"=0x00000000
    "UpdatesDisableNotify"=0x00000000
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring"=1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
    "DisableMonitoring"=1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride"=0
    "AntiSpywareOverride"=0
    "FirewallOverride"=0
    "VistaSp1"=

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

    ========== (O10) Winsock2 Catalogs ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
    NameSpace_Catalog5\Catalog_Entries\000000000006 [mdnsNSP] -- C:\Programmes\Bonjour\mdnsNSP.dll File not found

    ========== HKEY_LOCAL_MACHINE Protocol Defaults ==========


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols
    ldap -- 4 = Restricted sites (Not a Default Protocol)
    news -- 4 = Restricted sites (Not a Default Protocol)
    nntp -- 4 = Restricted sites (Not a Default Protocol)
    oecmd -- 4 = Restricted sites (Not a Default Protocol)
    snews -- 4 = Restricted sites (Not a Default Protocol)

    ========== (O18) Protocol Handlers ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
    File not found C:\Programmes\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
    File not found C:\Programmes\Common Files\microsoft shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])
    File not found C:\Programmes\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
    File not found C:\Programmes\Windows Live\Mail\mailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])

    ========== (O18) Protocol Filters ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
    File not found C:\Programmes\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01521746-02A6-4A72-00BD-A285DF6B80C6}"=Les Sims 2 Académie
    "{02DFF6B1-1654-411C-8D7B-FD6052EF016F}"=Apple Software Update
    "{0405E51E-9582-4207-8F38-AC44201D3808}"=VeohTV BETA
    "{081A4A10-6762-7C14-47B9-AB10A2A06D9E}"=Catalyst Control Center Localization Polish
    "{08CA9554-B5FE-4313-938F-D4A417B81175}"=QuickTime
    "{0954A149-5F2B-A6B0-C83C-9DA111BE5E53}"=Catalyst Control Center Localization Danish
    "{0A2BCB52-6F89-8BBF-C0F2-C2FC82E6971A}"=Catalyst Control Center Localization Finnish
    "{0CA6047C-D28B-4295-834A-07C52BA20C2D}"=Extension de Windows Live Toolbar (Windows Live Toolbar)
    "{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}"=Menus intelligents (Windows Live Toolbar)
    "{0D05ADA4-990C-2D2A-27FF-7E7F14BA24BA}"=CCC Help French
    "{0D3C3444-3111-EA59-0624-7EE94E2E5686}"=Catalyst Control Center Localization Greek
    "{127B30EC-DE94-9504-7F81-10671F494E28}"=Catalyst Control Center Localization Russian
    "{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}"=ATK Media
    "{1543DF98-127D-8926-B554-1C7ABFE5B0A1}"=CCC Help Dutch
    "{16EC75A4-189B-CAF9-F69F-23613D0A51AE}"=CCC Help Chinese Traditional
    "{18D10072035C4515918F7E37EAFAACFC}"=AutoUpdate
    "{1A8A214F-6BAC-4E01-A27D-25C19A484908}"=Norton Security Scan
    "{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}"=ASUS Data Security Manager
    "{1D24764E-A5E1-0249-519A-7982236F5807}"=CCC Help Japanese
    "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}"=LifeFrame2
    "{1FB4E4B8-11A0-00C8-5ECD-9F641C99CFDF}"=Catalyst Control Center Core Implementation
    "{1FF1FE39-DED2-6C64-2B6C-5B4CF574A49A}"=Catalyst Control Center Graphics Full New
    "{22C1B575-C746-46F2-80A3-EE9612AF5FAA}"=Guitar Pro 4 Demo
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer
    "{24ED4D80-8294-11D5-96CD-0040266301AD}"=FinePixViewer Ver.5.4
    "{25D2097A-9636-E50D-126B-7CA5359B9D93}"=Catalyst Control Center Localization Dutch
    "{28006915-2739-4EBE-B5E8-49B25D32EB33}"=Atheros Driver Installation Program
    "{2B802EBE-CDAD-477C-9AD4-069615D377EB}"=Remote Controller
    "{2CCBABCB-6427-4A55-B091-49864623C43F}"=Google Toolbar for Firefox
    "{2D651E80-0489-D1E5-7C3C-86D77B7094B1}"=CCC Help Danish
    "{2F39B6B7-D038-0D19-B052-99A34FDC0766}"=ccc-utility
    "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}"=Sony Ericsson PC Suite 3.209.00
    "{3248F0A8-6813-11D6-A77B-00B0D0160000}"=Java(TM) SE Runtime Environment 6
    "{3248F0A8-6813-11D6-A77B-00B0D0160040}"=Java(TM) 6 Update 4
    "{3248F0A8-6813-11D6-A77B-00B0D0160050}"=Java(TM) 6 Update 5
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
    "{32A3A4F4-B792-11D6-A78A-00B0D0160000}"=Java(TM) SE Development Kit 6
    "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}"=ATK Hotkey
    "{399EFE89-C5FE-A72E-F575-CC71C3AB3B3A}"=Catalyst Control Center Localization Czech
    "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}"=JMB36X Raid Configurer
    "{3A8C58D0-31E3-BE89-9AFC-74768CB04B8F}"=Catalyst Control Center Localization Korean
    "{3DE0053C-FD9A-483E-B7C9-B06E4392206E}"=iTunes
    "{3DFF4274-EBB0-4356-9692-972965018954}"=Windows Live Writer
    "{406B38D8-D58C-1540-13BE-1C6C6E9B11C0}"=CCC Help Polish
    "{41237E96-9821-75A7-DA0E-2BF94EE2CDD5}"=Catalyst Control Center Localization Swedish
    "{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}"=Bonjour
    "{4817189D-1785-4627-A33C-39FD90919300}"=Les Sims™ 2 Animaux & Cie
    "{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}"=Apple Mobile Device Support
    "{4B35F00C-E63D-40DC-9839-DF15A33EAC46}"=Grand Theft Auto Vice City
    "{4CCCB1D0-267E-58AF-CE19-84D796BC0DD5}"=CCC Help Greek
    "{4CE74ABA-92C8-B38E-B3DB-D4350C86A97D}"=CCC Help Finnish
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml
    "{57B15AD4-8C9D-4164-82BB-E33D8644E757}"=ASUS InstantFun
    "{59F6A514-9813-47A3-948C-8A155460CC2A}"=RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
    "{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}"=ATKOSD2
    "{617D1D16-5CDE-52F8-33D3-38D5FB6A11EB}"=CCC Help Swedish
    "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}"=NB Probe
    "{64D0A6CB-261D-10CF-5E55-4DFA847DE453}"=CCC Help English
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}"=Activation Assistant for the 2007 Microsoft Office suites
    "{76354313-9792-CADB-39EC-9943BBFD5BD4}"=CCC Help Russian
    "{76BBBB6B-46D0-86D3-FB38-C342D1FC3F33}"=Catalyst Control Center Localization Hungarian
    "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}"=Avanquest update
    "{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}"=Windows Live Favorites pour Windows Live Toolbar
    "{798AB915-0472-F348-26B0-1D40F9278BF0}"=CCC Help Czech
    "{7B02E9D3-03D9-1662-CE24-C2F972C53D5F}"=CCC Help German
    "{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}"=Les Sims 2 : La bonne affaire
    "{7B63B2922B174135AFC0E1377DD81EC2}"=DivX Codec
    "{81B5F83F-2291-48B0-8375-36B63A9BF5B0}"=Surligneur (Windows Live Toolbar)
    "{83F73CB1-7705-49D1-9852-84D839CA2A45}"=Wireless Console 2
    "{856BFFEE-7A5C-B6A1-0C21-CBC83F4C5940}"=Catalyst Control Center Localization Spanish
    "{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}"=Les Sims™ 2 Quartier Libre
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}"=Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
    "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}"=ATI AVIVO Codecs
    "{8ACF317C-CA66-4363-AEBF-A073B124AA1A}"=BitDefender Total Security 2009
    "{8ADFC4160D694100B5B8A22DE9DCABD9}"=DivX Player
    "{8CFEBE9C-F29F-4C49-80E0-7106970F8734}"=Power4Gear eXtreme
    "{90120000-0015-0407-0000-0000000FF1CE}"=Microsoft Office Access MUI (German) 2007
    "{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0015-0409-0000-0000000FF1CE}"=Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0015-040C-0000-0000000FF1CE}"=Microsoft Office Access MUI (French) 2007
    "{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0015-0410-0000-0000000FF1CE}"=Microsoft Office Access MUI (Italian) 2007
    "{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{741A792D-4ED8-4C66-B32E-A47865FA1163}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0015-0413-0000-0000000FF1CE}"=Microsoft Office Access MUI (Dutch) 2007
    "{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{4059772C-68BA-4FE4-9B6E-3EC37C0C4624}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0016-0407-0000-0000000FF1CE}"=Microsoft Office Excel MUI (German) 2007
    "{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0016-0409-0000-0000000FF1CE}"=Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0016-040C-0000-0000000FF1CE}"=Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0016-0410-0000-0000000FF1CE}"=Microsoft Office Excel MUI (Italian) 2007
    "{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{741A792D-4ED8-4C66-B32E-A47865FA1163}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0016-0413-0000-0000000FF1CE}"=Microsoft Office Excel MUI (Dutch) 2007
    "{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{4059772C-68BA-4FE4-9B6E-3EC37C0C4624}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0018-0407-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (German) 2007
    "{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0018-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0018-040C-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0018-0410-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (Italian) 2007
    "{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{741A792D-4ED8-4C66-B32E-A47865FA1163}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0018-0413-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (Dutch) 2007
    "{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{4059772C-68BA-4FE4-9B6E-3EC37C0C4624}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0019-0407-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (German) 2007
    "{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0019-0409-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0019-040C-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (French) 2007
    "{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0019-0410-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (Italian) 2007
    "{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{741A792D-4ED8-4C66-B32E-A47865FA1163}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0019-0413-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (Dutch) 2007
    "{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{4059772C-68BA-4FE4-9B6E-3EC37C0C4624}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001A-0407-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (German) 2007
    "{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001A-0409-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001A-040C-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (French) 2007
    "{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001A-0410-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (Italian) 2007
    "{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{741A792D-4ED8-4C66-B32E-A47865FA1163}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001A-0413-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (Dutch) 2007
    "{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{4059772C-68BA-4FE4-9B6E-3EC37C0C4624}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001B-0407-0000-0000000FF1CE}"=Microsoft Office Word MUI (German) 2007
    "{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001B-0409-0000-0000000FF1CE}"=Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001B-040C-0000-0000000FF1CE}"=Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{A0353900-21A2-42CF-B973-883500A027F7}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001B-0410-0000-0000000FF1CE}"=Microsoft Office Word MUI (Italian) 2007
    "{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{741A792D-4ED8-4C66-B32E-A47865FA1163}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001B-0413-0000-0000000FF1CE}"=Microsoft Office Word MUI (Dutch) 2007
    "{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{4059772C-68BA-4FE4-9B6E-3EC37C0C4624}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0401-0000-0000000FF1CE}"=Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{5A2F65A4-808F-4A1E-973E-92E17824982D}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0407-0000-0000000FF1CE}"=Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0410-0000-0000000FF1CE}"=Microsoft Office Proof (Italian) 2007
    "{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{58FC5E37-DD28-4D4A-A549-125744C6763C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0413-0000-0000000FF1CE}"=Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-002C-0407-0000-0000000FF1CE}"=Microsoft Office Proofing (German) 2007
    "{90120000-002C-0409-0000-0000000FF1CE}"=Microsoft Office Proofing (English) 2007
    "{90120000-002C-040C-0000-0000000FF1CE}"=Microsoft Office Proofing (French) 2007
    "{90120000-002C-0410-0000-0000000FF1CE}"=Microsoft Office Proofing (Italian) 2007
    "{90120000-002C-0413-0000-0000000FF1CE}"=Microsoft Office Proofing (Dutch) 2007
    "{90120000-006E-0407-0000-0000000FF1CE}"=Microsoft Office Shared MUI (German) 2007
    "{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-006E-0409-0000-0000000FF1CE}"=Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-006E-040C-0000-0000000FF1CE}"=Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}"=Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
    "{90120000-006E-0410-0000-0000000FF1CE}"=Microsoft Office Shared MUI (Italian) 2007
    "{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{B9896689-DF51-4A16-AAD5-002622D86C72}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-006E-0413-0000-0000000FF1CE}"=Microsoft Office Shared MUI (Dutch) 2007
    "{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{1120A001-69F4-43D2-83CE-716B2DC4366F}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0115-0409-0000-0000000FF1CE}"=Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{90120000-0117-0409-0000-0000000FF1CE}"=Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{91120000-0031-0000-0000-0000000FF1CE}"=Microsoft Office Professional Hybrid 2007
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
    "{98701D78-F1D1-0E29-8023-F9E894FF59EA}"=CCC Help Spanish
    "{9C244239-ED8E-40f1-937F-51C706CD2160}"=Les Sims™ 2 Deluxe
    "{A383D9AD-CAC2-E23F-7435-BE6F67D388D4}"=Catalyst Control Center Localization Norwegian
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}"=Microsoft Visual C++ 2005 Redistributable
    "{A5B5A08F-B036-A287-5D95-FAD80CB8DA06}"=Catalyst Control Center Localization Italian
    "{A70FA218-6598-4AC9-813D-63597C5DD068}"=Galerie de photos Windows Live
    "{AB67580-257C-45FF-B8F4-C8C30682091A}_is1"=SIW version 2008-06-04
    "{AC76BA86-7AD7-1036-7B44-A90000000001}"=Adobe Reader 9 - Français
    "{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Assistant de connexion Windows Live
    "{B13A7C41581B411290FBC0395694E2A9}"=DivX Converter
    "{B16D88EF-BDB0-2406-E305-B4B065A72895}"=CCC Help Chinese Standard
    "{B44529FF-501E-47CD-A06D-223C161BE058}"=FinePixViewer Resource
    "{B6F5B704-06D3-4687-90F3-6195304AD755}"=Les Sims™ 2 La Vie en Appartement
    "{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player
    "{B9379C03-DBF6-A319-E2F3-4A0654823CAF}"=Catalyst Control Center Localization Chinese Traditional
    "{BADF6744-3787-48F6-B8C9-4C4995401D65}"=Windows Live Messenger
    "{BC61F51E-8AF7-46B9-AF20-B33B5EE81036}"=Nero 7 Essentials
    "{BF164526-430F-442D-D773-C5C076B4955C}"=Catalyst Control Center Localization Portuguese
    "{BF4DED3E-8A05-826F-28FF-9F0EF302B163}"=Catalyst Control Center Graphics Full Existing
    "{C0FC1C14-4824-4A73-87A6-9E888C9C3102}"=ASUS Splendid Video Enhancement Technology
    "{C207AF6C-7842-808F-7129-6A88DCFDE5E7}"=Catalyst Control Center Localization French
    "{C514C594-23AA-4F13-A070-DB8BDB27594F}"=Windows Live Mail
    "{C5AE976A-AEF3-FBDF-70AD-FC2E849500CB}"=Catalyst Control Center Localization Thai
    "{C5B11056-B6BB-04D6-6658-E01DCACC5C1D}"=ccc-core-static
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
    "{CD09B971-1686-5FED-94B5-62A08F570FAE}"=CCC Help Hungarian
    "{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}"=LightScribe 1.8.13.1
    "{D0267F74-FA5F-FAE5-FB25-2646959C759D}"=Catalyst Control Center Localization German
    "{D1D94F8D-92B7-1D4D-CFDF-875E49B46B5A}"=CCC Help Italian
    "{D3B861DE-E34C-7C3F-A447-D8A6B2E335E5}"=CCC Help Turkish
    "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}"=ATK Generic Function Service
    "{D6D49348-94E1-5633-16F6-4C9ADFC79E2A}"=Catalyst Control Center Localization Chinese Standard
    "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}"=Google Toolbar for Internet Explorer
    "{DD2F3E22-A07B-9E2E-9213-0AC0ADF3B95E}"=CCC Help Thai
    "{DE10AB76-4756-4913-BE25-55D1C1051F9A}"=WinFlash
    "{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}"=Les Sims™ 2 Au fil des saisons
    "{E3049411-0A2E-575D-047A-9856EB5840C7}"=CCC Help Norwegian
    "{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}"=FinePix Studio
    "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}"=ASUS Live Update
    "{E75A4B2C-E7DE-E630-B3DF-67A9E4E88B74}"=CCC Help Korean
    "{EBDCC291-F184-B181-712A-BAB8CB391187}"=Catalyst Control Center Graphics Light
    "{ECB9AC46-FB1C-595E-80B3-6F9B63BD5F73}"=Catalyst Control Center Localization Japanese
    "{ED71FC9C-1019-8C2F-4129-62F40AACE34B}"=CCC Help Portuguese
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}"=Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0F0802E-94B6-C513-0594-F4F96917A031}"=ATI Catalyst Install Manager
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver
    "{F248ADFA-64E0-4b03-8A83-059078BED6A0}"=Les Sims™ 2 Bon Voyage
    "{F4E261A3-6AE0-606E-D82B-15178F59320D}"=Catalyst Control Center Localization Turkish
    "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}"=Windows Live installer
    "Activation Assistant for the 2007 Microsoft Office suites"=Activation Assistant for the 2007 Microsoft Office suites
    "Ad-Aware SE Personal"=Ad-Aware SE Personal
    "Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
    "Adobe Shockwave Player"=Adobe Shockwave Player 11
    "AntiVir PersonalEdition Classic"=Avira AntiVir Personal - Free Antivirus
    "Asus_Camera_ScreenSaver"=Asus_Camera_ScreenSaver
    "Audacity_is1"=Audacity 1.2.6
    "AviSynth"=AviSynth 2.5
    "Fan club Christophe Maé"=le Fan club Christophe Maé 1.2
    "Google Updater"=Outil de mise à jour Google
    "HijackThis"=HijackThis 2.0.2
    "InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}"=VeohTV BETA
    "LimeWire"=LimeWire 4.16.6
    "Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
    "Messenger Plus! Live"=Messenger Plus! Live
    "Mozilla Firefox (2.0.0.12)"=Mozilla Firefox (2.0.0.12)
    "MSN Toolbar"=Barre d'outils MSN
    "Navilog1_is1"=Navilog1 3.6.5
    "PhotoFiltre"=PhotoFiltre
    "PROHYBRIDR"=2007 Microsoft Office system
    "RealArcade 1.2"=RealArcade
    "RealPlayer 6.0"=RealPlayer
    "Registry Mechanic_is1"=Registry Mechanic 8.0
    "Shell MegaPack ActiveX_is1"=Shell MegaPack ActiveX 9.0
    "SMSERIAL"=Motorola SM56 Speakerphone Modem
    "ST6UNST #1"=Ftp Rapide
    "SynTPDeinstKey"=Synaptics Pointing Device Driver
    "USB2.0 1.3M WebCam"=USB2.0 1.3M WebCam
    "VETWIN32Vp5"=CA Anti-Virus
    "Videora iPod Converter"=Videora iPod Converter 3.04
    "Virtual DJ - Atomix Productions"=Virtual DJ - Atomix Productions
    "VLC media player"=VideoLAN VLC media player 0.8.6d
    "WinRAR archiver"=Archiveur WinRAR

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "22f82b3f50101e0a"=DRM Dumpster

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 07/09/2008 11:06:58 | Computer Name = PC-de-AmericanD | Source = Application Error | ID = 1000
    Description = Application défaillante LiveUpdt.exe, version 2.0.0.0, horodatage
    0x469f1637, module défaillant kernel32.dll, version 6.0.6001.18000, horodatage 0x4791a76d,
    code d’exception 0xe06d7363, décalage d’erreur 0x000442eb, ID du processus 0x3670,
    heure de début de l’application 0x01c910fae6af5b10.

    Error - 08/09/2008 18:37:02 | Computer Name = PC-de-AmericanD | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 7.0.6001.18000, horodatage
    0x47918f11, module défaillant jscript.dll, version 5.7.0.18068, horodatage 0x482376a4,
    code d’exception 0xc0000005, décalage d’erreur 0x00020c73, ID du processus 0xc0c,
    heure de début de l’application 0x01c9105e7ff9bbbc.

    Error - 09/09/2008 09:33:26 | Computer Name = PC-de-AmericanD | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 7.0.6001.18000, horodatage
    0x47918f11, module défaillant jscript.dll, version 5.7.0.18068, horodatage 0x482376a4,
    code d’exception 0xc0000005, décalage d’erreur 0x00020c73, ID du processus 0xc46c,
    heure de début de l’application 0x01c912036ed36780.

    Error - 11/09/2008 09:50:37 | Computer Name = PC-de-AmericanD | Source = Application Error | ID = 1000
    Description = Application défaillante LiveUpdt.exe, version 2.0.0.0, horodatage
    0x469f1637, module défaillant kernel32.dll, version 6.0.6001.18000, horodatage 0x4791a76d,
    code d’exception 0xe06d7363, décalage d’erreur 0x000442eb, ID du processus 0x1504,
    heure de début de l’application 0x01c91414d23c98c0.

    Error - 12/09/2008 07:39:44 | Computer Name = PC-de-AmericanD | Source = Application Error | ID = 1000
    Description = Application défaillante LiveUpdt.exe, version 2.0.0.0, horodatage
    0x469f1637, module défaillant kernel32.dll, version 6.0.6001.18000, horodatage 0x4791a76d,
    code d’exception 0xe06d7363, décalage d’erreur 0x000442eb, ID du processus 0x16f8,
    heure de début de l’application 0x01c914cbb3b0fbd1.

    Error - 12/09/2008 13:50:17 | Computer Name = PC-de-AmericanD | Source = Application Error | ID = 1000
    Description = Application défaillante LiveUpdt.exe, version 2.0.0.0, horodatage
    0x469f1637, module défaillant kernel32.dll, version 6.0.6001.18000, horodatage 0x4791a76d,
    code d’exception 0xe06d7363, décalage d’erreur 0x000442eb, ID du processus 0xc00,
    heure de début de l’application 0x01c914ff8a88cc91.

    Error - 12/09/2008 22:53:28 | Computer Name = PC-de-AmericanD | Source = EventSystem | ID = 4621
    Description =

    Error - 13/09/2008 09:39:59 | Computer Name = PC-de-AmericanD | Source = Application Error | ID = 1000
    Description = Application défaillante LiveUpdt.exe, version 2.0.0.0, horodatage
    0x469f1637, module défaillant kernel32.dll, version 6.0.6001.18000, horodatage 0x4791a76d,
    code d’exception 0xe06d7363, décalage d’erreur 0x000442eb, ID du processus 0x10b8,
    heure de début de l’application 0x01c915a5bee049c4.

    Error - 14/09/2008 11:13:22 | Computer Name = PC-de-AmericanD | Source = Application Error | ID = 1000
    Description = Application défaillante LiveUpdt.exe, version 2.0.0.0, horodatage
    0x469f1637, module défaillant kernel32.dll, version 6.0.6001.18000, horodatage 0x4791a76d,
    code d’exception 0xe06d7363, décalage d’erreur 0x000442eb, ID du processus 0x4bc4,
    heure de début de l’application 0x01c9167bc98e6270.

    Error - 14/09/2008 20:11:35 | Computer Name = PC-de-AmericanD | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 7.0.6001.18000, horodatage
    0x47918f11, module défaillant mshtml.dll, version 7.0.6001.18099, horodatage 0x4864684e,
    code d’exception 0xc0000005, décalage d’erreur 0x0006c0ab, ID du processus 0x1440,
    heure de début de l’application 0x01c915e3c3e44784.

    [ Media Center Events ]
    Error - 14/06/2008 15:14:51 | Computer Name = PC-de-AmericanD | Source = Media Center Guide | ID = 0
    Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32
    GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media
    Center Guide

    Error - 15/06/2008 16:19:45 | Computer Name = PC-de-AmericanD | Source = Media Center Guide | ID = 0
    Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32
    GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media
    Center Guide

    Error - 21/06/2008 05:49:57 | Computer Name = PC-de-AmericanD | Source = Media Center Guide | ID = 0
    Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32
    GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media
    Center Guide

    Error - 29/06/2008 10:05:02 | Computer Name = PC-de-AmericanD | Source = Media Center Guide | ID = 0
    Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32
    GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media
    Center Guide

    Error - 05/07/2008 04:33:19 | Computer Name = PC-de-AmericanD | Source = Media Center Guide | ID = 0
    Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32
    GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media
    Center Guide

    Error - 11/07/2008 00:53:37 | Computer Name = PC-de-AmericanD | Source = Media Center Guide | ID = 0
    Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32
    GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media
    Center Guide

    Error - 14/07/2008 17:15:13 | Computer Name = PC-de-AmericanD | Source = Media Center Guide | ID = 0
    Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32
    GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media
    Center Guide

    Error - 19/08/2008 22:09:28 | Computer Name = PC-de-AmericanD | Source = Media Center Guide | ID = 0
    Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32
    GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media
    Center Guide

    Error - 03/09/2008 14:09:44 | Computer Name = PC-de-AmericanD | Source = Media Center Guide | ID = 0
    Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32
    GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media
    Center Guide

    Error - 14/09/2008 09:57:22 | Computer Name = PC-de-AmericanD | Source = Media Center Guide | ID = 0
    Description = Info sur l’événement : ERROR: SqmApiWrapper.TimerRecord failed; Win32
    GetLastError returned 10000105 Processus : DefaultDomain Nom de l’objet : Media
    Center Guide

    [ System Events ]
    Error - 13/05/2008 07:54:05 | Computer Name = PC-de-AmericanD | Source = DCOM | ID = 10010
    Description =

    Error - 13/05/2008 08:05:07 | Computer Name = PC-de-AmericanD | Source = ACPI | ID = 327686
    Description = IRQARB : le BIOS ACP ne contient pas un IRQ pour le périphérique dans
    le connecteur PCI 7, fonction 0. Contactez le fabricant de votre ordinateur pour
    une assistance technique.

    Error - 13/05/2008 08:05:08 | Computer Name = PC-de-AmericanD | Source = ACPI | ID = 327686
    Description = IRQARB : le BIOS ACP ne contient pas un IRQ pour le périphérique dans
    le connecteur PCI 6, fonction 0. Contactez le fabricant de votre ordinateur pour
    une assistance technique.

    Error - 13/05/2008 08:07:05 | Computer Name = PC-de-AmericanD | Source = Service Control Manager | ID = 7009
    Description =

    Error - 13/05/2008 08:07:05 | Computer Name = PC-de-AmericanD | Source = Service Control Manager | ID = 7000
    Description =

    Error - 13/05/2008 09:48:03 | Computer Name = PC-de-AmericanD | Source = EventLog | ID = 6008
    Description = L'arrêt système précédant à 15:45:39 le 13/05/2008 n'était pas prévu.

    Error - 13/05/2008 11:07:45 | Computer Name = PC-de-AmericanD | Source = EventLog | ID = 6008
    Description = L'arrêt système précédant à 17:06:06 le 13/05/2008 n'était pas prévu.

    Error - 13/05/2008 11:09:17 | Computer Name = PC-de-AmericanD | Source = Service Control Manager | ID = 7009
    Description =

    Error - 13/05/2008 11:09:17 | Computer Name = PC-de-AmericanD | Source = Service Control Manager | ID = 7000
    Description =

    Error - 13/05/2008 12:29:27 | Computer Name = PC-de-AmericanD | Source = EventLog | ID = 6008
    Description = L'arrêt système précédant à 18:27:49 le 13/05/2008 n'était pas prévu.


    < End of report >
    20 Septembre 2008 22:18:00

    bonsoir
    pas de trace de VirusGarde
    en plus, normalement, je l'aurais vu avec Smitfraudfix ou avec Malwarebytes' Anti-Malware

    tu peux me faire un log hijackthis en mode normal stp
    22 Septembre 2008 05:55:41

    Je pense aussi que ce n'est pas VirusGarde j'avais penser a cette hypothèse en voyant les témoignages sur le net.
    J'ai fait une restauration du systeme (j'ai restaurer mon ordinateur jusqu'à la date du 20, là où tout mes problèmes ont commencer).
    Cela a marcher, car en rallumant mon ordinateur, tout marchait donc j'ai pu effectuer les tests necessaires et j'ai pu faire marcher Avira AntiVir et Malware bytes'.
    Je vous retranscrit le rapport de Malware bytes' et le rapport de Hijackthis.


    Le rapport de Malware Bytes'.


    Malwarebytes' Anti-Malware 1.28
    Version de la base de données: 1186
    Windows 6.0.6001 Service Pack 1

    22/09/2008 05:20:46
    mbam-log-2008-09-22 (05-20-40).txt

    Type de recherche: Examen rapide
    Eléments examinés: 45316
    Temps écoulé: 9 minute(s), 19 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Somefox (Trojan.FakeAlert) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    22 Septembre 2008 05:57:17

    Le rapport de HijackThis.



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:46:37, on 20/09/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Safe mode with network support

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
    O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
    O4 - HKLM\..\Run: [BDWizReg] "C:\Program Files\BitDefender\BitDefender 2009\bdwizreg.exe" /complete
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: Fan club Christophe Maé.lnk = C:\Program Files\Warner\Christophe_Mae\FanClubMae.exe
    O4 - Startup: Widget_MTV.lnk = ?
    O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - (no file)
    O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - (no file)
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
    O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

    --
    End of file - 9825 bytes
    22 Septembre 2008 20:37:46

    re

    Tu as mal lu la procédure:
    dans ton rapport:
    Citation :
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Somefox (Trojan.FakeAlert)-> No action taken.


    Quand l'outil a trouvé quelque-chose, à la fin, il faut cliquer sur "Supprimer la sélection".

    Recommence stp


    tu pourrais me faire un log hijackthis en mode normal stp ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS