PROBLEME VIRUS PEUT PLUS RIEN OUVRIR

il y a un probleme il me dit "les modifications apportés au lecteur H après ce point ne peuvent être annulés car le lecteur a soit été exclu de l'analyse de restauration du système ou a été mis hors tension ou retire "alors que le disque dur externe H est allumé je ne comprend pas puis je fais "ok" et aprés je clique sur suivant mais sa ne fait rien !!
Et SUPER MAINTENANT JE N'EST PLUS DE SON !!!! sa menerve

voila le résultat :

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1712
Windows 5.1.2600 Service Pack 3

31/01/2009 14:23:43
mbam-log-2009-01-31 (14-23-43).txt

Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 90114
Temps écoulé: 54 minute(s), 51 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 13
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
C:\Documents and Settings\Riviere\Application Data\Microsoft\Windows\lsass.exe (Trojan.Agent) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Delete on reboot.

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Lsass Service (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (regedit.exe %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{85899217-bc8a-41d7-a732-5d4d75c0bfcf}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{85899217-bc8a-41d7-a732-5d4d75c0bfcf}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{e54385d6-e9ac-4915-9ae9-5a8fd860958b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{85899217-bc8a-41d7-a732-5d4d75c0bfcf}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{85899217-bc8a-41d7-a732-5d4d75c0bfcf}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{e54385d6-e9ac-4915-9ae9-5a8fd860958b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{85899217-bc8a-41d7-a732-5d4d75c0bfcf}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{85899217-bc8a-41d7-a732-5d4d75c0bfcf}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{e54385d6-e9ac-4915-9ae9-5a8fd860958b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.5,85.255.112.25 -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\Riviere\Application Data\m (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Documents and Settings\Riviere\Local Settings\Temp\DivX.Codec.8.0.beta3006.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Riviere\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Riviere\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Riviere\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Riviere\Application Data\Microsoft\Windows\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\S-6-7-83-100024198-100021248-100011970-9935.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Riviere\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Riviere\Application Data\drivers\winupgro.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\gaopdxypujoiov.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\gaopdxmgcghrgb.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\gaopdxmyvvgogj.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\gaopdxqxfppown.sys (Trojan.Agent) -> Quarantined and deleted successfully.

###################### [ FindyKill V4.715 ]

# User : Riviere - RIVIERE-537D526
# Executed from : C:\Program Files\FindyKill
# Update on 29/01/09Nby Chiquitine29
# Start at 18:15:28 the 31/01/2009
# Windows XP - Internet Explorer 7.0.5730.13

# [ FindyKill V4.715 - Deleting ] ###############

\\\\\\\\\\\\\\\\\\ [ Active Processes ] ///////////////////


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe

\\\\\\\\\\\\\\\\\\ [ Infected Files / Folders ] ///////////////////


################## [ C:\ ]

Deleted ! - "C:\Avenger\m\shared"
Deleted ! - "C:\Avenger\m"
Deleted ! - C:\Avenger\flec006.exe
Deleted ! - C:\Avenger\winupgro.exe
Deleted ! - "C:\Avenger"

################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\Prefetch ]

Deleted ! - C:\WINDOWS\prefetch\1123000.EXE-06AC9E85.pf
Deleted ! - C:\WINDOWS\prefetch\15670546.EXE-13842D9F.pf
Deleted ! - C:\WINDOWS\prefetch\15685968.EXE-0F96AEC4.pf
Deleted ! - C:\WINDOWS\prefetch\15833234.EXE-057CAED7.pf
Deleted ! - C:\WINDOWS\prefetch\15915125.EXE-02286E09.pf
Deleted ! - C:\WINDOWS\prefetch\15955953.EXE-3A89410F.pf
Deleted ! - C:\WINDOWS\prefetch\193531.EXE-15C41143.pf
Deleted ! - C:\WINDOWS\prefetch\199796.EXE-2CE3AE54.pf
Deleted ! - C:\WINDOWS\prefetch\209515.EXE-187D601E.pf
Deleted ! - C:\WINDOWS\prefetch\211015.EXE-0689944C.pf
Deleted ! - C:\WINDOWS\prefetch\226937.EXE-304C1902.pf
Deleted ! - C:\WINDOWS\prefetch\276187.EXE-17154EAD.pf
Deleted ! - C:\WINDOWS\prefetch\30492046.EXE-27847A40.pf
Deleted ! - C:\WINDOWS\prefetch\30666250.EXE-10017AD1.pf
Deleted ! - C:\WINDOWS\prefetch\30761500.EXE-010A54EC.pf
Deleted ! - C:\WINDOWS\prefetch\30809671.EXE-0CF4DA4A.pf
Deleted ! - C:\WINDOWS\prefetch\375125.EXE-34DA5315.pf
Deleted ! - C:\WINDOWS\prefetch\406921.EXE-11C7046E.pf
Deleted ! - C:\WINDOWS\prefetch\443187.EXE-1555ADD2.pf
Deleted ! - C:\WINDOWS\prefetch\498093.EXE-29D9324C.pf
Deleted ! - C:\WINDOWS\prefetch\505406.EXE-11138CB0.pf
Deleted ! - C:\WINDOWS\prefetch\539375.EXE-1A5557CD.pf
Deleted ! - C:\WINDOWS\prefetch\604671.EXE-2383F474.pf
Deleted ! - C:\WINDOWS\prefetch\608453.EXE-0408490E.pf
Deleted ! - C:\WINDOWS\prefetch\621687.EXE-21B20CA2.pf
Deleted ! - C:\WINDOWS\prefetch\630484.EXE-01BE767D.pf
Deleted ! - C:\WINDOWS\prefetch\687625.EXE-0B84505F.pf
Deleted ! - C:\WINDOWS\prefetch\FLEC006.EXE-0BC526D6.pf
Deleted ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Deleted ! - C:\WINDOWS\prefetch\MIXVIBES DVS 7 CRACK+KEYGEN.E-0586957B.pf
Deleted ! - C:\WINDOWS\prefetch\PATCH.EXE-377B3F22.pf
Deleted ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

################## [ C:\WINDOWS\system32 ]

Deleted ! - C:\WINDOWS\system32\mdelk.exe
Deleted ! - C:\WINDOWS\system32\wintems.exe
Deleted ! - C:\WINDOWS\system32\ban_list.txt

################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\Documents and Settings\Riviere\Application Data ]

Deleted ! - "C:\Documents and Settings\Riviere\Application Data\drivers\srosa2.sys"
Deleted ! - "C:\Documents and Settings\Riviere\Application Data\drivers\wfsintwq.sys"
Deleted ! - "C:\Documents and Settings\Riviere\Application Data\drivers\winupgro.exe"
Deleted ! - "C:\Documents and Settings\Riviere\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\Riviere\Application Data\drivers"

################## [ C:\DOCUME~1\Riviere\LOCALS~1\Temp ]


################## [ C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5 ]

Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\FRZ3UC4O\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\JG4KPHHF\b64[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\JG4KPHHF\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\JG4KPHHF\b64_2[2].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\JG4KPHHF\b64_6[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\JG4KPHHF\servernames[1].htm
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\KZNPNYLT\b64[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\KZNPNYLT\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\KZNPNYLT\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\KZNPNYLT\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\KZNPNYLT\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\KZNPNYLT\b64_6[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\KZNPNYLT\b64_6[2].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\KZNPNYLT\file[1].txt
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\KZNPNYLT\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\M0KPB2U6\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\M0KPB2U6\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\M0KPB2U6\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\M0KPB2U6\b64_2[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\M0KPB2U6\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\M0KPB2U6\b64_6[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\M0KPB2U6\mxd[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\RE0Z6I7S\b64[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\RE0Z6I7S\b64_1[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\RE0Z6I7S\b64_1[2].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\RE0Z6I7S\b64_1[3].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\RE0Z6I7S\b64_3[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\RE0Z6I7S\b64_3[2].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\RE0Z6I7S\b64_3[3].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\RE0Z6I7S\b64_6[1].jpg
Deleted ! - C:\Documents and Settings\Riviere\Local Settings\Temporary Internet Files\Content.IE5\RE0Z6I7S\mxd[1].jpg

\\\\\\\\\\\\\\\\\\ [ Registry / Infected keys ] ///////////////////

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_USER\Software\bisoft
Deleted ! - HKEY_CURRENT_USER\Software\DateTime4
Deleted ! - HKEY_CURRENT_USER\Software\FirtR
Deleted ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\Local AppWizard-Generated Applications\MsnMsgr
Deleted ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\Local AppWizard-Generated Applications\winupgro
Deleted ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\FFC
Deleted ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\MuleAppData

\\\\\\\\\\\\\\\\\\ [ States / Restarting of services ] ///////////////////

# Safe boot mode restored !

# Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - # Type of startup = 3

EapHost - # Type of startup = 2

Ip6Fw - # Type of startup = 2

SharedAccess - # Type of startup = 2

wuauserv - # Type of startup = 2

wscsvc - # Type of startup = 2


\\\\\\\\\\\\\\\\\\ [ Cleaning Removable drives ] ///////////////////

# Informations :

C: - Lecteur fixe

E: - Lecteur fixe

H: - Lecteur fixe


# deleting files :

Deleted ! - H:\autorun.inf

\\\\\\\\\\\\\\\\\\ [ Registry / Mountpoint2 ] ///////////////////


-> Not found !


\\\\\\\\\\\\\\\\\\ [ Searching Other Infections ] ///////////////////

Références de comparaison Bagle MD5 :

1ee245c1 C:\Avenger\winupgro.exe
bd9ab7c10dc6f41f4b7f006e3dbfa057 C:\Avenger\winupgro.exe

2a47bdb6 C:\Documents and Settings\Riviere\Application Data\drivers\winupgro.exe
1e8dcee42629aacc87cb0e61ec03b88d C:\Documents and Settings\Riviere\Application Data\drivers\winupgro.exe

Suspect ! - 1e8dcee42629aacc87cb0e61ec03b88d C:\Program Files\MSN Messenger\msnmsgr.exe

\\\\\\\\\\\\\\\\\\ [ Searching Cracks / Keygen ] ///////////////////

C:\Documents and Settings\Riviere\Mes documents\Logiciel\Acoustica Mixcraft 4.1 Build 88\Crack
C:\Documents and Settings\Riviere\Mes documents\Logiciel\Acoustica Mixcraft 4.1 Build 88\Crack\Mixcraft4.exe
C:\Documents and Settings\Riviere\Mes documents\Ma musique\crooklyn clan , dj beat breaker etc!\Siren Samples and stuff\alarm sounds\crackle-alarm.aif
C:\Documents and Settings\Riviere\Mes documents\Ma musique\Musik US\Eminem__Crack_A_Bottle_feat_Dr.Dre_50_Cent.mp3
C:\Documents and Settings\Riviere\Mes documents\Mes Jeux\Crack.NFS.UnderCover.by.Filou69.TeamWawa.rar
C:\Documents and Settings\Riviere\Recent\Atomix Virtual DJ 4.1 Full (Cracked).lnk
C:\Documents and Settings\Riviere\Recent\crack serial Acoustica Mixcraft 4.lnk
C:\Documents and Settings\Riviere\Recent\FL Studio 7 XXL + Crack + Samples + Software Edicion de Audio.lnk
C:\Documents and Settings\Riviere\Recent\MixVibes Pro 6.21 + Crack.lnk
C:\Documents and Settings\Riviere\Recent\SERIAL Adobe Illustrator 10 - French Crack - SPARTATEUR.lnk

################## [ ! End of report # ! ]

ba j'ai supprimer les cracks a par ceux la je les trouve pas :
C:\Documents and Settings\Riviere\Recent\Atomix Virtual DJ 4.1 Full (Cracked).lnk
C:\Documents and Settings\Riviere\Recent\crack serial Acoustica Mixcraft 4.lnk
C:\Documents and Settings\Riviere\Recent\FL Studio 7 XXL + Crack + Samples + Software Edicion de Audio.lnk
C:\Documents and Settings\Riviere\Recent\MixVibes Pro 6.21 + Crack.lnk
C:\Documents and Settings\Riviere\Recent\SERIAL Adobe Illustrator 10 - French Crack - SPARTATEUR.lnk

et en ce moment je fais une analyse avec malwarebytes et est que je vous envoi un rapport après ??

###################### [ FindyKill V4.715 ]

# User : Riviere - RIVIERE-537D526
# Emplacement : C:\Program Files\FindyKill
# Outils Mis a jours 29/01/09 par Chiquitine29
# Recherche effectuée à 17:34:45 le 31/01/2009
# Windows XP - Internet Explorer 7.0.5730.13

# [ FindyKill V4.715 - Scan ] ##############

\\\\\\\\\\\\\\\\\\\\ [ Processus actifs ] ///////////////////


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\bcd2kcpan.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Documents and Settings\Riviere\Application Data\drivers\winupgro.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wintems.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe

\\\\\\\\\\\\\\\\\\ [ Processus infectieux stoppés ] ///////////////////


"C:\Documents and Settings\Riviere\Application Data\drivers\winupgro.exe" (1768)
"C:\WINDOWS\system32\wintems.exe" (2656)


\\\\\\\\\\\\\\\\\\ [ Fichiers/Dossiers infectieux ] ///////////////////


################## [ C:\ ]

Found ! [31/01/2009 14:25] - "C:\Avenger"

################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\Prefetch ]

Found ! - C:\WINDOWS\prefetch\1123000.EXE-06AC9E85.pf
Found ! - C:\WINDOWS\prefetch\15670546.EXE-13842D9F.pf
Found ! - C:\WINDOWS\prefetch\15685968.EXE-0F96AEC4.pf
Found ! - C:\WINDOWS\prefetch\15833234.EXE-057CAED7.pf
Found ! - C:\WINDOWS\prefetch\15915125.EXE-02286E09.pf
Found ! - C:\WINDOWS\prefetch\15955953.EXE-3A89410F.pf
Found ! - C:\WINDOWS\prefetch\193531.EXE-15C41143.pf
Found ! - C:\WINDOWS\prefetch\199796.EXE-2CE3AE54.pf
Found ! - C:\WINDOWS\prefetch\209515.EXE-187D601E.pf
Found ! - C:\WINDOWS\prefetch\211015.EXE-0689944C.pf
Found ! - C:\WINDOWS\prefetch\226937.EXE-304C1902.pf
Found ! - C:\WINDOWS\prefetch\276187.EXE-17154EAD.pf
Found ! - C:\WINDOWS\prefetch\30492046.EXE-27847A40.pf
Found ! - C:\WINDOWS\prefetch\30666250.EXE-10017AD1.pf
Found ! - C:\WINDOWS\prefetch\30761500.EXE-010A54EC.pf
Found ! - C:\WINDOWS\prefetch\30809671.EXE-0CF4DA4A.pf
Found ! - C:\WINDOWS\prefetch\375125.EXE-34DA5315.pf
Found ! - C:\WINDOWS\prefetch\406921.EXE-11C7046E.pf
Found ! - C:\WINDOWS\prefetch\443187.EXE-1555ADD2.pf
Found ! - C:\WINDOWS\prefetch\498093.EXE-29D9324C.pf
Found ! - C:\WINDOWS\prefetch\505406.EXE-11138CB0.pf
Found ! - C:\WINDOWS\prefetch\539375.EXE-1A5557CD.pf
Found ! - C:\WINDOWS\prefetch\604671.EXE-2383F474.pf
Found ! - C:\WINDOWS\prefetch\608453.EXE-0408490E.pf
Found ! - C:\WINDOWS\prefetch\621687.EXE-21B20CA2.pf
Found ! - C:\WINDOWS\prefetch\630484.EXE-01BE767D.pf
Found ! - C:\WINDOWS\prefetch\687625.EXE-0B84505F.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0BC526D6.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\Prefetch\MIXVIBES DVS 7 CRACK+KEYGEN.E-0586957B.pf
Found ! - C:\WINDOWS\Prefetch\MIXVIBES DVS 7 CRACK+KEYGEN.E-0586957B.pf
Found ! - C:\WINDOWS\Prefetch\MIXVIBES DVS 7 CRACK+KEYGEN.E-0586957B.pf
Found ! - C:\WINDOWS\Prefetch\MIXVIBES DVS 7 CRACK+KEYGEN.E-0586957B.pf
Found ! - C:\WINDOWS\Prefetch\PATCH.EXE-377B3F22.pf

################## [ C:\WINDOWS\system32 ]

Found ! [31/01/2009 14:29] - C:\WINDOWS\system32\mdelk.exe
Found ! [31/01/2009 14:29] - C:\WINDOWS\system32\wintems.exe
Found ! [31/01/2009 17:30] - C:\WINDOWS\system32\ban_list.txt

################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\Documents and Settings\Riviere\Application Data ]

Found ! [31/01/2009 14:25] - "C:\Documents and Settings\Riviere\Application Data\drivers"
Found ! [31/01/2009 14:25] - "C:\Documents and Settings\Riviere\Application Data\drivers\srosa2.sys"
Found ! [31/01/2009 14:25] - "C:\Documents and Settings\Riviere\Application Data\drivers\wfsintwq.sys"
Found ! [14/10/2004 06:05] - "C:\Documents and Settings\Riviere\Application Data\drivers\winupgro.exe"
Found ! [31/01/2009 14:29] - "C:\Documents and Settings\Riviere\Application Data\drivers\downld"

################## [ C:\DOCUME~1\Riviere\LOCALS~1\Temp ]


\\\\\\\\\\\\\\\\\\ [ Registre / Startup ] ///////////////////

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
msnmsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
DAEMON Tools Lite="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
EA Core="C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ShStatEXE="C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
McAfeeUpdaterUI="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
RTHDCPL=RTHDCPL.EXE
Alcmtr=ALCMTR.EXE
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz=nwiz.exe /install
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
BCD2000=%SystemRoot%\system32\bcd2kcpan.exe
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
WinampAgent="C:\Program Files\Winamp\winampa.exe"
NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
BtTray="C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
USBFW=C:\Program Files\Net Studio\USB FireWall\USB FireWall.exe
KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\DestComp]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\hpoWIZ08]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MsnMsgr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\setup]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]

\\\\\\\\\\\\\\\\\\ [ Registre / Clés infectieuses ] ///////////////////


Found ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-606747145-583907252-1177238915-1003\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\MsnMsgr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | drvsyskit
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | german.exe
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | mule_st_key

/!\ Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1

\\\\\\\\\\\\\\\\\\ [ Etat / Services ] ///////////////////

# Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

/!\ Mode sans echec non fonctionnel !!

# Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

/!\ Mode sans echec non fonctionnel !!

# Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

/!\ Mode sans echec non fonctionnel !!


# Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - # Type de démarrage = 4

EapHost - # Type de démarrage = 3

/!\ Ip6Fw - # Type de démarrage = 4

/!\ SharedAccess - # Type de démarrage = 4

/!\ wuauserv - # Type de démarrage = 4

/!\ wscsvc - # Type de démarrage = 4


\\\\\\\\\\\\\\\\\\ [ Recherche dans supports amovibles] ///////////////////


# Informations :

C: - Lecteur fixe

E: - Lecteur fixe


# presence des fichiers :



\\\\\\\\\\\\\\\\\\ [ Registre / Mountpoint2 ] ///////////////////


-> Not found !


################## [ ! Fin du rapport # FindyKill V4.715 ! ]

okok

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1712
Windows 5.1.2600 Service Pack 3

31/01/2009 19:21:57
mbam-log-2009-01-31 (19-21-57).txt

Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 86701
Temps écoulé: 41 minute(s), 30 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)




VOILA que fais je maintenant ?? est ce que tout remarche je n'est pas encore essayer

je suis super content !!!!! ma platine , le son et msn remarche nikel !!!! mais mon antivirus ne veut pas s'activer !! c'est bizarre

oui mais le probleme c'est que si je le desinstalle je pourrais plus l'installer parcque ce n'est pas moi qui installer ce logiciel comment je fais alor?

oui c'est mon pc mais vu que c'est le pote de mon frere qui a mis les logiciel donc je n'est pas le logiciel pour réinstallé

okok mais c'est lui qui a tous moi j'ai rien sinon j'ai le cd d'un antivirus MCafee Internetsecuritysuite 2005 7.0 qui je m'en rappele etait bien .
est ce que celui la est bon ?? ou sinon ou je peut en avoir un bien gratuit

mais sinon j"ai un autre mcafee celui que je te dit internetsecuritysuite 7.0 il est pas bon celui la ?

okok mais avant que je face sa je tes juste demander que si je desinstalle le Mcafee que je n'est pas que c'est le pote de mon frere qu'il la et que moi je reinstalle un AUTRE Mcafee que j*ai le CD celui la par contre et il s'apelle Mcafee Internetsecuritysuite 2005 7.0 .et je te demandé si celui la était bien vu que celui la j'ai le cd mais c un 2005 version 7.0 c pour sa

okok ba je vais installé antivir le temps que j'ai lautre et je vais faire les trucs que ta di au dessus avec ccleaner merci beaucoup de ton aide !!!!! parcke *sinon je serais dan la merde encore merci

des que j'ai installer antivir je fais une analyse complete en mode sans echec ???

voila j'ai installé et j'ai fais tous ce que tu m'a dis en mode sans echec etc.... et aucun virus detecté voila voila merci beaucoup de ton aide !!!!! a+