VIRUS USB + MAJ impossible Antivirus

Résolu
NONO -  
 Utilisateur anonyme -
Bonjour,

Je sais qu'il existe bien des topic sur ce virus, néanmoins je ne m'en sort pas...
Mon PC est infecté par le virus "au travail" ( déclenché par le processus "wscript.exe" ) et semble contaminer tous mes périphérique USB, dont mon HDD externe ... Je cherche donc la solution pour nettoyer mes periphérique de ce virus.

Pour mon pc je compte formater, car mes pages Google sont redirigé, impossible d'installer Spybot ( "error sending request" lors de l'install ) les mises à jours de mon antivirus sont bloqués ( j'ai testé 3 antivirus differents, et le constat est le meme...) bref, ça devient impossible a gérer.

Si quelqu'un connais la solutions pour m'éviter de formater je suis preneur ! ( sachant que le mode sans échec de mon pc ne fonctionne plus...)

Merci de votre aide !!
A voir également:

59 réponses

Précédent
Réponse 41 / 59
SeiFeR_HxC Messages postés 35 Date d'inscription   Statut Membre Dernière intervention  
 
Ha !!! voila , les mise a jour remarche ! spybot s'installe, malwarebytes s'est mis a jour, niquel !
et curieusement j'ai gagner 2 GO sur mon DD ?

Je pense que tout est rentré dans l'ordre, alors vraiment merci beaucoup pour ton aide et ta patience !

Une derniere question, l'antivirus AVG est vraiment efficace ?

Encore merci !!
0
Réponse 42 / 59
Utilisateur anonyme
 
houla

attend , met malewarebyte a jours et lance un scan rapide stp et post le rapport
0
Réponse 43 / 59
SeiFeR_HxC Messages postés 35 Date d'inscription   Statut Membre Dernière intervention  
 
Ok ^^ voila le rapport ;


Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1855
Windows 5.1.2600 Service Pack 2

16/03/2009 18:44:26
mbam-log-2009-03-16 (18-44-23).txt

Type de recherche: Examen rapide
Eléments examinés: 68457
Temps écoulé: 6 minute(s), 13 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Hijack.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Hijack.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Hijack.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 44 / 59
Utilisateur anonyme
 
t as supprimé la selection ?

Télécharge ToolsCleaner sur ton bureau.
-->
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 59
SeiFeR_HxC Messages postés 35 Date d'inscription   Statut Membre Dernière intervention  
 
Oui j'ai supprimé la selection
0
Réponse 46 / 59
Utilisateur anonyme
 
ok passe toolcleaner ensuiet on fera le point ;)
0
Réponse 47 / 59
SeiFeR_HxC Messages postés 35 Date d'inscription   Statut Membre Dernière intervention  
 
Rapport de ToolsCleaner :



[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\fixnavi.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\SDFIX: trouvé !
C:\HijackThis: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\Fabien\Bureau\SdFix.exe: trouvé !
C:\Documents and Settings\Fabien\Bureau\Navilog1.exe: trouvé !
C:\Documents and Settings\Fabien\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Fabien\Bureau\Procedure Antivirus ALL\Navilog1.lnk: trouvé !
C:\Documents and Settings\Fabien\Bureau\Procedure Antivirus ALL\SmitFraudFix.exe: trouvé !
C:\Documents and Settings\Fabien\Bureau\Procedure Antivirus ALL\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\Fabien\Bureau\Procedure Antivirus ALL\Rsit.exe: trouvé !
C:\Documents and Settings\Fabien\Bureau\Procedure Antivirus ALL\SmitFraudfix: trouvé !
C:\HiJackThis\HijackThis.exe: trouvé !
C:\HiJackThis\hijackthis.log: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\Fabien\Bureau\SdFix.exe: supprimé !
C:\Documents and Settings\Fabien\Bureau\Navilog1.exe: supprimé !
C:\Documents and Settings\Fabien\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Fabien\Bureau\Procedure Antivirus ALL\Navilog1.lnk: supprimé !
C:\Documents and Settings\Fabien\Bureau\Procedure Antivirus ALL\SmitFraudFix.exe: supprimé !
C:\HiJackThis\HijackThis.exe: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Combofix.txt: supprimé !
C:\fixnavi.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\Documents and Settings\Fabien\Bureau\Procedure Antivirus ALL\OTMoveIt3.exe: supprimé !
C:\Documents and Settings\Fabien\Bureau\Procedure Antivirus ALL\Rsit.exe: supprimé !
C:\HiJackThis\hijackthis.log: supprimé !
C:\SDFIX: supprimé !
C:\HijackThis: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Documents and Settings\Fabien\Bureau\Procedure Antivirus ALL\SmitFraudfix: supprimé !
C:\Program Files\Navilog1: supprimé !

Corbeille vidée!
Fichiers temporaires nettoyés !
0
Réponse 48 / 59
Utilisateur anonyme
 
OK , pour faire le point refais ceci stp :

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt
0
Réponse 49 / 59
SeiFeR_HxC Messages postés 35 Date d'inscription   Statut Membre Dernière intervention  
 
Rapport RSIT :



Logfile of random's system information tool 1.05 (written by random/random)
Run by Fabien at 2009-03-16 19:02:45
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 5 GB (3%) free of 131 GB
Total RAM: 1022 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:02:54, on 16/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Fabien\Bureau\RSIT.exe
C:\Program Files\trend micro\Fabien.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WiFi Station.lnk = ?
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


End of file - 10619 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-11-22 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll [2008-02-29 468280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-16 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2009-02-19 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d}]
Peer2Peer-FR Toolbar - C:\Program Files\Peer2Peer-FR\tbPee1.dll [2009-02-05 1881112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-16 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-16 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - Peer2Peer-FR Toolbar - C:\Program Files\Peer2Peer-FR\tbPee1.dll [2009-02-05 1881112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-04-17 16143872]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2004-08-20 110592]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-16 136600]
"AdobeCS4ServiceManager"=C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2008-08-04 160800]
"VX1000"=C:\WINDOWS\vVX1000.exe [2008-08-04 721936]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"nwiz"=nwiz.exe /install []
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-03-15 233472]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-02-11 1273488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-13 68856]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"Steam"=C:\Program Files\Steam\Steam.exe [2009-02-19 1410296]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe
Wireless Configuration Utility HW.51.lnk - C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe

C:\Documents and Settings\Fabien\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
Y'z Toolbar.lnk - C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoLogOff"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\THQ\Company of Heroes\RelicCOH.exe"="C:\Program Files\THQ\Company of Heroes\RelicCOH.exe:*:Enabled:RelicCOH"
"C:\TYPSoft FTP Server\ftpserv.exe"="C:\TYPSoft FTP Server\ftpserv.exe:*:Enabled:TYPSoft FTP Server"
"C:\Program Files\GOA\Gunbound\GunBound.gme"="C:\Program Files\GOA\Gunbound\GunBound.gme:*:Enabled:GunBound"
"C:\Program Files\MAIET\Gunz\GunzLauncher.exe"="C:\Program Files\MAIET\Gunz\GunzLauncher.exe:*:Enabled:GunzLauncher"
"C:\Program Files\ABC\abc.exe"="C:\Program Files\ABC\abc.exe:*:Enabled:abc"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\GOA\Pangya_Eu\update_eu.exe"="C:\Program Files\GOA\Pangya_Eu\update_eu.exe:*:Enabled:Pangya"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\Program Files\TVAnts\Tvants.exe"="C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
"C:\Program Files\Last.fm\LastFM.exe"="C:\Program Files\Last.fm\LastFM.exe:*:Enabled:Last.fm"
"C:\Program Files\Soulseek\slsk.exe"="C:\Program Files\Soulseek\slsk.exe:*:Enabled:SoulSeek"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Team17\Worms Armageddon\wa.exe"="C:\Team17\Worms Armageddon\wa.exe:*:Enabled:Worms Armageddon"
"C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe"="C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Fichiers communs\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\OpenTTD\openttd.exe"="C:\Program Files\OpenTTD\openttd.exe:*:Enabled:OpenTTD"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe"="C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Microsoft LifeCam\LifeTray.exe"="C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe"
"C:\Program Files\Electronic Arts\BattleForgeBeta\Bootstrapper.exe"="C:\Program Files\Electronic Arts\BattleForgeBeta\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher"
"C:\Program Files\Electronic Arts\BattleForgeBeta\BattleForge.exe"="C:\Program Files\Electronic Arts\BattleForgeBeta\BattleForge.exe:*:Enabled:BattleForge™"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91dc2237-bb2b-11dd-91f7-0018e70439e7}]
shell\AutoRun\command - wscript.exe antinul.vbe
shell\open\command - wscript.exe antinul.vbe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e07e922-791e-11dd-915c-0018e70439e7}]
shell\Auto\command - auto.exe
shell\AutoRun\command - auto.exe


======File associations======

.ini - open - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-03-16 19:02:46 ----D---- C:\Program Files\trend micro
2009-03-16 19:02:45 ----D---- C:\rsit
2009-03-16 18:58:27 ----A---- C:\TCleaner.txt
2009-03-16 18:58:12 ----SHD---- C:\RECYCLER
2009-03-16 18:29:51 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-16 18:29:51 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-16 17:52:41 ----A---- C:\WINDOWS\zip.exe
2009-03-16 17:52:41 ----A---- C:\WINDOWS\SWREG.exe
2009-03-16 17:52:41 ----A---- C:\WINDOWS\NIRCMD.exe
2009-03-16 17:52:41 ----A---- C:\WINDOWS\grep.exe
2009-03-16 17:52:40 ----A---- C:\WINDOWS\VFIND.exe
2009-03-16 17:52:40 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-03-16 17:52:40 ----A---- C:\WINDOWS\SWSC.exe
2009-03-16 17:52:40 ----A---- C:\WINDOWS\sed.exe
2009-03-16 17:52:40 ----A---- C:\WINDOWS\fdsv.exe
2009-03-16 17:52:39 ----D---- C:\WINDOWS\ERDNT
2009-03-16 17:34:07 ----D---- C:\Documents and Settings\Fabien\Application Data\WinRAR
2009-03-16 17:10:40 ----D---- C:\WINDOWS\ERUNT
2009-03-16 17:10:40 ----D---- C:\Backups
2009-03-16 16:23:49 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-16 16:23:49 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-16 16:23:49 ----A---- C:\WINDOWS\system32\java.exe
2009-03-16 16:23:49 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-16 15:43:35 ----A---- C:\cleannavi DERNIER.txt
2009-03-16 14:58:26 ----A---- C:\rapport smit 2.txt
2009-03-16 14:41:17 ----A---- C:\WINDOWS\system32\tmp.txt
2009-03-16 14:41:13 ----A---- C:\rapport.txt
2009-03-14 13:39:23 ----AD---- C:\autorun.inf
2009-03-14 13:30:40 ----A---- C:\curr_ver.tmp
2009-03-08 16:05:14 ----D---- C:\Program Files\Avira
2009-03-07 16:59:06 ----HD---- C:\$AVG8.VAULT$
2009-03-07 16:10:53 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-03-02 14:37:48 ----D---- C:\Program Files\Electronic Arts
2009-03-02 14:37:47 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-03-02 14:37:47 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-03-02 14:37:47 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-03-02 14:37:46 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-03-02 14:37:46 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-03-02 14:37:46 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-03-02 14:37:45 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-03-01 15:58:25 ----D---- C:\Program Files\Hasbro
2009-02-28 20:56:55 ----D---- C:\Program Files\Risk
2009-02-28 17:52:37 ----D---- C:\Program Files\MagicISO
2009-02-19 23:22:37 ----D---- C:\Program Files\Steam

======List of files/folders modified in the last 1 months======

2009-03-16 19:02:46 ----RD---- C:\Program Files
2009-03-16 18:43:59 ----D---- C:\WINDOWS\Temp
2009-03-16 18:14:01 ----D---- C:\Program Files\Mozilla Firefox
2009-03-16 18:13:03 ----D---- C:\WINDOWS\system32\drivers
2009-03-16 18:13:03 ----D---- C:\WINDOWS\system32
2009-03-16 18:13:01 ----D---- C:\WINDOWS
2009-03-16 18:07:09 ----A---- C:\WINDOWS\system.ini
2009-03-16 18:05:56 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-16 18:04:30 ----D---- C:\WINDOWS\system32\config
2009-03-16 18:01:29 ----D---- C:\WINDOWS\AppPatch
2009-03-16 18:01:22 ----D---- C:\Program Files\Fichiers communs
2009-03-16 17:58:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-16 17:11:05 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-16 16:24:49 ----D---- C:\Program Files\Java
2009-03-16 16:24:04 ----SHD---- C:\WINDOWS\Installer
2009-03-16 16:12:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-16 16:12:32 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-16 15:20:53 ----D---- C:\WINDOWS\Prefetch
2009-03-16 14:55:41 ----D---- C:\Program Files\Google
2009-03-16 14:10:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-16 14:09:42 ----D---- C:\Downloads
2009-03-14 14:14:44 ----D---- C:\Program Files\PokerStars
2009-03-09 17:42:26 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-09 04:41:05 ----D---- C:\Program Files\Warcraft III
2009-03-08 16:17:29 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-03-08 16:02:13 ----SD---- C:\Documents and Settings\Fabien\Application Data\Microsoft
2009-03-07 17:44:54 ----D---- C:\Program Files\Windows XP Home-Pro-2003 SP2 Crack
2009-03-07 17:21:31 ----D---- C:\Program Files\Har-Bal 2.3
2009-03-06 16:14:33 ----D---- C:\Program Files\BitComet
2009-03-05 16:09:32 ----D---- C:\Program Files\Bonjour
2009-03-04 15:10:03 ----D---- C:\Program Files\FriendBlasterPro
2009-03-02 14:37:48 ----HD---- C:\WINDOWS\inf
2009-03-02 14:37:48 ----D---- C:\WINDOWS\system32\DirectX
2009-02-22 20:18:30 ----D---- C:\WINDOWS\nview
2009-02-22 20:18:30 ----D---- C:\WINDOWS\Help
2009-02-22 19:49:58 ----D---- C:\NVIDIA

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-16 75072]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-03-14 46652]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16877]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-01-28 271360]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-01-28 18048]
R2 Nsynas32;Nsynas32; C:\WINDOWS\system32\drivers\Nsynas32.sys [2001-04-09 17784]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2009-02-09 6307328]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 W8335XP;IEEE 802.11g Wireless Cardbus/PCI Adapter HW51; C:\WINDOWS\System32\DRIVERS\Mrv8000c.sys [2004-12-24 253440]
S3 amr1nga1;amr1nga1; C:\WINDOWS\system32\drivers\amr1nga1.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-04 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-04 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-04 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-06-29 25280]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-04 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 PID_0920;Logitech QuickCam Express(PID_0920); C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2005-01-31 163328]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-04 59648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 USB28xxBGA;PCTV 70e Device; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2007-01-29 361728]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2007-01-29 39680]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-10 32000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-04 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2008-08-04 1964432]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-17 52352]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-20 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-16 152984]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2008-08-04 164896]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-27 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-11 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-20 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-20 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------
0
Réponse 50 / 59
Utilisateur anonyme
 
il reste des details :

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.


* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

Tuto : https://sites.google.com/site/toolbarsd/aideenimages
info : https://forum.malekal.com/viewtopic.php?f=45&t=6173
0
Réponse 51 / 59
SeiFeR_HxC Messages postés 35 Date d'inscription   Statut Membre Dernière intervention  
 
rapport tollbarsd :




-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Fabien ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:127 Go (Free:4 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (CD or DVD)
H:\ (CD or DVD)
I:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 16/03/2009|19:09 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"First Home Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Fabien\.housecall6.6\Quarantine\FL 6 + crack.zip.bac_a00604
C:\DOCUME~1\Fabien\Bureau\Image Line Fruity Loops Studio Producer Edition XXL v6.04\FL 6 + crack.zip
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\01 Oblivion.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\02 Divinations.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\03 Quintessence.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\04 The Czar.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\05 Ghost Of Karelia.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\06 Crack The Skye.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\cover.jpg
C:\DOCUME~1\Fabien\Bureau\ZIK\VA Upcoming release\Postmortem Promises - A Crack in the Spine of the Gallant.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\rottedchrist@hotmail.fr\Image Line Fruity Loops Studio Producer Edition XXL v6.04\FL 6 + crack.zip
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\01 Oblivion.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\02 Divinations.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\03 Quintessence.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\04 The Czar.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\05 Ghost Of Karelia.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\06 Crack The Skye.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\cover.jpg
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\Thumbs.db
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\SharingMetadata\rottedchrist@hotmail.fr\DFSR\ConflictDelete\FL 6 + crack-{9E33CED3-3D42-4484-94ED-77FBFE6DC744}-v7554.zip
C:\DOCUME~1\Fabien\Mes documents\Ableton\Presets\Audio Effects\Vinyl Distortion\Crack.adv
C:\DOCUME~1\ALLUSE~1\Menu Démarrer\Programmes\Windows XP Home-Pro-2003 SP2 Crack
C:\DOCUME~1\ALLUSE~1\Menu Démarrer\Programmes\Windows XP Home-Pro-2003 SP2 Crack\Donate To DemonSpeed.lnk
C:\DOCUME~1\ALLUSE~1\Menu Démarrer\Programmes\Windows XP Home-Pro-2003 SP2 Crack\KeyGen.exe.lnk



1 - "C:\ToolBar SD\TB_1.txt" - 16/03/2009|19:10 - Option : [1]

-----------\\ Fin du rapport a 19:10:10,15
0
Réponse 52 / 59
Utilisateur anonyme
 
télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)


Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm
0
Réponse 53 / 59
SeiFeR_HxC Messages postés 35 Date d'inscription   Statut Membre Dernière intervention  
 
Rapport Lopsd :



--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Fabien ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:127 Go (Free:4 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (CD or DVD)
H:\ (CD or DVD)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 16/03/2009|19:16 )

--------------------\\ Listing des dossiers dans APPLIC~1

[27/09/2008|02:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[01/12/2007|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[28/10/2008|01:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/09/2007|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[28/01/2007|03:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/03/2009|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[08/03/2009|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[07/02/2009|21:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[04/01/2009|03:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[27/10/2008|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[11/07/2007|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[02/11/2008|15:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[30/01/2008|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[28/11/2007|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Last.fm
[20/10/2008|01:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[07/02/2008|00:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[15/01/2009|00:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[28/01/2007|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[11/07/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
[07/02/2007|12:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[21/01/2007|06:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[04/09/2007|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[19/11/2008|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sports Interactive
[16/03/2009|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/10/2008|23:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/04/2007|15:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Test Drive Unlimited
[02/02/2007|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[20/01/2007|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[16/12/2007|20:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[07/05/2007|17:16] C:\DOCUME~1\Fabien\APPLIC~1\.ABC
[01/12/2007|17:12] C:\DOCUME~1\Fabien\APPLIC~1\Ableton
[01/12/2007|16:53] C:\DOCUME~1\Fabien\APPLIC~1\ACD Systems
[28/10/2008|11:58] C:\DOCUME~1\Fabien\APPLIC~1\Adobe
[19/03/2007|13:11] C:\DOCUME~1\Fabien\APPLIC~1\AdobeUM
[28/01/2007|13:14] C:\DOCUME~1\Fabien\APPLIC~1\Ahead
[15/12/2007|16:13] C:\DOCUME~1\Fabien\APPLIC~1\Apple Computer
[07/02/2009|21:36] C:\DOCUME~1\Fabien\APPLIC~1\AVS4YOU
[19/01/2009|02:20] C:\DOCUME~1\Fabien\APPLIC~1\Azureus
[12/04/2007|19:03] C:\DOCUME~1\Fabien\APPLIC~1\Command & Conquer 3 Tiberium Wars
[07/03/2007|19:01] C:\DOCUME~1\Fabien\APPLIC~1\Command & Conquer 3 Tiberium Wars Demo
[21/01/2009|22:54] C:\DOCUME~1\Fabien\APPLIC~1\Crayon Physics Deluxe
[28/01/2007|12:13] C:\DOCUME~1\Fabien\APPLIC~1\DeepBurner
[08/12/2008|05:43] C:\DOCUME~1\Fabien\APPLIC~1\dvdcss
[15/09/2007|14:49] C:\DOCUME~1\Fabien\APPLIC~1\fretsonfire
[05/12/2007|21:23] C:\DOCUME~1\Fabien\APPLIC~1\Google
[30/06/2008|12:40] C:\DOCUME~1\Fabien\APPLIC~1\Hamachi
[19/07/2008|13:48] C:\DOCUME~1\Fabien\APPLIC~1\Help
[20/01/2007|19:37] C:\DOCUME~1\Fabien\APPLIC~1\Identities
[13/10/2007|19:16] C:\DOCUME~1\Fabien\APPLIC~1\InstallShield
[04/09/2007|15:10] C:\DOCUME~1\Fabien\APPLIC~1\InstallShield Installation Information
[28/01/2007|12:05] C:\DOCUME~1\Fabien\APPLIC~1\Macromedia
[20/10/2008|01:43] C:\DOCUME~1\Fabien\APPLIC~1\Malwarebytes
[26/11/2008|03:46] C:\DOCUME~1\Fabien\APPLIC~1\Media Player Classic
[08/03/2009|16:02] C:\DOCUME~1\Fabien\APPLIC~1\Microsoft
[02/06/2008|18:31] C:\DOCUME~1\Fabien\APPLIC~1\Microsoft Web Folders
[14/07/2008|11:58] C:\DOCUME~1\Fabien\APPLIC~1\Mozilla
[19/03/2007|21:34] C:\DOCUME~1\Fabien\APPLIC~1\My Games
[11/09/2007|21:41] C:\DOCUME~1\Fabien\APPLIC~1\Publish Providers
[22/11/2008|16:02] C:\DOCUME~1\Fabien\APPLIC~1\Real
[11/12/2007|20:08] C:\DOCUME~1\Fabien\APPLIC~1\Samsung
[01/04/2007|15:44] C:\DOCUME~1\Fabien\APPLIC~1\SecuROM
[11/09/2007|21:38] C:\DOCUME~1\Fabien\APPLIC~1\Sony
[20/11/2008|00:48] C:\DOCUME~1\Fabien\APPLIC~1\Sports Interactive
[17/05/2007|13:16] C:\DOCUME~1\Fabien\APPLIC~1\Steinberg
[02/12/2007|15:25] C:\DOCUME~1\Fabien\APPLIC~1\Sun
[14/03/2007|18:28] C:\DOCUME~1\Fabien\APPLIC~1\vlc
[16/03/2009|17:34] C:\DOCUME~1\Fabien\APPLIC~1\WinRAR

[29/03/2008|02:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[29/03/2008|02:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM
[08/03/2009|16:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[08/03/2009|16:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/03/2009 22:58][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[16/03/2009 18:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[17/10/2007|20:13] C:\Program Files\21cn
[20/01/2007|19:41] C:\Program Files\802.11 Wireless LAN
[07/05/2007|14:12] C:\Program Files\ABC
[01/12/2007|16:32] C:\Program Files\ACD Systems
[27/10/2008|20:37] C:\Program Files\Adobe
[27/10/2008|20:34] C:\Program Files\Adobe Media Player
[15/06/2007|20:39] C:\Program Files\AGEIA Technologies
[06/06/2007|12:19] C:\Program Files\Album Cover Finder
[18/06/2008|11:08] C:\Program Files\AntiVir PersonalEdition Classic
[27/09/2008|12:30] C:\Program Files\Apple Software Update
[17/05/2007|21:14] C:\Program Files\ASIO4ALL v2
[28/01/2007|12:15] C:\Program Files\Astonsoft
[21/01/2007|05:59] C:\Program Files\ASUSTeK
[06/02/2007|22:53] C:\Program Files\Audacity
[08/03/2009|22:52] C:\Program Files\Avira
[04/02/2008|23:44] C:\Program Files\AviSynth 2.5
[07/02/2009|21:29] C:\Program Files\AVS4YOU
[10/08/2008|14:01] C:\Program Files\BestGameEver
[06/03/2009|16:14] C:\Program Files\BitComet
[05/03/2009|16:09] C:\Program Files\Bonjour
[08/04/2008|15:40] C:\Program Files\Canal
[01/07/2008|22:23] C:\Program Files\CHRYOPROD
[26/11/2008|03:44] C:\Program Files\Combined Community Codec Pack
[21/01/2008|14:42] C:\Program Files\Common Files
[20/01/2007|19:24] C:\Program Files\ComPlus Applications
[04/12/2008|21:09] C:\Program Files\Conduit
[22/01/2009|20:57] C:\Program Files\Crayon Physics Deluxe
[18/05/2008|14:54] C:\Program Files\CyberIPod.com
[21/01/2007|22:53] C:\Program Files\DAEMON Tools
[30/09/2007|22:03] C:\Program Files\DivX
[01/12/2007|16:17] C:\Program Files\Drums Overkill
[02/03/2009|14:37] C:\Program Files\Electronic Arts
[20/10/2008|00:06] C:\Program Files\Enigma Software Group
[15/12/2007|16:05] C:\Program Files\eRightSoft
[16/03/2009|18:01] C:\Program Files\Fichiers communs
[28/01/2007|03:48] C:\Program Files\FileZilla
[28/08/2008|22:58] C:\Program Files\FlashGet
[12/01/2008|02:47] C:\Program Files\FM Modifier 2.2
[17/03/2008|12:57] C:\Program Files\Free Audio Pack
[04/12/2008|21:18] C:\Program Files\Free Create-Burn ISO Image
[29/09/2008|01:44] C:\Program Files\Free friend adder
[01/12/2007|16:12] C:\Program Files\Freeciv-2.0.9-gtk2
[15/09/2007|14:47] C:\Program Files\Frets on Fire
[04/03/2009|15:10] C:\Program Files\FriendBlasterPro
[24/08/2008|21:33] C:\Program Files\Full Tilt Poker
[15/11/2008|15:40] C:\Program Files\GOA
[16/03/2009|14:55] C:\Program Files\Google
[26/05/2008|18:32] C:\Program Files\Guitar Pro 5
[31/01/2008|21:32] C:\Program Files\GXTranscoder.net AWE
[29/06/2008|11:37] C:\Program Files\Hamachi
[07/03/2009|17:21] C:\Program Files\Har-Bal 2.3
[01/03/2009|15:58] C:\Program Files\Hasbro
[01/06/2008|19:01] C:\Program Files\IK Multimedia
[01/06/2008|18:40] C:\Program Files\Image-Line
[07/09/2008|14:10] C:\Program Files\InstallShield Installation Information
[12/04/2008|02:03] C:\Program Files\Internet Explorer
[27/09/2008|02:28] C:\Program Files\iPod
[27/09/2008|02:29] C:\Program Files\iTunes
[28/02/2008|00:43] C:\Program Files\iZotope
[16/03/2009|16:24] C:\Program Files\Java
[05/09/2007|17:25] C:\Program Files\K!TV
[01/08/2007|01:05] C:\Program Files\kab - Shutdown Timer
[26/08/2008|13:31] C:\Program Files\Last.fm
[27/06/2007|19:25] C:\Program Files\Logitech
[28/02/2009|17:52] C:\Program Files\MagicISO
[07/05/2007|12:43] C:\Program Files\MAIET
[17/12/2007|14:49] C:\Program Files\Majorem
[16/03/2009|14:10] C:\Program Files\Malwarebytes' Anti-Malware
[22/01/2007|19:21] C:\Program Files\Messenger
[05/06/2007|17:39] C:\Program Files\Messenger Plus! Live
[21/07/2008|01:27] C:\Program Files\MessengerDiscovery
[04/09/2007|15:28] C:\Program Files\MeuhMeuhTV
[02/06/2008|18:31] C:\Program Files\microsoft frontpage
[13/10/2007|19:12] C:\Program Files\Microsoft Games
[15/01/2009|00:38] C:\Program Files\Microsoft LifeCam
[02/06/2008|18:31] C:\Program Files\Microsoft Office
[09/05/2007|13:57] C:\Program Files\Movie Maker
[16/03/2009|18:14] C:\Program Files\Mozilla Firefox
[15/01/2009|00:14] C:\Program Files\MSBuild
[20/01/2007|19:24] C:\Program Files\MSN
[20/01/2007|19:24] C:\Program Files\MSN Gaming Zone
[22/07/2008|16:47] C:\Program Files\MSN Messenger
[09/07/2008|12:52] C:\Program Files\MSN Spy 2004
[22/01/2007|19:20] C:\Program Files\MSXML 4.0
[08/04/2008|15:37] C:\Program Files\MSXML 6.0
[20/12/2008|14:33] C:\Program Files\Native Instruments
[28/01/2007|13:07] C:\Program Files\Nero
[22/02/2008|00:26] C:\Program Files\NetMeeting
[02/11/2008|15:49] C:\Program Files\Nokia
[02/10/2007|22:48] C:\Program Files\OGPlanet
[13/03/2008|02:18] C:\Program Files\OpenTTD
[13/06/2007|18:27] C:\Program Files\Outlook Express
[01/06/2008|18:39] C:\Program Files\Outsim
[02/10/2007|23:17] C:\Program Files\PacificPoker
[18/06/2008|00:01] C:\Program Files\Panda Security
[05/02/2009|16:59] C:\Program Files\Peer2Peer-FR
[04/09/2007|18:55] C:\Program Files\Pinnacle
[04/02/2007|02:16] C:\Program Files\Playlogic
[14/03/2009|14:14] C:\Program Files\PokerStars
[26/05/2008|18:29] C:\Program Files\PowerISO
[27/09/2008|02:25] C:\Program Files\QuickTime
[22/11/2008|15:59] C:\Program Files\Real
[21/01/2007|21:26] C:\Program Files\Realtek
[04/02/2008|23:44] C:\Program Files\Red Kawa
[15/01/2009|00:11] C:\Program Files\Reference Assemblies
[28/02/2009|20:56] C:\Program Files\Risk
[11/12/2007|19:28] C:\Program Files\Samsung
[30/03/2008|01:03] C:\Program Files\Sega
[20/01/2007|19:24] C:\Program Files\Services en ligne
[29/01/2007|20:03] C:\Program Files\Sierra
[03/02/2007|16:53] C:\Program Files\Smart Projects
[11/09/2007|21:18] C:\Program Files\Sony
[11/09/2007|21:16] C:\Program Files\Sony Setup
[04/12/2008|16:52] C:\Program Files\Soulseek
[23/04/2007|00:36] C:\Program Files\SpeedSim
[18/12/2008|14:55] C:\Program Files\Sports Interactive
[16/03/2009|18:30] C:\Program Files\Spybot - Search & Destroy
[19/10/2008|23:49] C:\Program Files\Spyware Doctor
[16/03/2009|18:07] C:\Program Files\Steam
[20/12/2008|15:58] C:\Program Files\Steinberg
[01/12/2007|16:13] C:\Program Files\StepMania
[02/10/2008|18:00] C:\Program Files\StuffPlug3
[20/12/2008|15:58] C:\Program Files\Syncrosoft
[21/12/2008|20:41] C:\Program Files\THQ
[22/01/2007|02:36] C:\Program Files\Thrustmaster
[16/05/2007|23:20] C:\Program Files\Toontrack
[16/03/2009|19:02] C:\Program Files\trend micro
[17/10/2007|20:34] C:\Program Files\TVAnts
[25/12/2007|01:01] C:\Program Files\UDPixel
[20/01/2007|19:37] C:\Program Files\Uninstall Information
[21/01/2007|14:05] C:\Program Files\VIA
[14/03/2007|18:15] C:\Program Files\VideoLAN
[02/02/2009|16:37] C:\Program Files\VstPlugins
[04/01/2009|03:30] C:\Program Files\Vuze
[09/03/2009|04:41] C:\Program Files\Warcraft III
[13/08/2008|13:22] C:\Program Files\WinamaxPoker
[03/12/2008|00:20] C:\Program Files\Windows Journal Viewer
[05/06/2007|17:39] C:\Program Files\Windows Live
[14/03/2008|15:30] C:\Program Files\Windows Media Connect 2
[14/03/2008|15:30] C:\Program Files\Windows Media Player
[21/01/2007|21:08] C:\Program Files\Windows NT
[07/03/2009|17:44] C:\Program Files\Windows XP Home-Pro-2003 SP2 Crack
[20/01/2007|20:34] C:\Program Files\WindowsUpdate
[19/07/2008|13:48] C:\Program Files\WinRAR
[20/01/2007|19:27] C:\Program Files\xerox
[21/10/2007|11:30] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[01/12/2007|16:32] C:\Program Files\Fichiers communs\ACD Systems
[27/10/2008|20:35] C:\Program Files\Fichiers communs\Adobe
[20/09/2008|04:05] C:\Program Files\Fichiers communs\Adobe AIR
[28/01/2007|13:09] C:\Program Files\Fichiers communs\Ahead
[27/09/2008|02:25] C:\Program Files\Fichiers communs\Apple
[07/02/2009|21:29] C:\Program Files\Fichiers communs\AVSMedia
[02/06/2008|18:32] C:\Program Files\Fichiers communs\Designer
[16/05/2007|23:35] C:\Program Files\Fichiers communs\DigiDesign
[11/07/2007|15:47] C:\Program Files\Fichiers communs\DirectX
[30/01/2008|21:12] C:\Program Files\Fichiers communs\InstallShield
[16/01/2008|14:19] C:\Program Files\Fichiers communs\iZotope
[02/12/2007|15:24] C:\Program Files\Fichiers communs\Java
[27/06/2007|19:25] C:\Program Files\Fichiers communs\Logitech
[27/10/2008|20:25] C:\Program Files\Fichiers communs\Macrovision Shared
[03/12/2008|00:20] C:\Program Files\Fichiers communs\Microsoft Shared
[20/01/2007|19:25] C:\Program Files\Fichiers communs\MSSoap
[20/12/2008|14:32] C:\Program Files\Fichiers communs\Native Instruments
[02/11/2008|15:49] C:\Program Files\Fichiers communs\Nokia
[20/01/2007|19:17] C:\Program Files\Fichiers communs\ODBC
[22/11/2008|15:59] C:\Program Files\Fichiers communs\Real
[20/01/2007|19:25] C:\Program Files\Fichiers communs\Services
[20/01/2007|19:17] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|18:27] C:\Program Files\Fichiers communs\System
[15/06/2007|20:39] C:\Program Files\Fichiers communs\Wise Installation Wizard
[22/11/2008|15:59] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 46 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-16 19:17:22
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1656

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Fabien\.housecall6.6\Quarantine\FL 6 + crack.zip.bac_a00604
C:\DOCUME~1\Fabien\Bureau\Image Line Fruity Loops Studio Producer Edition XXL v6.04\FL 6 + crack.zip
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\01 Oblivion.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\02 Divinations.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\03 Quintessence.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\04 The Czar.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\05 Ghost Of Karelia.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\06 Crack The Skye.mp3
C:\DOCUME~1\Fabien\Bureau\ZIK\Mastodon - Crack The Skye [2009] by xcharlsx\cover.jpg
C:\DOCUME~1\Fabien\Bureau\ZIK\VA Upcoming release\Postmortem Promises - A Crack in the Spine of the Gallant.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\rottedchrist@hotmail.fr\Image Line Fruity Loops Studio Producer Edition XXL v6.04\FL 6 + crack.zip
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\01 Oblivion.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\02 Divinations.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\03 Quintessence.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\04 The Czar.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\05 Ghost Of Karelia.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\06 Crack The Skye.mp3
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\cover.jpg
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\Sharing Folders\trasherxxl@hotmail.fr\Mastodon - Crack The Skye [2009] by xcharlsx\Thumbs.db
C:\DOCUME~1\Fabien\Local Settings\Application Data\Microsoft\Messenger\morthia@hotmail.com\SharingMetadata\rottedchrist@hotmail.fr\DFSR\ConflictDelete\FL 6 + crack-{9E33CED3-3D42-4484-94ED-77FBFE6DC744}-v7554.zip
C:\DOCUME~1\Fabien\Mes documents\Ableton\Presets\Audio Effects\Vinyl Distortion\Crack.adv
C:\DOCUME~1\ALLUSE~1\Menu Démarrer\Programmes\Windows XP Home-Pro-2003 SP2 Crack
C:\DOCUME~1\ALLUSE~1\Menu Démarrer\Programmes\Windows XP Home-Pro-2003 SP2 Crack\Donate To DemonSpeed.lnk
C:\DOCUME~1\ALLUSE~1\Menu Démarrer\Programmes\Windows XP Home-Pro-2003 SP2 Crack\KeyGen.exe.lnk


[F:10][D:3]-> C:\DOCUME~1\Fabien\LOCALS~1\Temp
[F:4][D:0]-> C:\DOCUME~1\Fabien\Cookies
[F:7][D:4]-> C:\DOCUME~1\Fabien\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 16/03/2009|19:19 - Option : [1]

--------------------\\ Fin du rapport a 19:19:16
0
Réponse 54 / 59
Utilisateur anonyme
 
bah c est ok et tant mieux , on termine donc :

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe


:files
C:\WINDOWS\zip.exe
C:\WINDOWS\SWREG.exe
C:\WINDOWS\NIRCMD.exe
C:\WINDOWS\grep.exe
C:\WINDOWS\VFIND.exe
C:\WINDOWS\SWXCACLS.exe
C:\WINDOWS\SWSC.exe
C:\WINDOWS\sed.exe
C:\WINDOWS\fdsv.exe
C:\WINDOWS\ERUNT
C:\Backups
C:\cleannavi DERNIER.txt
C:\rapport smit 2.txt
C:\WINDOWS\system32\tmp.txt
C:\rapport.txt
C:\$AVG8.VAULT$
C:\Documents and Settings\All Users\Application Data\avg8
C:\DOCUME~1\Fabien\Bureau\Image Line Fruity Loops Studio Producer Edition XXL v6.04\FL 6 + crack.zip

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91dc2237-bb2b-11dd-91f7-0018e70439e7}]


:commands
[emptytemp]
[start explorer]
[reboot]


---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

ensuite repasse toolcleaner :

Télécharge ToolsCleaner sur ton bureau.
-->
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

et fais ceci :


Purge de la restauration système
*Désactive ta restauration :
Clique droit sur poste de travail/propriétés/Restauration système/coche la case désactiver la restauration, appliquer, OK
---> Redémarre ton PC ...

*Réactive ta restauration :
Clique droit sur poste de travail/propriétés/Restauration système/décoche la case désactiver la restauration, appliquer, OK
--->Redémarre ton PC ...

( Note : tu peux aussi y accéder via panneau de configuration->" système "->" restauration système " ).



Tuto xp : http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924


0
Réponse 55 / 59
SeiFeR_HxC Messages postés 35 Date d'inscription   Statut Membre Dernière intervention  
 
Rapport de OTmoveIT :


========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\WINDOWS\zip.exe moved successfully.
C:\WINDOWS\SWREG.exe moved successfully.
C:\WINDOWS\NIRCMD.exe moved successfully.
C:\WINDOWS\grep.exe moved successfully.
C:\WINDOWS\VFIND.exe moved successfully.
C:\WINDOWS\SWXCACLS.exe moved successfully.
C:\WINDOWS\SWSC.exe moved successfully.
C:\WINDOWS\sed.exe moved successfully.
C:\WINDOWS\fdsv.exe moved successfully.
C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002 moved successfully.
C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001 moved successfully.
C:\WINDOWS\ERUNT\SDFIX_First_Run\Users moved successfully.
C:\WINDOWS\ERUNT\SDFIX_First_Run moved successfully.
C:\WINDOWS\ERUNT\SDFIX\Users\00000002 moved successfully.
C:\WINDOWS\ERUNT\SDFIX\Users\00000001 moved successfully.
C:\WINDOWS\ERUNT\SDFIX\Users moved successfully.
C:\WINDOWS\ERUNT\SDFIX moved successfully.
C:\WINDOWS\ERUNT moved successfully.
C:\Backups moved successfully.
File/Folder C:\cleannavi DERNIER.txt not found.
C:\rapport smit 2.txt moved successfully.
C:\WINDOWS\system32\tmp.txt moved successfully.
C:\rapport.txt moved successfully.
C:\$AVG8.VAULT$ moved successfully.
C:\Documents and Settings\All Users\Application Data\avg8\dumps moved successfully.
C:\Documents and Settings\All Users\Application Data\avg8 moved successfully.
C:\DOCUME~1\Fabien\Bureau\Image Line Fruity Loops Studio Producer Edition XXL v6.04\FL 6 + crack.zip moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91dc2237-bb2b-11dd-91f7-0018e70439e7}\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Fabien\LOCALS~1\Temp\etilqs_ZVJ8k7tocR7oD1jmi13H scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Fabien\LOCALS~1\Temp\~DF1FB7.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Fabien\LOCALS~1\Temp\~DF1FCC.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Fabien\LOCALS~1\Temp\~DF2D83.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Fabien\LOCALS~1\Temp\~DF2DD0.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_620.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03162009_193029

Files moved on Reboot...
File C:\DOCUME~1\Fabien\LOCALS~1\Temp\etilqs_ZVJ8k7tocR7oD1jmi13H not found!
File C:\DOCUME~1\Fabien\LOCALS~1\Temp\~DF1FB7.tmp not found!
File C:\DOCUME~1\Fabien\LOCALS~1\Temp\~DF1FCC.tmp not found!
File C:\DOCUME~1\Fabien\LOCALS~1\Temp\~DF2D83.tmp not found!
File C:\DOCUME~1\Fabien\LOCALS~1\Temp\~DF2DD0.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_620.dat not found!
C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla\Firefox\Profiles\nevvxtvm.default\XUL.mfl moved successfully.





Rapport TCleaner :


[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\lopR.txt: trouvé !
C:\TB.txt: trouvé !
C:\Lop SD: trouvé !
C:\_OtMoveIt: trouvé !
C:\Toolbar SD: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Fabien\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\Fabien\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Fabien\Bureau\ToolBarSD.exe: trouvé !
C:\Documents and Settings\Fabien\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\Fabien\Bureau\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
C:\_OTMoveIt\MovedFiles\03162009_193029\WINDOWS\ERUNT\SDFIX: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\Fabien\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\Fabien\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Fabien\Bureau\ToolBarSD.exe: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\lopR.txt: supprimé !
C:\TB.txt: supprimé !
C:\Documents and Settings\Fabien\Bureau\OTMoveIt3.exe: supprimé !
C:\Documents and Settings\Fabien\Bureau\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Lop SD: supprimé !
C:\_OtMoveIt: supprimé !
C:\Toolbar SD: supprimé !
C:\Rsit: supprimé !

Corbeille vidée!
Fichiers temporaires nettoyés !
0
Réponse 56 / 59
Utilisateur anonyme
 
si tu n as pas d autres soucis change le statut du sujet en resolu stp

http://www.commentcamarche.net/faq/sujet 11365 marquer un fil de discussion comme etant resolu
0
Réponse 57 / 59
SeiFeR_HxC Messages postés 35 Date d'inscription   Statut Membre Dernière intervention  
 
Ok ! tout a l'air nikel, merci beaucoup pour ton aide tres efficace !

Par contre je ne trouve pas la case a cocher "résolu" j'avais créé se topic sans etre inscrit, ya pas un autre moyen?
0
Réponse 58 / 59
SeiFeR_HxC Messages postés 35 Date d'inscription   Statut Membre Dernière intervention  
 
Donc si un modérateur ou quelqu'un d'autre peu changer le statut du topic en "résolu" ça serait cool ! =)

Merci !
0
Réponse 59 / 59
Utilisateur anonyme
 
ok et de rien

je m occupe de mettre résolu , bonne semaine

0