Sujet Précédent Sujet Suivant

ERADIQUER Avast de ma machine!!!

Almadi -  
 Almadi -
Bonjour,
j'ecris sur ce site en desespoir de cause.j'en peux plus!
Il ya quelques temps,j'ai installé Avast sur mon ordi Windows XP pack 2.Suite a une négligence de ma part je l'avou,il a expiré et j'ai fai env 2semaine avant de le mettre a jour (jai pas de connexion internet sur cette machine là).quand jai télécharge la mise ajour et que jai voulu l'installer,Rien! ca ne s'installe pas.
j'ai essayé de désinstaller pour réinstaller,Rien j'arrive pas à des installer mm avec l'utilitaire de désinstallation.
J'ai tout essayé pour le désinstaller rien n'a marché.je sais plus quoi faire.Pendant ce temps,je vois les virus s'accumuler sur ma machine sans rien pouvoir faire.Je suis désespéré.Je peux pas songer à formater ma machine parce que j'ai env 100Go de fichiers divers et je sais pas ou recaser.
Le constat est là.je suis sur d'avoir ete infecté par un virus qui a detruit certains fichiers clés.Maintenant qu'est ce que je peux faire, s'il vous plait aidez moi!!!
Merci d'avance!
A voir également:

22 réponses

  • 1
  • 2
Réponse 1 / 22
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Bonjour,

--> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

--> Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

--> Clique sur Continue à l'écran Disclaimer.

--> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

--> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.
0
Réponse 2 / 22
brahim33 Messages postés 6827 Statut Membre 1 152
 
salut
utilise revo unistaller
0
Réponse 3 / 22
glg29 Messages postés 30422 Date d'inscription   Statut Contributeur Dernière intervention   4 478
 
Bonjour almadi,
Ici il y a également ce qu'il te faut !
Cordialement.
0
Réponse 4 / 22
gillesdemev Messages postés 141 Statut Membre 23
 
Bonjour,
Je n'ai pas compris car tu dis ne pas avoir internet sur cette machine et en même temp tu vois des virus s'accumuler.
Ils viennent d'où ? ils étaient déjà sur le PC ?

Il m'arrive d'oublier le renouvellement d'avast dans ce cas je refais un téléchargement et il me considère comme nouveau.
Je n'ai jamais eu le problème de désinstallation

J'ai lu sur ce forum qu'il y avait un petit prog de désinstallation d'avast

http://www.commentcamarche.net/telecharger/telechargement 34055246 utilitaire de desinstallation de avast

tu as 100Giga de données à ne pas perdre, si tu as 2 partitions sur le disque C et D , en passant les data sur D cette partition ne sera pas écrasée par une réinstal de XP sinon, courre vite acheter un disque externe .
Quand tout sera clean il te faudra passer ce disque au nettoyage avec un anti virus ou secuser.com
Si je peux faire plus .... n'hésites pas
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
Almadi
 
Merci! vais l'essayer et je poste le truc.
0
Réponse 6 / 22
Almadi
 
Les virus viennent des cles que j'insère dans la machine,elle est tres solliciter de ce cote là.je distribu bocou de documents aux gens du coup les virus entrent et sortent.
0
Réponse 7 / 22
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Dans ce cas-là, fais ceci :

--> Télécharge UsbFix (de C_XX & Chiquitine29) sur ton Bureau.

--> Lance l'installation avec les paramètres par défaut.

--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

--> Double-clique sur le raccourci UsbFix sur ton Bureau.

--> Choisis l'option 1 (Recherche).

--> Laisse travailler l'outil.

--> Poste le rapport UsbFix.txt.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
0
Réponse 8 / 22
Almadi
 
Juste par mesure de securité,j'ai mis le max de docs à l'abri ds mon ipod.

FICHIER INFO
info.txt logfile of random's system information tool 1.06 2009-04-29 08:20:50

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AAA Logo 2009 Home Edition 3.0 Free Trial-->"C:\Program Files\AAALOGO2009\unins000.exe"
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS3-->"C:\Program Files\Adobe\Adobe Photoshop CS3\uninstall.exe"
Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Ask Toolbar-->rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
avast antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVS Disc Creator version 2.1-->"C:\Program Files\AVSMedia\DiscCreator\Skins\DiscCreator\unins000.exe"
AVS DVD Player version 2.4-->"C:\Program Files\AVS4YOU\AVSDVDPlayer\unins000.exe"
AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cerebral Training - Mon coach particulier-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7E41A97B-173F-4B0F-A3EE-3F278979D9D7}\setup.exe" -l0x40c
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
COWON Media Center - jetAudio Plus VX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -l0x9 -removeonly
DesktopX-->C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\INSTALL.LOG
DiscAPI (Studio 10)-->MsiExec.exe /X{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE
EasyPHP 1.8-->"C:\Program Files\EasyPHP1-8\unins000.exe"
EKinx 2.0-->C:\Program Files\EKinX\Uninstal.exe
FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
FLV Player 1.3.3-->"C:\Program Files\FLVPlayer\uninstall.exe"
Free Mp3 Wma Converter V 1.8.0-->"C:\Program Files\Free Audio Pack\unins000.exe"
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GTK+ 2.8.9 runtime environment-->"C:\Program Files\Fichiers communs\GTK\2.0\unins000.exe"
HERCULES® MediaStation II-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2146A3C4-1874-4768-B990-C63F611A806A}\setup.exe" -l0x40c
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
KompoZer 0.7.10 (supprimer uniquement)-->C:\Program Files\KompoZer\uninstall.exe
Krypto Zone 2-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Protek Lab\Krypto Zone 2\Uninst.isu"
Ma-Config.com plugin-->MsiExec.exe /I{D2D7529F-6B55-4C1C-BC9C-D6F1BCC066B6}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft SQL Server Desktop Engine (PINNACLESYS)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Montpellier Business Plan Classic-->MsiExec.exe /I{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}
Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 8-->MsiExec.exe /X{A2FB3F66-2C62-4C1E-9549-A930FC641036}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{0FC76B71-2534-4354-B255-3468578E3F47}\Nokia_PC_Suite_rel_6_86_9_0_fre_web.exe
Nokia PC Suite-->MsiExec.exe /I{0FC76B71-2534-4354-B255-3468578E3F47}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Package de pilotes Windows - Nokia Modem (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
Pinnacle MediaCenter-->"C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe"UNINSTALL /l0x040c
Pinnacle MediaServer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{460CE8B9-6EC2-458A-90D4-691631ECE9D9}\setup.exe" -l0x40c UNINSTALL
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
RamBoost XP 4.0.6-->"C:\Program Files\RamBoost XP\unins000.exe"
RAPID (Studio 10)-->MsiExec.exe /X{EEECE229-49F6-4851-A73A-99B058221F8C}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
RS Somnífero-->"C:\Program Files\Rico Software\RS Somnífero\desinstalar.exe"
SA32xx Device Manager-->C:\Program Files\InstallShield Installation Information\{7CDC26F7-D6BF-442A-B599-0075A48310F7}\setup.exe -runfromtemp -l0x040c -removeonly
SA32xx Media Converter-->C:\Program Files\InstallShield Installation Information\{D57ACD92-6A27-43BB-B3AE-894930940D41}\setup.exe -runfromtemp -l0x040c -removeonly
SecurDisc Viewer-->MsiExec.exe /X{9AE57057-8E31-40EC-A8DD-A357E5291036}
SmartSound Quicktracks Plugin-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
SpeedBit Toolbar-->"C:\Program Files\SpeedBit Toolbar\TRRemove.exe" temp
Studio 10-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}\Setup2.exe" -l0x40c UNINSTALL
StyleXP (remove only)-->"C:\Program Files\TGTSoft\StyleXP\StyleXP-uninstall.exe"
SUPER © Version 2006.17-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
TaskSwitchXP-->C:\Program Files\TaskSwitchXP\uninst.exe
The GIMP 2.2.13-->"C:\Program Files\GIMP-2.0\unins000.exe"
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Tweak-XP Pro 4-->C:\WINDOWS\iun6002.exe "C:\Program Files\Tweak-XP Pro 4\irunin.ini"
UnderCoverXP 1.19-->"C:\Program Files\UnderCoverXP\unins000.exe"
UxTheme Multipatcher Fr-->C:\Program Files\UxTheme Multipatcher Fr\uninstall.exe
Vade Retro Outllook & Outlook Express-->C:\PROGRA~1\GOTOSO~1\VADERE~1\UNWISE.EXE C:\PROGRA~1\GOTOSO~1\VADERE~1\INSTALL.LOG
VideoLAN VLC media player 0.8.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
XPize 4.6 BETA 1-->C:\WINDOWS\XPize\uninst.exe
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Zeb-Utility 1.2-->C:\Program Files\Zeb-Utility\Uninstal.exe

======Security center information======

AV: avast! antivirus 4.8.1201 [VPS 081122-0] (disabled)

======System event log======

Computer Name: HOME-D5B360BACB
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.

Record Number: 18012
Source Name: Service Control Manager
Time Written: 20090424172235.000000+060
Event Type: Informations
User:

Computer Name: HOME-D5B360BACB
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Services Terminal Server.

Record Number: 18011
Source Name: Service Control Manager
Time Written: 20090424172235.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HOME-D5B360BACB
Event Code: 2
Message: Device identified.

Record Number: 18010
Source Name: nvata
Time Written: 20090424172105.000000+060
Event Type: Informations
User:

Computer Name: HOME-D5B360BACB
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 18009
Source Name: EventLog
Time Written: 20090424172053.000000+060
Event Type: Informations
User:

Computer Name: HOME-D5B360BACB
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.

Record Number: 18008
Source Name: EventLog
Time Written: 20090424172053.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: HOME-D5B360BACB
Event Code: 0
Message: Service started on port 26000.

Record Number: 1600
Source Name: PinnacleSys.MediaServer
Time Written: 20080717143545.000000+060
Event Type: Informations
User:

Computer Name: HOME-D5B360BACB
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 1599
Source Name: SecurityCenter
Time Written: 20080717143544.000000+060
Event Type: Informations
User:

Computer Name: HOME-D5B360BACB
Event Code: 0
Message:
Record Number: 1598
Source Name: RichVideo
Time Written: 20080717143542.000000+060
Event Type: Informations
User:

Computer Name: HOME-D5B360BACB
Event Code: 19011
Message:
Record Number: 1597
Source Name: MSSQL$PINNACLESYS
Time Written: 20080717143542.000000+060
Event Type: Avertissement
User:

Computer Name: HOME-D5B360BACB
Event Code: 0
Message:
Record Number: 1596
Source Name: Nero BackItUp Scheduler 3
Time Written: 20080717143541.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Fichiers communs\GTK\2.0\bin
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"LANG"=fr

-----------------EOF-----------------

FICHIER LOG:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Admin at 2009-04-29 08:38:08
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 247 GB (93%) free of 265 GB
Total RAM: 2047 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:38:09, on 29/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\drivers\servics.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Windows\System32\bycool1\windo.exe
C:\Windows\System32\bycool\winacces.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Windows\System32\bycool\myapp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Admin\Bureau\RSIT.exe
C:\Documents and Settings\Admin\Bureau\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://windowsxlive.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: Shell=Explorer.exe %windir%\system32\drivers\servics.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SPEEDBIT1 - {425E30F0-CCC6-4E24-BBEB-BCBD31720B37} - C:\Program Files\SpeedBit Toolbar\Toolbar\SpeedBit.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: (no name) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SpeedBit - {EBFCD017-BCAD-42C3-9ED5-89DBDFC59171} - C:\Program Files\SpeedBit Toolbar\Toolbar\SpeedBit.dll
O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DRIVESYS1] C:\Windows\System32\bycool1\windo.exe
O4 - HKLM\..\Run: [DRIVESYS] C:\Windows\System32\bycool\winacces.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Tweak-XP Pro] "C:\Program Files\Tweak-XP Pro 4\autostart.exe"
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\\Programs\MediaCenterService\PMC.Service.Main.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Startup: ¡¡¡¡¡¡.lnk = C:\WINDOWS\system32\XP-182DBB01.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 9 / 22
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Je confirme, fais la manip' avec UsbFix.
0
Réponse 10 / 22
Almadi
 
RAPPORT USBFIX:

############################## [ UsbFix V3.014 ]

# User : Admin (Administrateurs) # HOME-D5B360BACB
# Update on 27/04/09 by C_XX & Chiquitine29
# Start at: 11:13:28 | 29/04/2009

# AMD Athlon(tm) 64 Processor 3800+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : avast! antivirus 4.8.1201 [VPS 081122-0] 4.8.1201 [ (!) Disabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 259,02 Go (240,81 Go free) # NTFS
# D:\ # Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS
# E:\ # Disque CD-ROM
# F:\ # Disque fixe local # 19,53 Go (11,9 Go free) [Musique] # NTFS
# G:\ # Disque fixe local # 19,53 Go (2,12 Go free) [Flims] # NTFS
# I:\ # Disque amovible # 952,86 Mo (949,66 Mo free) # FAT32

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\drivers\servics.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Windows\System32\bycool1\windo.exe
C:\Windows\System32\bycool\winacces.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Windows\System32\bycool\myapp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Registre # Startup ]

HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="https://www.google.com/?gws_rd=ssl"
HKCU_Main: "Start Page"="https://windowsxlive.net/"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="Admin"
HKLM_logon: "AltDefaultUserName"="Admin"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: Pinnacle WebUpdater="C:\Program Files\Pinnacle\Shared Files\\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles
HKLM_Run: WinampAgent="C:\Program Files\Winamp\winampa.exe"
HKLM_Run: Vade Retro Outlook Express="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
HKLM_Run: PMCRemote=C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
HKLM_Run: PinnacleDriverCheck=C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
HKLM_Run: nwiz=nwiz.exe /install
HKLM_Run: NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM_Run: NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM_Run: NeroFilterCheck=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
HKLM_Run: NBKeyScan="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKLM_Run: DRIVESYS1=C:\Windows\System32\bycool1\windo.exe
HKLM_Run: DRIVESYS=C:\Windows\System32\bycool\winacces.exe
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: RocketDock="C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
HKCU_Run: Tweak-XP Pro="C:\Program Files\Tweak-XP Pro 4\autostart.exe"
HKCU_Run: TaskSwitchXP=C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
HKCU_Run: SuperCopier2.exe=C:\Program Files\SuperCopier2\SuperCopier2.exe
HKCU_Run: STYLEXP=C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
HKCU_Run: PMCS="C:\Program Files\Pinnacle\Shared Files\\Programs\MediaCenterService\PMC.Service.Main.exe"
HKCU_Run: PC Suite Tray="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
HKCU_Run: Nokia.PCSync="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
HKCU_Run: MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background
HKCU_Run: kamsoft=C:\WINDOWS\system32\kamsoft.exe
HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU_Run: DownloadAccelerator="C:\Program Files\DAP\DAP.EXE" /STARTUP
HKCU_Run: RamBoostXp=C:\Program Files\RamBoost XP\rambxpfr.exe

################## [ Informations ]

################## [ Fichiers # Dossiers infectieux ]

Found ! C:\WINDOWS\system32\bycool1\log.exe
Found ! C:\WINDOWS\system32\bycool1\windo.exe
Found ! C:\WINDOWS\system32\gasretyw0.dll
Found ! C:\WINDOWS\system32\kamsoft.exe
Found ! "C:\WINDOWS\system32\bycool"
Found ! "C:\WINDOWS\system32\bycool1"
Found ! "C:\WINDOWS\system32\f"
C:\autorun.inf # -> fichier appelé : "C:\2u.com" ( présent ! )
Found ! C:\2u.com
Found ! C:\autorun.inf
Found ! C:\restore\k-1-3542-4232123213-7676767-8888886\Desktop.ini
F:\autorun.inf # -> fichier appelé : "F:\2u.com" ( présent ! )
Found ! F:\2u.com
Found ! F:\autorun.inf
G:\autorun.inf # -> fichier appelé : "G:\2u.com" ( présent ! )
Found ! G:\2u.com
Found ! G:\autorun.inf
Found ! I:\2u.com
Found ! I:\log.exe
Found ! I:\autorun.inf
Found ! I:\restore\k-1-3542-4232123213-7676767-8888886\Desktop.ini

################## [ Registre # Clés Run infectieuses ]

Found ! HKLM\software\microsoft\security center\\ "AntiVirusDisableNotify"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
Found ! HKLM\software\microsoft\security center\\ "AntiVirusOverride"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
Found ! HKLM\software\microsoft\security center\\ "FirewallOverride"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
Found ! HKLM\software\microsoft\security center\\ "UpdatesDisableNotify"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
Found ! HKCU\SOFTWARE\...\CurrentVersion\Policies\System\\ "DisableRegistryTools"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
Found ! HKCU\SOFTWARE\...\CurrentVersion\Policies\System\\ "DisableTaskMgr"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 )
Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "DRIVESYS"
Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "DRIVESYS1"
Found ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "kamsoft"
Found ! HKU\S-1-5-21-1292428093-1450960922-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "kamsoft"

################## [ Registre # Mountpoints2 ]

HKCU\Software\Microsoft\....\MountPoints2\C\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\C\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\C\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\F\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\F\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\F\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\G\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\G\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\G\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{18254340-2f4f-11dd-9fa6-806d6172696f}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{18254340-2f4f-11dd-9fa6-806d6172696f}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{18254340-2f4f-11dd-9fa6-806d6172696f}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{209f8950-9de9-11dd-b5f6-cd8541308322}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{2536edfe-b47e-11dd-b61d-ba0511aff622}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{2536edfe-b47e-11dd-b61d-ba0511aff622}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{2536edfe-b47e-11dd-b61d-ba0511aff622}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{2c7ed588-1487-11de-b68d-cd651fd5e824}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{2c7ed588-1487-11de-b68d-cd651fd5e824}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{472f331a-8ebf-11dd-b5e2-e47c4f34c623}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{472f331a-8ebf-11dd-b5e2-e47c4f34c623}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{472f331a-8ebf-11dd-b5e2-e47c4f34c623}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{4bcad740-4760-11dd-9b62-806d6172696f}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{4bcad740-4760-11dd-9b62-806d6172696f}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{4bcad740-4760-11dd-9b62-806d6172696f}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{669ef990-f5a0-11dd-b673-fbd0308ea024}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{669ef990-f5a0-11dd-b673-fbd0308ea024}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{6f7d2efb-7501-11dd-b5bd-964017841b23}\Shell\Auto\command
HKCU\Software\Microsoft\....\MountPoints2\{6f7d2efb-7501-11dd-b5bd-964017841b23}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{6f7d2efb-7501-11dd-b5bd-964017841b23}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{6f7d2efb-7501-11dd-b5bd-964017841b23}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{7add2800-a9e2-11dd-b60c-d862cdd30623}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{7add2800-a9e2-11dd-b60c-d862cdd30623}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{7add2800-a9e2-11dd-b60c-d862cdd30623}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{7d92a345-20e0-11de-b6a5-890ed8410224}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{7d92a345-20e0-11de-b6a5-890ed8410224}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{90e54214-1b92-11de-b696-bc014366b723}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{90e54214-1b92-11de-b696-bc014366b723}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{9186200b-088b-11de-b67c-a552a06b9624}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{9186200b-088b-11de-b67c-a552a06b9624}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{9186200b-088b-11de-b67c-a552a06b9624}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{940c2bf0-1e31-11de-b69c-aa8918743e23}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{940c2bf0-1e31-11de-b69c-aa8918743e23}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{9d6813ea-c026-11dc-bf05-e2ebab7d8960}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{9d6813ea-c026-11dc-bf05-e2ebab7d8960}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{9d6813ea-c026-11dc-bf05-e2ebab7d8960}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{a2fd983f-30cf-11dd-9fab-9b77759f9946}\Shell\Auto\command
HKCU\Software\Microsoft\....\MountPoints2\{a2fd983f-30cf-11dd-9fab-9b77759f9946}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{b0b90e2c-11ee-11de-b68b-8545e04e5623}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{b0b90e2c-11ee-11de-b68b-8545e04e5623}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{b4f82d9c-9dcf-11dd-b5f5-f0cae946e023}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{b4f82d9c-9dcf-11dd-b5f5-f0cae946e023}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{b4f82d9c-9dcf-11dd-b5f5-f0cae946e023}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{d9a8350e-9e05-11dd-b5f7-fab1ba481322}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{d9a8350e-9e05-11dd-b5f7-fab1ba481322}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{d9a8350e-9e05-11dd-b5f7-fab1ba481322}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{e35065a8-a386-11dd-b601-85d614b02a22}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{e35065a8-a386-11dd-b601-85d614b02a22}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{e35065a8-a386-11dd-b601-85d614b02a22}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{e3c6deb8-eef4-11dd-b672-db9b8d914524}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{e3c6deb8-eef4-11dd-b672-db9b8d914524}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{e3c6deb9-eef4-11dd-b672-db9b8d914524}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{e3c6deb9-eef4-11dd-b672-db9b8d914524}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{e3c6deba-eef4-11dd-b672-db9b8d914524}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{e3c6deba-eef4-11dd-b672-db9b8d914524}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{e3c6deba-eef4-11dd-b672-db9b8d914524}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{e972d640-4761-11dd-b579-806d6172696f}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{e972d640-4761-11dd-b579-806d6172696f}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{e972d640-4761-11dd-b579-806d6172696f}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{ea558564-dc2e-11dd-b65d-9487e6b59324}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{ed7c677a-0718-11de-b679-bf7b3e6040fa}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{ed7c677a-0718-11de-b679-bf7b3e6040fa}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{fc7146c6-b089-11dc-88cd-806d6172696f}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{fc7146c6-b089-11dc-88cd-806d6172696f}\Shell\explore\Command
HKCU\Software\Microsoft\....\MountPoints2\{fc7146c6-b089-11dc-88cd-806d6172696f}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{fca6e431-5637-11dd-b5a1-ac47e8051724}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{fca6e431-5637-11dd-b5a1-ac47e8051724}\Shell\open\Command

################## [ ! Fin du rapport # UsbFix V3.014 ! ]
0
Réponse 11 / 22
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

--> Double-clique sur le raccourci UsbFix présent sur ton Bureau.

--> Choisis l'option 2 (Suppression).

--> Ton Bureau disparaîtra et le PC redémarrera.

--> Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.

--> Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau .

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
0
Réponse 12 / 22
Almadi
 
Mon ordi est vraiment infecté c grav!!!!
0
Réponse 13 / 22
Almadi
 
Rapport suppression: PART 1

############################## [ UsbFix V3.014 ]

# User : Admin (Administrateurs) # HOME-D5B360BACB
# Update on 27/04/09 by C_XX & Chiquitine29
# Start at: 11:36:08 | 29/04/2009

# AMD Athlon(tm) 64 Processor 3800+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Disabled
# AV : avast! antivirus 4.8.1201 [VPS 081122-0] 4.8.1201 [ (!) Disabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 259,02 Go (240,81 Go free) # NTFS
# D:\ # Disque CD-ROM # 0 Mo (0 Mo free) [Audio CD] # CDFS
# E:\ # Disque CD-ROM
# F:\ # Disque fixe local # 19,53 Go (11,9 Go free) [Musique] # NTFS
# G:\ # Disque fixe local # 19,53 Go (2,12 Go free) [Flims] # NTFS
# I:\ # Disque amovible # 952,86 Mo (951,04 Mo free) # FAT32

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Fichiers # Dossiers infectieux ]

Deleted ! C:\WINDOWS\system32\bycool1\log.exe
Deleted ! C:\WINDOWS\system32\bycool1\windo.exe
Deleted ! C:\WINDOWS\system32\gasretyw0.dll
Deleted ! C:\WINDOWS\system32\kamsoft.exe
Deleted ! "C:\WINDOWS\system32\bycool"
Deleted ! "C:\WINDOWS\system32\bycool1"
Deleted ! "C:\WINDOWS\system32\f"
C:\autorun.inf # -> fichier appelé : "C:\2u.com" ( présent ! )
Deleted ! -> C:\2u.com
Deleted ! C:\autorun.inf
Deleted ! C:\restore\k-1-3542-4232123213-7676767-8888886\Desktop.ini
F:\autorun.inf # -> fichier appelé : "F:\2u.com" ( présent ! )
Deleted ! -> F:\2u.com
Deleted ! F:\autorun.inf
G:\autorun.inf # -> fichier appelé : "G:\2u.com" ( présent ! )
Deleted ! -> G:\2u.com
Deleted ! G:\autorun.inf
I:\autorun.inf # -> fichier appelé : "I:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\Rgmen.exe" ( présent ! )
Deleted ! -> I:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\Rgmen.exe
Deleted ! I:\2u.com
Deleted ! I:\log.exe
Deleted ! I:\autorun.inf
Deleted ! I:\restore\k-1-3542-4232123213-7676767-8888886\Desktop.ini

################## [ Registre # Clés Run infectieuses ]

# HKLM\software\microsoft\security center\\ "AntiVirusDisableNotify"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
# HKLM\software\microsoft\security center\\ "AntiVirusOverride"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
# HKLM\software\microsoft\security center\\ "FirewallOverride"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
# HKLM\software\microsoft\security center\\ "UpdatesDisableNotify"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
# HKCU\SOFTWARE\...\CurrentVersion\Policies\System\\ "DisableRegistryTools"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
# HKCU\SOFTWARE\...\CurrentVersion\Policies\System\\ "DisableTaskMgr"
# -> ( Value = 0x1 | Good = 0x0 Bad = 0x1 ) # -> Reset sucessfully !
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "DRIVESYS"
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "DRIVESYS1"
Deleted ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "kamsoft"

################## [ Registre # Mountpoints2 ]

Deleted ! HKCU\Software\Microsoft\....\MountPoints2\C\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\C\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\C\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\F\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\F\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\F\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\G\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\G\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\G\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{209f8950-9de9-11dd-b5f6-cd8541308322}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{2536edfe-b47e-11dd-b61d-ba0511aff622}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{2536edfe-b47e-11dd-b61d-ba0511aff622}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{2536edfe-b47e-11dd-b61d-ba0511aff622}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{2c7ed588-1487-11de-b68d-cd651fd5e824}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{2c7ed588-1487-11de-b68d-cd651fd5e824}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{472f331a-8ebf-11dd-b5e2-e47c4f34c623}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{472f331a-8ebf-11dd-b5e2-e47c4f34c623}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{472f331a-8ebf-11dd-b5e2-e47c4f34c623}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{4bcad740-4760-11dd-9b62-806d6172696f}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{4bcad740-4760-11dd-9b62-806d6172696f}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{4bcad740-4760-11dd-9b62-806d6172696f}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{669ef990-f5a0-11dd-b673-fbd0308ea024}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{669ef990-f5a0-11dd-b673-fbd0308ea024}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{6f7d2efb-7501-11dd-b5bd-964017841b23}\Shell\Auto\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{6f7d2efb-7501-11dd-b5bd-964017841b23}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{6f7d2efb-7501-11dd-b5bd-964017841b23}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{6f7d2efb-7501-11dd-b5bd-964017841b23}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{7add2800-a9e2-11dd-b60c-d862cdd30623}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{7add2800-a9e2-11dd-b60c-d862cdd30623}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{7add2800-a9e2-11dd-b60c-d862cdd30623}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{7d92a345-20e0-11de-b6a5-890ed8410224}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{7d92a345-20e0-11de-b6a5-890ed8410224}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{90e54214-1b92-11de-b696-bc014366b723}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{90e54214-1b92-11de-b696-bc014366b723}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{9186200b-088b-11de-b67c-a552a06b9624}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{9186200b-088b-11de-b67c-a552a06b9624}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{9186200b-088b-11de-b67c-a552a06b9624}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{940c2bf0-1e31-11de-b69c-aa8918743e23}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{940c2bf0-1e31-11de-b69c-aa8918743e23}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{9d6813ea-c026-11dc-bf05-e2ebab7d8960}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{9d6813ea-c026-11dc-bf05-e2ebab7d8960}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{9d6813ea-c026-11dc-bf05-e2ebab7d8960}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{a2fd983f-30cf-11dd-9fab-9b77759f9946}\Shell\Auto\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{a2fd983f-30cf-11dd-9fab-9b77759f9946}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{b0b90e2c-11ee-11de-b68b-8545e04e5623}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{b0b90e2c-11ee-11de-b68b-8545e04e5623}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{b4f82d9c-9dcf-11dd-b5f5-f0cae946e023}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{b4f82d9c-9dcf-11dd-b5f5-f0cae946e023}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{b4f82d9c-9dcf-11dd-b5f5-f0cae946e023}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{d9a8350e-9e05-11dd-b5f7-fab1ba481322}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{d9a8350e-9e05-11dd-b5f7-fab1ba481322}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{d9a8350e-9e05-11dd-b5f7-fab1ba481322}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e35065a8-a386-11dd-b601-85d614b02a22}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e35065a8-a386-11dd-b601-85d614b02a22}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e35065a8-a386-11dd-b601-85d614b02a22}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e3c6deb8-eef4-11dd-b672-db9b8d914524}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e3c6deb8-eef4-11dd-b672-db9b8d914524}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e3c6deb9-eef4-11dd-b672-db9b8d914524}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e3c6deb9-eef4-11dd-b672-db9b8d914524}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e3c6deba-eef4-11dd-b672-db9b8d914524}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e3c6deba-eef4-11dd-b672-db9b8d914524}\Shell\explore\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{e3c6deba-eef4-11dd-b672-db9b8d914524}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{ed7c677a-0718-11de-b679-bf7b3e6040fa}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{ed7c677a-0718-11de-b679-bf7b3e6040fa}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{fca6e431-5637-11dd-b5a1-ac47e8051724}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{fca6e431-5637-11dd-b5a1-ac47e8051724}\Shell\open\Command
0
Réponse 14 / 22
Almadi
 
Rapport suppression: PART 2

################## [ Listing des fichiers présent ]

[29/03/2008 19:45|--a------|95] - C:\AUTOEXEC.BAT
[22/12/2007 13:09|--a------|212] - C:\BOOT.BKK
[18/01/2009 21:14|--a------|233] - C:\boot.ini
[10/01/2008 13:09|--a------|233] - C:\boot.ini.back
[22/12/2007 13:09|--a------|212] - C:\boot.uni
[24/04/2003 13:00|-rahs----|4952] - C:\Bootfont.bin
[29/04/2009 07:36|--a------|28202] - C:\checkrun.txt
[22/12/2007 13:14|--a------|0] - C:\CONFIG.SYS
[22/12/2007 13:14|-rahs----|0] - C:\IO.SYS
[23/01/2008 16:17|--a------|20906864] - C:\Lavasoft_Adaware2007_fr.exe
[20/02/2008 12:30|--a------|213698] - C:\MSDELog.log
[22/12/2007 13:14|-rahs----|0] - C:\MSDOS.SYS
[03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
[03/08/2004 22:59|-rahs----|251712] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[21/02/2008 12:56|--a------|1309701] - C:\rambxpfr.zip
[19/12/2008 08:10|--a------|86934248] - C:\registry-backup.reg
[13/04/2009 06:58|--ah-----|232] - C:\sqmdata00.sqm
[24/04/2009 17:43|--ah-----|232] - C:\sqmdata01.sqm
[26/04/2009 08:45|--ah-----|232] - C:\sqmdata02.sqm
[27/04/2009 09:53|--ah-----|232] - C:\sqmdata03.sqm
[27/04/2009 15:23|--ah-----|232] - C:\sqmdata04.sqm
[28/04/2009 09:34|--ah-----|232] - C:\sqmdata05.sqm
[28/04/2009 20:39|--ah-----|232] - C:\sqmdata06.sqm
[29/04/2009 07:37|--ah-----|232] - C:\sqmdata07.sqm
[05/04/2009 08:49|--ah-----|232] - C:\sqmdata08.sqm
[06/04/2009 21:14|--ah-----|232] - C:\sqmdata09.sqm
[08/04/2009 07:22|--ah-----|232] - C:\sqmdata10.sqm
[09/04/2009 08:51|--ah-----|232] - C:\sqmdata11.sqm
[09/04/2009 09:09|--ah-----|232] - C:\sqmdata12.sqm
[09/04/2009 09:33|--ah-----|232] - C:\sqmdata13.sqm
[09/04/2009 09:35|--ah-----|232] - C:\sqmdata14.sqm
[10/04/2009 11:53|--ah-----|232] - C:\sqmdata15.sqm
[11/04/2009 11:13|--ah-----|232] - C:\sqmdata16.sqm
[11/04/2009 22:17|--ah-----|232] - C:\sqmdata17.sqm
[12/04/2009 14:54|--ah-----|232] - C:\sqmdata18.sqm
[12/04/2009 17:13|--ah-----|232] - C:\sqmdata19.sqm
[13/04/2009 06:58|--ah-----|244] - C:\sqmnoopt00.sqm
[24/04/2009 17:43|--ah-----|244] - C:\sqmnoopt01.sqm
[26/04/2009 08:45|--ah-----|244] - C:\sqmnoopt02.sqm
[27/04/2009 09:53|--ah-----|244] - C:\sqmnoopt03.sqm
[27/04/2009 15:23|--ah-----|244] - C:\sqmnoopt04.sqm
[28/04/2009 09:34|--ah-----|244] - C:\sqmnoopt05.sqm
[28/04/2009 20:39|--ah-----|244] - C:\sqmnoopt06.sqm
[29/04/2009 07:37|--ah-----|244] - C:\sqmnoopt07.sqm
[05/04/2009 08:49|--ah-----|244] - C:\sqmnoopt08.sqm
[06/04/2009 21:14|--ah-----|244] - C:\sqmnoopt09.sqm
[08/04/2009 07:22|--ah-----|244] - C:\sqmnoopt10.sqm
[09/04/2009 08:51|--ah-----|244] - C:\sqmnoopt11.sqm
[09/04/2009 09:09|--ah-----|244] - C:\sqmnoopt12.sqm
[09/04/2009 09:33|--ah-----|244] - C:\sqmnoopt13.sqm
[09/04/2009 09:35|--ah-----|244] - C:\sqmnoopt14.sqm
[10/04/2009 11:53|--ah-----|244] - C:\sqmnoopt15.sqm
[11/04/2009 11:13|--ah-----|244] - C:\sqmnoopt16.sqm
[11/04/2009 22:17|--ah-----|244] - C:\sqmnoopt17.sqm
[12/04/2009 14:54|--ah-----|244] - C:\sqmnoopt18.sqm
[12/04/2009 17:13|--ah-----|244] - C:\sqmnoopt19.sqm
[29/04/2009 07:37|--a------|45] - C:\TEST.XML
[21/02/2008 14:02|--a------|14174464] - C:\TU2008TrialFR.exe
[29/04/2009 11:36|--a------|14753] - C:\UsbFix.txt
[01/01/1995 01:00|-r-------|44] - D:\Track01.cda
[01/01/1995 01:00|-r-------|44] - D:\Track02.cda
[01/01/1995 01:04|-r-------|44] - D:\Track03.cda
[01/01/1995 01:08|-r-------|44] - D:\Track04.cda
[01/01/1995 01:12|-r-------|44] - D:\Track05.cda
[01/01/1995 01:17|-r-------|44] - D:\Track06.cda
[01/01/1995 01:20|-r-------|44] - D:\Track07.cda
[01/01/1995 01:24|-r-------|44] - D:\Track08.cda
[01/01/1995 01:29|-r-------|44] - D:\Track09.cda
[01/01/1995 01:33|-r-------|44] - D:\Track10.cda
[01/01/1995 01:38|-r-------|44] - D:\Track11.cda
[01/01/1995 01:42|-r-------|44] - D:\Track12.cda
[01/01/1995 01:46|-r-------|44] - D:\Track13.cda
[01/01/1995 01:50|-r-------|44] - D:\Track14.cda
[01/01/1995 01:54|-r-------|44] - D:\Track15.cda
[01/01/1995 01:59|-r-------|44] - D:\Track16.cda
[01/01/1995 01:03|-r-------|44] - D:\Track17.cda
[01/01/1995 01:08|-r-------|44] - D:\Track18.cda
[01/01/1995 01:12|-r-------|44] - D:\Track19.cda
[02/09/2005 16:04|--a------|5562099] - F:\001 LES GARAGISTES (9).mp3
[14/05/2007 09:45|--a------|6232664] - F:\01 akut mot.wma
[11/06/2007 21:06|--a------|3788566] - F:\02 ti amor.wma
[31/07/2008 21:36|--a------|3597402] - F:\03 Life for Rent.wma
[14/05/2007 14:44|--a------|4284534] - F:\03 mone nlam.wma
[14/05/2007 14:49|--a------|5396072] - F:\05 metin awom.wma
[14/05/2007 09:56|--a------|5025508] - F:\06 tabita.wma
[16/05/2008 11:32|--a------|4247044] - F:\08_akon ft T-Pain_can't_wait.mp3
[19/03/2009 16:31|--a------|3869940] - F:\13 Tokio hotel - monsoon.mp3
[09/04/2007 17:01|--a------|5761704] - F:\14-melissa_feat _khaled-benthi(2).mp3
[30/04/2008 12:41|--a------|3664072] - F:\15 Piste 15.mp3
[21/03/2009 20:27|--a------|8780631] - F:\6028-pussycat_dolls-i_hate_this_part.mp3
[04/12/2007 15:04|--a------|3053696] - F:\a2 rihanna - please don't stop the music (official dance remix)341.mp3
[31/07/2008 21:24|--a------|4093165] - F:\Akon+Michael Jackson-wanna be startin something.mp3
[25/09/2007 06:21|--a------|5621760] - F:\amy_winehouse_feat _jay-z_-_rehab_offical.mp3
[04/07/2008 14:32|--a------|4749940] - F:\Auguste Solo (Guitare solo).mp3
[30/09/2008 14:23|--a------|69785134] - F:\Ayo - Gravity at last.rar
[25/03/2008 14:51|--a------|11425540] - F:\Barry white- Never Never Gonna Give You Up.mp3
[14/01/2006 10:51|--a------|4627264] - F:\beat(alyaah -try again).mp3
[29/03/2009 14:53|--a------|1047255] - F:\Beyonce_Halo.mp3
[16/09/2006 11:26|--a------|5312512] - F:\bob sinclar feat dollarman & big ali - rock this party (everybody dance now).mp3
[21/03/2009 19:40|--a------|4993828] - F:\Busta Rhymes - Arab Money (Remix Pt. 3) (Ft. Ron Browz, Juelz Santana, Jim Jones & Jadakiss) iM1.mp3
[27/04/2007 08:49|--a------|5067192] - F:\Calabria 2007 (Feat. Natasja).mp3
[24/02/2006 09:52|--a------|2754894] - F:\chris brown - run it.mp3
[31/07/2008 21:16|--a------|4467631] - F:\Chris brown-survivor.mp3
[19/07/2007 19:04|--a------|6334464] - F:\daddy yankee ft fergie - el impacto.mp3
[22/04/2006 16:33|--a------|3752994] - F:\DADOO - Sales Gosses.mp3
[02/06/2008 20:24|--a------|2813801] - F:\Darf Punk - One more time.mp3
[09/07/2008 19:34|--a------|65355360] - F:\DjHitz_ChrisBrownThePrinceOfR_B_By_SJshah-downloadforum[1].ws.rar
[11/09/2008 15:42|--a------|3868630] - F:\DREAM et FABOLOUS shawty is the ten.mp3
[29/01/2008 08:16|--a------|799641] - F:\DSCF0428.JPG
[15/07/2008 19:16|--a------|21144892] - F:\Hs_demo.zip
[30/03/2009 17:15|--a------|1252963] - F:\James_Morrison_Broken_Strings.mp3
[21/03/2009 19:30|--a------|5891745] - F:\Jamie Foxx Ft. T-Pain, Busta Rhymes & Lil' Wayne - Blame It (Offical Remix) iM1.mp3
[29/06/2008 17:19|--a------|26828175] - F:\Jay-Z-American_Gangster-2007-ERB_INT.rar
[28/02/2009 14:25|--a------|6621573] - F:\Jeff Buckley - Hallelujah(2).mp3
[15/07/2008 18:29|--a------|79286073] - F:\K-MSTSMF.zip
[01/10/2008 17:59|--a------|37650432] - F:\Lupe_Fiasco-Xtreme-2008-C4.rar
[02/07/2008 13:22|--a------|124278172] - F:\Mariah Carey - E=MC2 (2008).rar
[18/06/2007 18:25|--a------|4735103] - F:\MARVIN GAYE-Let's get it on.mp3
[29/06/2008 18:09|--a------|27731836] - F:\MJ[1].7even.2008.rar
[05/11/2008 09:50|--a------|5591746] - F:\ne-yo ft lil wayne jay-z kanye west - miss independent official remix.mp3
[30/09/2008 13:48|--a------|31109664] - F:\Norah_Jones_-+2008_The+Greatest+Hits.part2.rar
[06/07/2007 15:08|--a------|6125733] - F:\rihanna ft chris brown & jay-z - umbrella (cinderella) (remix).mp3
[21/03/2009 20:14|--a------|6181910] - F:\shegotherown.mp3
[22/01/2008 16:38|--a------|3850888] - F:\Soprano - A la bien.mp3
[16/06/2007 08:42|--a------|4620253] - F:\SOPRANO - halla halla.mp3
[22/01/2008 18:54|--a------|2764603] - F:\Soprano ft Vitaa.mp3
[26/03/2009 19:59|--a------|3871454] - F:\soudja boy.kiss me to phone.mp3
[24/01/2006 20:41|--a------|3762555] - F:\Street dancer(2).mp3
[28/02/2009 14:14|--a------|4631116] - F:\The Dream - Rockin That Thing.mp3
[10/08/2008 15:23|--ahs----|13312] - F:\Thumbs.db
[26/04/2009 17:02|--a------|112988] - F:\VirtualDJ Local Database v5.xml
[16/02/2009 15:45|--a------|1993982] - F:\vitaa - a fleur de toi.aac
[27/09/2008 12:31|--a------|4598430] - F:\VITAA-Ma soeur.mp3
[12/04/2008 17:41|--a------|6065315] - F:\Zaho - C'est chelou.mp3
[17/04/2008 09:14|--a------|3934288] - F:\Zaho_La roue tourne (feat. Tunisiano).mp3
[09/08/2008 21:30|--a------|6130398] - F:\zaho_larouetourne.mp3
[10/03/2008 23:33|--a------|736081920] - G:\Appleseed.Ex.Machina.avi
[01/06/2008 07:17|--a------|730972708] - G:\Benjamin Gates et le Livre des Secrets.avi
[21/05/2008 18:00|--a------|734414848] - G:\carnage-indy4.avi
[20/05/2008 23:37|--a------|54] - G:\Exclues.URL
[17/11/2008 06:16|--a------|734083072] - G:\Gad_Elmaleh_Papa_est_en_haut_Spectacle_2008_REPACK_1CD
[29/12/2008 09:49|--a------|733032448] - G:\Kung fu panda .avi
[28/01/2009 20:50|--a------|731654144] - G:\Madagascar Escape 2 Africa.avi
[08/07/2008 06:19|--a------|732465152] - G:\Naruto Shippuuden le film - La Mort de Naruto.avi
[15/01/2008 18:24|--a------|736309248] - G:\Pirates des Caraibes 3 Jusqu'au bout du monde DVDRIP FR.avi
[17/02/2009 23:12|--a------|733401088] - G:\Resident.Evil.Degeneration.FRENCH.DVDRIP.XVID-TGK.Upload.(Steph53).Mininova.org..avi
[15/01/2009 00:09|--a------|735232000] - G:\Seven.Pounds.TRUEFRENCH.DVDSCR.MD.REPACK.1CD.XViD-FiNGeR.avi
[16/01/2009 20:12|--a------|733724672] - G:\Taken.avi
[29/04/2009 08:39|--ahs----|12800] - G:\Thumbs.db
[16/07/2008 22:58|--a------|1581] - G:\VirtualDJ Local Database v5.xml
[29/04/2009 08:20|--a------|15409] - I:\info.txt
[29/04/2009 08:38|--a------|38962] - I:\log.txt
[29/04/2009 11:35|--a------|1614] - I:\BOOTEX.LOG
[29/04/2009 11:16|--a------|16289] - I:\UsbFix.txt

################## [ Vaccination ]

# C:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
# G:\autorun.inf -> Folder created by UsbFix.
# I:\autorun.inf -> Folder created by UsbFix.

################## [ Cracks / Keygens / Serials ]

# -> Nothing found !

################## [ ! Fin du rapport # UsbFix V3.014 ! ]
0
Réponse 15 / 22
Almadi
 
PART 2:

################## [ Listing des fichiers présent ]

[29/03/2008 19:45|--a------|95] - C:\AUTOEXEC.BAT
[22/12/2007 13:09|--a------|212] - C:\BOOT.BKK
[18/01/2009 21:14|--a------|233] - C:\boot.ini
[10/01/2008 13:09|--a------|233] - C:\boot.ini.back
[22/12/2007 13:09|--a------|212] - C:\boot.uni
[24/04/2003 13:00|-rahs----|4952] - C:\Bootfont.bin
[29/04/2009 07:36|--a------|28202] - C:\checkrun.txt
[22/12/2007 13:14|--a------|0] - C:\CONFIG.SYS
[22/12/2007 13:14|-rahs----|0] - C:\IO.SYS
[23/01/2008 16:17|--a------|20906864] - C:\Lavasoft_Adaware2007_fr.exe
[20/02/2008 12:30|--a------|213698] - C:\MSDELog.log
[22/12/2007 13:14|-rahs----|0] - C:\MSDOS.SYS
[03/08/2004 22:38|-rahs----|47564] - C:\NTDETECT.COM
[03/08/2004 22:59|-rahs----|251712] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[21/02/2008 12:56|--a------|1309701] - C:\rambxpfr.zip
[19/12/2008 08:10|--a------|86934248] - C:\registry-backup.reg
[13/04/2009 06:58|--ah-----|232] - C:\sqmdata00.sqm
[24/04/2009 17:43|--ah-----|232] - C:\sqmdata01.sqm
[26/04/2009 08:45|--ah-----|232] - C:\sqmdata02.sqm
[27/04/2009 09:53|--ah-----|232] - C:\sqmdata03.sqm
[27/04/2009 15:23|--ah-----|232] - C:\sqmdata04.sqm
[28/04/2009 09:34|--ah-----|232] - C:\sqmdata05.sqm
[28/04/2009 20:39|--ah-----|232] - C:\sqmdata06.sqm
[29/04/2009 07:37|--ah-----|232] - C:\sqmdata07.sqm
[05/04/2009 08:49|--ah-----|232] - C:\sqmdata08.sqm
[06/04/2009 21:14|--ah-----|232] - C:\sqmdata09.sqm
[08/04/2009 07:22|--ah-----|232] - C:\sqmdata10.sqm
[09/04/2009 08:51|--ah-----|232] - C:\sqmdata11.sqm
[09/04/2009 09:09|--ah-----|232] - C:\sqmdata12.sqm
[09/04/2009 09:33|--ah-----|232] - C:\sqmdata13.sqm
[09/04/2009 09:35|--ah-----|232] - C:\sqmdata14.sqm
[10/04/2009 11:53|--ah-----|232] - C:\sqmdata15.sqm
[11/04/2009 11:13|--ah-----|232] - C:\sqmdata16.sqm
[11/04/2009 22:17|--ah-----|232] - C:\sqmdata17.sqm
[12/04/2009 14:54|--ah-----|232] - C:\sqmdata18.sqm
[12/04/2009 17:13|--ah-----|232] - C:\sqmdata19.sqm
[13/04/2009 06:58|--ah-----|244] - C:\sqmnoopt00.sqm
[24/04/2009 17:43|--ah-----|244] - C:\sqmnoopt01.sqm
[26/04/2009 08:45|--ah-----|244] - C:\sqmnoopt02.sqm
[27/04/2009 09:53|--ah-----|244] - C:\sqmnoopt03.sqm
[27/04/2009 15:23|--ah-----|244] - C:\sqmnoopt04.sqm
[28/04/2009 09:34|--ah-----|244] - C:\sqmnoopt05.sqm
[28/04/2009 20:39|--ah-----|244] - C:\sqmnoopt06.sqm
[29/04/2009 07:37|--ah-----|244] - C:\sqmnoopt07.sqm
[05/04/2009 08:49|--ah-----|244] - C:\sqmnoopt08.sqm
[06/04/2009 21:14|--ah-----|244] - C:\sqmnoopt09.sqm
[08/04/2009 07:22|--ah-----|244] - C:\sqmnoopt10.sqm
[09/04/2009 08:51|--ah-----|244] - C:\sqmnoopt11.sqm
[09/04/2009 09:09|--ah-----|244] - C:\sqmnoopt12.sqm
[09/04/2009 09:33|--ah-----|244] - C:\sqmnoopt13.sqm
[09/04/2009 09:35|--ah-----|244] - C:\sqmnoopt14.sqm
[10/04/2009 11:53|--ah-----|244] - C:\sqmnoopt15.sqm
[11/04/2009 11:13|--ah-----|244] - C:\sqmnoopt16.sqm
[11/04/2009 22:17|--ah-----|244] - C:\sqmnoopt17.sqm
[12/04/2009 14:54|--ah-----|244] - C:\sqmnoopt18.sqm
[12/04/2009 17:13|--ah-----|244] - C:\sqmnoopt19.sqm
[29/04/2009 07:37|--a------|45] - C:\TEST.XML
[21/02/2008 14:02|--a------|14174464] - C:\TU2008TrialFR.exe
[29/04/2009 11:36|--a------|14753] - C:\UsbFix.txt
[01/01/1995 01:00|-r-------|44] - D:\Track01.cda
[01/01/1995 01:00|-r-------|44] - D:\Track02.cda
[01/01/1995 01:04|-r-------|44] - D:\Track03.cda
[01/01/1995 01:08|-r-------|44] - D:\Track04.cda
[01/01/1995 01:12|-r-------|44] - D:\Track05.cda
[01/01/1995 01:17|-r-------|44] - D:\Track06.cda
[01/01/1995 01:20|-r-------|44] - D:\Track07.cda
[01/01/1995 01:24|-r-------|44] - D:\Track08.cda
[01/01/1995 01:29|-r-------|44] - D:\Track09.cda
[01/01/1995 01:33|-r-------|44] - D:\Track10.cda
[01/01/1995 01:38|-r-------|44] - D:\Track11.cda
[01/01/1995 01:42|-r-------|44] - D:\Track12.cda
[01/01/1995 01:46|-r-------|44] - D:\Track13.cda
[01/01/1995 01:50|-r-------|44] - D:\Track14.cda
[01/01/1995 01:54|-r-------|44] - D:\Track15.cda
[01/01/1995 01:59|-r-------|44] - D:\Track16.cda
[01/01/1995 01:03|-r-------|44] - D:\Track17.cda
[01/01/1995 01:08|-r-------|44] - D:\Track18.cda
[01/01/1995 01:12|-r-------|44] - D:\Track19.cda
[02/09/2005 16:04|--a------|5562099] - F:\001 LES GARAGISTES (9).mp3
[14/05/2007 09:45|--a------|6232664] - F:\01 akut mot.wma
[11/06/2007 21:06|--a------|3788566] - F:\02 ti amor.wma
[31/07/2008 21:36|--a------|3597402] - F:\03 Life for Rent.wma
[14/05/2007 14:44|--a------|4284534] - F:\03 mone nlam.wma
[14/05/2007 14:49|--a------|5396072] - F:\05 metin awom.wma
[14/05/2007 09:56|--a------|5025508] - F:\06 tabita.wma
0
Réponse 16 / 22
Almadi
 
PART 3:

[16/05/2008 11:32|--a------|4247044] - F:\08_akon ft T-Pain_can't_wait.mp3
[19/03/2009 16:31|--a------|3869940] - F:\13 Tokio hotel - monsoon.mp3
[09/04/2007 17:01|--a------|5761704] - F:\14-melissa_feat _khaled-benthi(2).mp3
[30/04/2008 12:41|--a------|3664072] - F:\15 Piste 15.mp3
[21/03/2009 20:27|--a------|8780631] - F:\6028-pussycat_dolls-i_hate_this_part.mp3
[04/12/2007 15:04|--a------|3053696] - F:\a2 rihanna - please don't stop the music (official dance remix)341.mp3
[31/07/2008 21:24|--a------|4093165] - F:\Akon+Michael Jackson-wanna be startin something.mp3
[25/09/2007 06:21|--a------|5621760] - F:\amy_winehouse_feat _jay-z_-_rehab_offical.mp3
[04/07/2008 14:32|--a------|4749940] - F:\Auguste Solo (Guitare solo).mp3
[30/09/2008 14:23|--a------|69785134] - F:\Ayo - Gravity at last.rar
[25/03/2008 14:51|--a------|11425540] - F:\Barry white- Never Never Gonna Give You Up.mp3
[14/01/2006 10:51|--a------|4627264] - F:\beat(alyaah -try again).mp3
[29/03/2009 14:53|--a------|1047255] - F:\Beyonce_Halo.mp3
[16/09/2006 11:26|--a------|5312512] - F:\bob sinclar feat dollarman & big ali - rock this party (everybody dance now).mp3
[21/03/2009 19:40|--a------|4993828] - F:\Busta Rhymes - Arab Money (Remix Pt. 3) (Ft. Ron Browz, Juelz Santana, Jim Jones & Jadakiss) iM1.mp3
[27/04/2007 08:49|--a------|5067192] - F:\Calabria 2007 (Feat. Natasja).mp3
[24/02/2006 09:52|--a------|2754894] - F:\chris brown - run it.mp3
[31/07/2008 21:16|--a------|4467631] - F:\Chris brown-survivor.mp3
[19/07/2007 19:04|--a------|6334464] - F:\daddy yankee ft fergie - el impacto.mp3
[22/04/2006 16:33|--a------|3752994] - F:\DADOO - Sales Gosses.mp3
[02/06/2008 20:24|--a------|2813801] - F:\Darf Punk - One more time.mp3
[09/07/2008 19:34|--a------|65355360] - F:\DjHitz_ChrisBrownThePrinceOfR_B_By_SJshah-downloadforum[1].ws.rar
[11/09/2008 15:42|--a------|3868630] - F:\DREAM et FABOLOUS shawty is the ten.mp3
[29/01/2008 08:16|--a------|799641] - F:\DSCF0428.JPG
[15/07/2008 19:16|--a------|21144892] - F:\Hs_demo.zip
[30/03/2009 17:15|--a------|1252963] - F:\James_Morrison_Broken_Strings.mp3
[21/03/2009 19:30|--a------|5891745] - F:\Jamie Foxx Ft. T-Pain, Busta Rhymes & Lil' Wayne - Blame It (Offical Remix) iM1.mp3
[29/06/2008 17:19|--a------|26828175] - F:\Jay-Z-American_Gangster-2007-ERB_INT.rar
[28/02/2009 14:25|--a------|6621573] - F:\Jeff Buckley - Hallelujah(2).mp3
[15/07/2008 18:29|--a------|79286073] - F:\K-MSTSMF.zip
[01/10/2008 17:59|--a------|37650432] - F:\Lupe_Fiasco-Xtreme-2008-C4.rar
[02/07/2008 13:22|--a------|124278172] - F:\Mariah Carey - E=MC2 (2008).rar
[18/06/2007 18:25|--a------|4735103] - F:\MARVIN GAYE-Let's get it on.mp3
[29/06/2008 18:09|--a------|27731836] - F:\MJ[1].7even.2008.rar
[05/11/2008 09:50|--a------|5591746] - F:\ne-yo ft lil wayne jay-z kanye west - miss independent official remix.mp3
[30/09/2008 13:48|--a------|31109664] - F:\Norah_Jones_-+2008_The+Greatest+Hits.part2.rar
[06/07/2007 15:08|--a------|6125733] - F:\rihanna ft chris brown & jay-z - umbrella (cinderella) (remix).mp3
[21/03/2009 20:14|--a------|6181910] - F:\shegotherown.mp3
[22/01/2008 16:38|--a------|3850888] - F:\Soprano - A la bien.mp3
[16/06/2007 08:42|--a------|4620253] - F:\SOPRANO - halla halla.mp3
[22/01/2008 18:54|--a------|2764603] - F:\Soprano ft Vitaa.mp3
[26/03/2009 19:59|--a------|3871454] - F:\soudja boy.kiss me to phone.mp3
[24/01/2006 20:41|--a------|3762555] - F:\Street dancer(2).mp3
[28/02/2009 14:14|--a------|4631116] - F:\The Dream - Rockin That Thing.mp3
[10/08/2008 15:23|--ahs----|13312] - F:\Thumbs.db
[26/04/2009 17:02|--a------|112988] - F:\VirtualDJ Local Database v5.xml
[16/02/2009 15:45|--a------|1993982] - F:\vitaa - a fleur de toi.aac
[27/09/2008 12:31|--a------|4598430] - F:\VITAA-Ma soeur.mp3
[12/04/2008 17:41|--a------|6065315] - F:\Zaho - C'est chelou.mp3
[17/04/2008 09:14|--a------|3934288] - F:\Zaho_La roue tourne (feat. Tunisiano).mp3
[09/08/2008 21:30|--a------|6130398] - F:\zaho_larouetourne.mp3
[10/03/2008 23:33|--a------|736081920] - G:\Appleseed.Ex.Machina.avi
[01/06/2008 07:17|--a------|730972708] - G:\Benjamin Gates et le Livre des Secrets.avi
[21/05/2008 18:00|--a------|734414848] - G:\carnage-indy4.avi
[20/05/2008 23:37|--a------|54] - G:\Exclues.URL
[17/11/2008 06:16|--a------|734083072] - G:\Gad_Elmaleh_Papa_est_en_haut_Spectacle_2008_REPACK_1CD
[29/12/2008 09:49|--a------|733032448] - G:\Kung fu panda .avi
[28/01/2009 20:50|--a------|731654144] - G:\Madagascar Escape 2 Africa.avi
[08/07/2008 06:19|--a------|732465152] - G:\Naruto Shippuuden le film - La Mort de Naruto.avi
[15/01/2008 18:24|--a------|736309248] - G:\Pirates des Caraibes 3 Jusqu'au bout du monde DVDRIP FR.avi
[17/02/2009 23:12|--a------|733401088] - G:\Resident.Evil.Degeneration.FRENCH.DVDRIP.XVID-TGK.Upload.(Steph53).Mininova.org..avi
[15/01/2009 00:09|--a------|735232000] - G:\Seven.Pounds.TRUEFRENCH.DVDSCR.MD.REPACK.1CD.XViD-FiNGeR.avi
[16/01/2009 20:12|--a------|733724672] - G:\Taken.avi
[29/04/2009 08:39|--ahs----|12800] - G:\Thumbs.db
[16/07/2008 22:58|--a------|1581] - G:\VirtualDJ Local Database v5.xml
[29/04/2009 08:20|--a------|15409] - I:\info.txt
[29/04/2009 08:38|--a------|38962] - I:\log.txt
[29/04/2009 11:35|--a------|1614] - I:\BOOTEX.LOG
[29/04/2009 11:16|--a------|16289] - I:\UsbFix.txt

################## [ Vaccination ]

# C:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
# G:\autorun.inf -> Folder created by UsbFix.
# I:\autorun.inf -> Folder created by UsbFix.

################## [ Cracks / Keygens / Serials ]

# -> Nothing found !

################## [ ! Fin du rapport # UsbFix V3.014 ! ]
0
Réponse 17 / 22
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
0
Réponse 18 / 22
Almadi
 
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2060
Windows 5.1.2600 Service Pack 2

29/04/2009 23:06:40
mbam-log-2009-04-29 (23-06-40).txt

Type de recherche: Examen rapide
Eléments examinés: 78313
Temps écoulé: 1 minute(s), 49 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ce7c3cf0-4b15-11d1-abed-709549c10000} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{88abc5c0-4fcb-11bb-aax5-81cx1c635612} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce7c3cf0-4b15-11d1-abed-709549c10000} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Trojan.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RESTORE\k-1-3542-4232123213-7676767-8888886 (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\WINDOWS\system32\drivers\servics.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RESTORE\k-1-3542-4232123213-7676767-8888886\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RESTORE\k-1-3542-4232123213-7676767-8888886\RunDll.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully.
0
Réponse 19 / 22
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Désinstalle UsbFix.

---> Relance MBAM, va dans Quarantaine et supprime tout.

---> Refais un scan RSIT et poste le rapport log.
0
Réponse 20 / 22
Almadi
 
Logfile of random's system information tool 1.06 (written by random/random)
Run by Admin at 2009-04-30 19:10:41
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 247 GB (93%) free of 265 GB
Total RAM: 2047 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:10:44, on 30/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Admin\Bureau\RSIT.exe
C:\Documents and Settings\Admin\Bureau\Admin.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SPEEDBIT1 - {425E30F0-CCC6-4E24-BBEB-BCBD31720B37} - C:\Program Files\SpeedBit Toolbar\Toolbar\SpeedBit.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SpeedBit - {EBFCD017-BCAD-42C3-9ED5-89DBDFC59171} - C:\Program Files\SpeedBit Toolbar\Toolbar\SpeedBit.dll
O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Tweak-XP Pro] "C:\Program Files\Tweak-XP Pro 4\autostart.exe"
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\\Programs\MediaCenterService\PMC.Service.Main.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Startup: ¡¡¡¡¡¡.lnk = C:\WINDOWS\system32\XP-182DBB01.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0

Discussions similaires

Phishing faux mail d'avast
Colette34 -
Gerper -

2 réponses
Carte bancaire dans machine à laver
Nicolas -
kusanagi79 -

5 réponses
Arnaque installation Avast Premium security
Eldanield -
bazfile -

9 réponses
Carte bleu passé a la machine à laver
Fi -
Jmichel -

8 réponses
Machine à laver CB
Imane -
fabul -

2 réponses