Faire planter Internet explorer 8

Résolu
silverius Messages postés 281 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
J'aimerais savoir s'il y aurait un moyen de faire planter IE 8 (un lien une écriture Xhtml...)
Car j'ai un virus et impossible de le dénicher, une méthode faire planter IE pour ne plus etre déranger....

Autrement connaissez-vous un moyen de désintaller IE ?

Merci pour vos réponses.
Configuration: Windows Vista
Internet Explorer 7.0

8 réponses

  1. Utilisateur anonyme
     
    Bonsoir

    Il ne faut absolument pas supprimer IE il sert pour mise à jour de windows;donc fait ceci stp merci.

    1- Télécharge et installe le logiciel HijackThis :

    https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
    ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
    ou ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html

    -->Clique sur le setup pour lancer l'installation : laisse toi guider et ne modifie pas les paramètres d'installation .
    A la fin de l’installation, le programme se lance automatiquement : ferme le en cliquant sur la croix rouge.
    Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
    "C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .

    (Ne lance pas ce prg pour l'instant et fais la suite ... )

    2- Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

    -> http://images.malwareremoval.com/random/RSIT.exe

    ! Déconnecte toi et ferme toutes tes applications en cours !

    Double-clique sur " RSIT.exe " pour le lancer.

    Clic droit sous VISTA (exécuter en tant que…)

    -> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

    * Devant l'option "List files/folders created ..." , tu choisis : 2 months

    * clique ensuite sur " Continue " pour lancer l'analyse ...

    -> laisse faire le scan et ne touche pas au PC ...

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-notes).

    Poste le contenu de " log.txt " (c'est celui qui apparaît à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

    Important : poste un rapport, puis l'autre dans la réponse suivante ...
    Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum ...
    ( Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ... )

    ( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit

    @+
    0
  2. silverius Messages postés 281 Statut Membre 48
     
    Ok merci pour l'information mais une idée de comment faire pour planter IE ?
    Car pour le moment je n'ai pas d'autre solution pour attendre...
    0
    1. Utilisateur anonyme
       
      Re

      Fait ce qui suit dans le post 1 stp merci
      0
  3. silverius Messages postés 281 Statut Membre 48
     
    J'ai déjà fait la manipulation avec Rsit voilà le résultat :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by stephane at 2009-11-19 18:34:48
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 3
    System drive C: has 40 GB (9%) free of 466 GB
    Total RAM: 3326 MB (54% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:36:01, on 19/11/2009
    Platform: Windows Vista SP3 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\schtasks.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Users\stephane\Documents\task.exe
    C:\Users\stephane\Documents\Live Microsoft Update.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\hp\kbd\kbd.exe
    C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\conime.exe
    C:\Users\stephane\Desktop\ced\viral\RSIT.exe
    C:\Program Files\trend micro\stephane.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
    O4 - HKCU\..\Run: [Task Menu] C:\Users\stephane\Documents\task.exe
    O4 - HKCU\..\Run: [Windows Live Updater] C:\Users\stephane\Documents\Live Microsoft Update.exe
    O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: PES2010_widget4256769472.lnk = stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
    O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
    O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
    O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O13 - Gopher Prefix:
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}: NameServer = 213.36.80.1
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
    O23 - Service: Service Google Update (gupdate1ca11d294080fbb) (gupdate1ca11d294080fbb) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    0
    1. Utilisateur anonyme
       
      Re

      Voila tu es infecté par une infection transmise par support amovible et tu as également une barre d'outils(toolbar) néfaste.

      Donc commençons:
      1)=> Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
      https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac
      * Va dans démarrer puis panneau de configuration
      * Double Clique sur l'icône "Comptes d'utilisateurs"
      * Clique ensuite sur désactiver et valide.

      2)Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
      https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3 ou celui ci
      http://eric71.geekstogo.com/tools/ToolBarSD.exe
      Lors du scan coupe ta connexion internet.

      * Lance l'installation du programme en exécutant le fichier téléchargé.
      * Double-clique maintenant sur le raccourci de Toolbar-S&D.
      * Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
      * Choisis maintenant l'option 1. Patiente jusqu'à la fin de la recherche.
      * Poste le rapport généré. (C:\TB.txt)

      3) # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
      Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
      Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.



      Télécharge et install UsbFix de C_XX
      Ici : : http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
      Tutorial de Malekal_Morte si besoin, merci à lui : https://www.malekal.com/usbfix-supprimer-virus-usb/

      Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir


      # Clic droit "Exécuter en tant qu'administrateur" sur le raccourci UsbFix présent sur ton bureau.

      # Choisi l option 1 (Recherche)

      # Laisse travailler l outil.

      # Ensuite post le rapport UsbFix.txt qui apparaîtra.

      # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

      ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

      Poste les rapports au fur et à mesure;merci

      @+
      0
  4. silverius Messages postés 281 Statut Membre 48
     
    Ceci à déjà été fait j'ai fait la recherche et la suppression je poste le résultat :
    Pour la recherche

    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-01-26 TeaTimer.exe (1.6.4.26)
    2009-11-24 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-01-26 advcheck.dll (1.6.2.15)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2009-01-26 Tools.dll (2.1.6.10)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2009-10-08 Includes\Adware.sbi
    2009-11-10 Includes\AdwareC.sbi
    2009-01-22 Includes\Cookies.sbi
    2009-11-03 Includes\Dialer.sbi
    2009-10-13 Includes\DialerC.sbi
    2009-01-22 Includes\HeavyDuty.sbi
    2009-05-26 Includes\Hijackers.sbi
    2009-11-17 Includes\HijackersC.sbi
    2009-10-20 Includes\Keyloggers.sbi
    2009-10-20 Includes\KeyloggersC.sbi
    2004-11-29 Includes\LSP.sbi
    2009-11-10 Includes\Malware.sbi
    2009-11-18 Includes\MalwareC.sbi
    2009-03-25 Includes\PUPS.sbi
    2009-11-17 Includes\PUPSC.sbi
    2009-01-22 Includes\Revision.sbi
    2009-01-13 Includes\Security.sbi
    2009-11-10 Includes\SecurityC.sbi
    2008-06-03 Includes\Spybots.sbi
    2008-06-03 Includes\SpybotsC.sbi
    2009-11-03 Includes\Spyware.sbi
    2009-11-10 Includes\SpywareC.sbi
    2009-06-08 Includes\Tracks.uti
    2009-11-17 Includes\Trojans.sbi
    2009-11-17 Includes\TrojansC.sbi
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

    --- System information ---
    Windows Vista (Build: 6002) Service Pack 3 (6.0.6002)
    / MSXML4SP2: Security update for MSXML4 SP2 (KB954430)

    --- Startup entries list ---
    Located: HK_LM:Run,
    command:
    file:
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_LM:Run, Adobe Reader Speed Launcher
    command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    size: 39792
    MD5: 392845E8D49B5F0E81AAC4D795000A8C

    Located: HK_LM:Run, avast!
    command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    size: 81000
    MD5: 28E9092D50AE450662EEA4719E5AA304

    Located: HK_LM:Run, ccApp
    command: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    file: c:\Program Files\Common Files\Symantec Shared\ccApp.exe
    size: 51048
    MD5: B01902E9451B3D39DC5CAFDC9B9B398C

    Located: HK_LM:Run, GrooveMonitor
    command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    size: 33648
    MD5: 35DCD380D4D579D8B8EA91D5D8AE444C

    Located: HK_LM:Run, IAAnotif
    command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    size: 178712
    MD5: 1992E7E8BC448CEBA62DC698098C0BD2

    Located: HK_LM:Run, KBD
    command: C:\HP\KBD\KbdStub.EXE
    file: C:\HP\KBD\KbdStub.EXE
    size: 65536
    MD5: 7088B136BB58A5F95CF0DE8386CA6C0F

    Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot)
    command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    size: 1312080
    MD5: C5FCC0B761069FABD59E41B7C3280DDF

    Located: HK_LM:Run, NPSStartup
    command:
    file:
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_LM:Run, NvCplDaemon
    command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    file: C:\Windows\system32\NvCpl.dll
    size: 13781536
    MD5: 274631707A40398B8773CCB6DB3C2A81

    Located: HK_LM:Run, OsdMaestro
    command: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    file: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    size: 118784
    MD5: B1361669BDC6ED612C35B7C67ADA2240

    Located: HK_LM:Run, RtHDVCpl
    command: RtHDVCpl.exe
    file: C:\Windows\RtHDVCpl.exe
    size: 6266880
    MD5: D93985F5D87DF1A119E939EADB5C4B9E

    Located: HK_LM:Run, SunJavaUpdateReg
    command: "C:\Windows\system32\jureg.exe"
    file: C:\Windows\system32\jureg.exe
    size: 54936
    MD5: 4F89DD4EA74C66916E15A6E7D74A50B5

    Located: HK_LM:Run, SunJavaUpdateSched
    command: "C:\Program Files\Java\jre6\bin\jusched.exe"
    file: C:\Program Files\Java\jre6\bin\jusched.exe
    size: 149280
    MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0

    Located: HK_LM:Run, Windows Defender
    command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    file: C:\Program Files\Windows Defender\MSASCui.exe
    size: 1008184
    MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E

    Located: HK_CU:Run,
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command:
    file:
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_CU:Run, BitComet
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: "C:\Program Files\BitComet\BitComet.exe" /tray
    file: C:\Program Files\BitComet\BitComet.exe
    size: 2567992
    MD5: AC13C3F37D94401C3DAAC39A207BACC0

    Located: HK_CU:Run, ehTray.exe
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: C:\Windows\ehome\ehTray.exe
    file: C:\Windows\ehome\ehTray.exe
    size: 125952
    MD5: BF08674925F151BD4537B89A493E3E0C

    Located: HK_CU:Run, msnmsgr
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    size: 3883856
    MD5: 18B4B12358EFCF68D76812058A26181F

    Located: HK_CU:Run, Sidebar
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    file: C:\Program Files\Windows Sidebar\sidebar.exe
    size: 1233920
    MD5: 9E35FF7F943AE0FB89192BFE058B7FD4

    Located: HK_CU:Run, Speech Recognition
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
    file: C:\Windows\Speech\Common\sapisvr.exe
    size: 49664
    MD5: 105A4D87C8DCF2CF5DB042830B203E5F

    Located: HK_CU:Run, Task Menu
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: C:\Users\stephane\Documents\task.exe
    file: C:\Users\stephane\Documents\task.exe
    size: 421517
    MD5: 133DEB10641BF017962BEC85206D037B

    Located: HK_CU:Run, Windows Live Updater
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: C:\Users\stephane\Documents\Live Microsoft Update.exe
    file: C:\Users\stephane\Documents\Live Microsoft Update.exe
    size: 421517
    MD5: 133DEB10641BF017962BEC85206D037B

    Located: HK_CU:Run, WMPNSCFG
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
    file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
    size: 202240
    MD5: 35937EAD711207544E219C2A19A78A7D

    Located: Démarrage (désactivé), HP Digital Imaging Monitor (DISABLED)
    command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
    file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
    size: 214360
    MD5: CF03C8F6F6B0D71F6E5BCE167FCF7CA6

    Located: Démarrage (désactivé), WiFi Station (DISABLED)
    command: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE -s
    file: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE
    size: 98304
    MD5: BD009223C9C4AF53F67EBB4D5E9B790C

    Located: Démarrage (désactivé), Enregistrement de (DISABLED)
    command: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe /remind /language=FRA /PRNM="Electronic Arts Product"
    file: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: Démarrage (désactivé), ImpulseNow (DISABLED)
    command: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
    file: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
    size: 365872
    MD5: 4CD21FD02727AC6276B427B213D02100

    Located: Démarrage (désactivé), OneNote 2007 - Capture d'écran et lancement (DISABLED)
    command: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE /tsr
    file: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE
    size: 101440
    MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681

    Located: Démarrage (désactivé), OpenOffice.org 3.1 (DISABLED)
    command: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
    file: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
    size: 384000
    MD5: C047C9C6CD8E134AFDFDB374E80547E5

    Located: Démarrage (désactivé), PES2010_widget4256769472 (DISABLED)
    command: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
    file: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    --- Browser helper object list ---
    {053F9267-DC04-4294-A72C-58F732D338C0} (HP Print Clips)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: HP Print Clips
    Path: C:\Program Files\HP\Smart Web Printing\
    Long name: hpswp_framework.dll
    Short name: HPSWP_~3.DLL
    Date (created): 02/03/2007 16:52:08
    Date (last access): 17/03/2009 22:04:26
    Date (last write): 02/03/2007 16:52:08
    Filesize: 177768
    Attributes: readonly archive
    MD5: A40456DE4EF7E318104955361C72AC9D
    CRC32: 6F06AAE2
    Version: 2.15.7.0

    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Aide pour le lien d'Adobe PDF Reader
    description: Adobe Acrobat reader
    classification: Legitimate
    known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
    info link: https://get2.adobe.com/reader/otherversions/
    info source: TonyKlein
    Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
    Long name: AcroIEHelper.dll
    Short name: ACROIE~1.DLL
    Date (created): 22/10/2006 23:08:42
    Date (last access): 12/11/2009 13:06:24
    Date (last write): 22/10/2006 23:08:42
    Filesize: 62080
    Attributes: archive
    MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
    CRC32: E388508F
    Version: 8.0.0.456

    {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet ClickCapture)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: BitComet ClickCapture
    CLSID name: BitComet Helper
    Path: C:\Program Files\BitComet\tools\
    Long name: BitCometBHO_1.2.8.7.dll
    Short name: BITCOM~2.DLL
    Date (created): 11/08/2008 09:12:14
    Date (last access): 04/10/2008 13:50:12
    Date (last write): 11/08/2008 09:12:14
    Filesize: 656696
    Attributes: archive
    MD5: F5508AC38274799624B53798F8BA7EE6
    CRC32: AB441D08
    Version: 1.2.8.7

    {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Spybot-S&D IE Protection
    description: Spybot-S&D IE Browser plugin
    classification: Legitimate
    known filename: SDhelper.dll
    info link: http://spybot.eon.net.au/
    info source: Patrick M. Kolla
    Path: C:\PROGRA~1\SPYBOT~1\
    Long name: SDHelper.dll
    Short name:
    Date (created): 19/11/2009 14:25:08
    Date (last access): 19/11/2009 14:25:08
    Date (last write): 26/01/2009 15:31:02
    Filesize: 1879896
    Attributes: archive
    MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
    CRC32: 5BA24007
    Version: 1.6.2.14

    {5C255C8A-E604-49b4-9D64-90988571CECB} ()
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name:

    {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (NCO 2.0 IE BHO)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: NCO 2.0 IE BHO
    CLSID name:
    Path: c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\
    Long name: CoIEPlg.dll
    Short name:
    Date (created): 24/08/2007 14:51:00
    Date (last access): 20/03/2008 10:33:06
    Date (last write): 24/08/2007 14:51:00
    Filesize: 316784
    Attributes: archive
    MD5: 6BC066FCC66BB0EE33A618EBC65683D5
    CRC32: D7E3A9BB
    Version: 2008.2.0.84

    {6D53EC84-6AAE-4787-AEEE-F4628F01010C} (Symantec Intrusion Prevention)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: Symantec Intrusion Prevention
    CLSID name: Symantec Intrusion Prevention
    Path: C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
    Long name: IPSBHO.dll
    Short name:
    Date (created): 20/03/2008 10:32:50
    Date (last access): 04/10/2008 13:45:10
    Date (last write): 04/10/2008 13:45:10
    Filesize: 116088
    Attributes: archive
    MD5: FA3E00177B57D5B2BF058D560931D750
    CRC32: DF9D41CC
    Version: 8.2.0.86

    {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Groove GFS Browser Helper
    Path: C:\Program Files\Microsoft Office\Office12\
    Long name: GrooveShellExtensions.dll
    Short name: GRA8E1~1.DLL
    Date (created): 24/08/2007 07:01:22
    Date (last access): 06/11/2009 17:06:52
    Date (last write): 24/08/2007 07:01:22
    Filesize: 2212224
    Attributes: archive
    MD5: 32C4927E013C018A13D8DFBDA4148812
    CRC32: 9A9F3D8B
    Version: 12.0.6211.1000

    {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
    Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
    Long name: WindowsLiveLogin.dll
    Short name: WINDOW~1.DLL
    Date (created): 17/02/2009 16:11:04
    Date (last access): 05/03/2009 13:59:18
    Date (last write): 17/02/2009 16:11:04
    Filesize: 408440
    Attributes: archive
    MD5: 1A82C1B9BB43385695EFC3A84F6756A2
    CRC32: 75E558CA
    Version: 5.0.818.6

    {DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Java(tm) Plug-In 2 SSV Helper
    Path: C:\Program Files\Java\jre6\bin\
    Long name: jp2ssv.dll
    Short name:
    Date (created): 26/09/2009 13:42:10
    Date (last access): 11/10/2009 04:18:20
    Date (last write): 11/10/2009 04:17:30
    Filesize: 41760
    Attributes: archive
    MD5: C9EDE29F223A27873E187D9FB6045EA6
    CRC32: 5951C3E0
    Version: 6.0.170.4

    --- ActiveX list ---
    {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_17
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    description: Sun Java
    classification: Legitimate
    known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
    info link:
    info source: Patrick M. Kolla
    Path: C:\Program Files\Java\jre6\bin\
    Long name: jp2iexp.dll
    Short name:
    Date (created): 26/09/2009 13:42:10
    Date (last access): 11/10/2073 04:18:18
    Date (last write): 11/10/2009 04:17:30
    Filesize: 100128
    Attributes: archive
    MD5: 048369C957BCE15E4628FDEB65820BE8
    CRC32: C8C19051
    Version: 6.0.170.4

    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
    DPF name:
    CLSID name:
    Installer: C:\Windows\Downloaded Program Files\erma.inf
    Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

    {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_01
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    Path: C:\Program Files\Java\jre6\bin\
    Long name: jp2iexp.dll
    Short name:
    Date (created): 26/09/2009 13:42:10
    Date (last access): 11/10/2073 04:18:18
    Date (last write): 11/10/2009 04:17:30
    Filesize: 100128
    Attributes: archive
    MD5: 048369C957BCE15E4628FDEB65820BE8
    CRC32: C8C19051
    Version: 6.0.170.4

    {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_17
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    Path: C:\Program Files\Java\jre6\bin\
    Long name: jp2iexp.dll
    Short name:
    Date (created): 26/09/2009 13:42:10
    Date (last access): 11/10/2073 04:18:18
    Date (last write): 11/10/2009 04:17:30
    Filesize: 100128
    Attributes: archive
    MD5: 048369C957BCE15E4628FDEB65820BE8
    CRC32: C8C19051
    Version: 6.0.170.4

    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_17
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    Path: C:\Program Files\Java\jre6\bin\
    Long name: npjpi160_17.dll
    Short name: NPJPI1~1.DLL
    Date (created): 11/10/2009 02:14:36
    Date (last access): 11/10/2073 04:18:30
    Date (last write): 11/10/2009 04:17:30
    Filesize: 136992
    Attributes: archive
    MD5: 3D58770680F268A23A8CE1F14B49AA2F
    CRC32: 6091A816
    Version: 6.0.170.4

    --- Process list ---
    PID: 3704 (1100) C:\Windows\system32\Dwm.exe
    size: 81920
    MD5: 01DD1004181FD46ECDC3628228EB269D
    PID: 3744 (3696) C:\Windows\Explorer.EXE
    size: 2926592
    MD5: D07D4C3038F3578FFCE1C0237F2A1253
    PID: 3948 (1112) C:\Windows\system32\taskeng.exe
    size: 169984
    MD5: E5BBFC283D6F5D69B41E464676361020
    PID: 2512 (3744) C:\Program Files\Windows Defender\MSASCui.exe
    size: 1008184
    MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
    PID: 1876 (3744) C:\Windows\RtHDVCpl.exe
    size: 6266880
    MD5: D93985F5D87DF1A119E939EADB5C4B9E
    PID: 1728 (3744) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    size: 118784
    MD5: B1361669BDC6ED612C35B7C67ADA2240
    PID: 3832 ( 752) C:\Windows\system32\schtasks.exe
    size: 151552
    MD5: 1F171553F1138DC0062A71A7D275055A
    PID: 532 (3744) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    size: 178712
    MD5: 1992E7E8BC448CEBA62DC698098C0BD2
    PID: 3996 (3812) c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    size: 149352
    MD5: 2F237AAB91497AAA03AF48EAE68758FC
    PID: 4032 (3744) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    size: 33648
    MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
    PID: 4084 (3744) C:\Program Files\Java\jre6\bin\jusched.exe
    size: 149280
    MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
    PID: 2828 (3744) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    size: 81000
    MD5: 28E9092D50AE450662EEA4719E5AA304
    PID: 1572 (3744) C:\Program Files\Windows Sidebar\sidebar.exe
    size: 1233920
    MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
    PID: 1776 (3744) C:\Windows\ehome\ehtray.exe
    size: 125952
    MD5: BF08674925F151BD4537B89A493E3E0C
    PID: 3904 ( 880) C:\Windows\ehome\ehmsas.exe
    size: 37376
    MD5: 0F4195B9B348DE5CF9B822F81704B20E
    PID: 6064 ( 880) C:\Windows\System32\mobsync.exe
    size: 95744
    MD5: 9B89B3BB79EA1ACF041F40A7B6FC5827
    PID: 4756 (3744) C:\Program Files\Windows Media Player\wmpnscfg.exe
    size: 202240
    MD5: 35937EAD711207544E219C2A19A78A7D
    PID: 5660 (3744) C:\Program Files\BitComet\BitComet.exe
    size: 2567992
    MD5: AC13C3F37D94401C3DAAC39A207BACC0
    PID: 5696 (3744) C:\Users\stephane\Documents\task.exe
    size: 421517
    MD5: 133DEB10641BF017962BEC85206D037B
    PID: 5764 (3744) C:\Users\stephane\Documents\Live Microsoft Update.exe
    size: 421517
    MD5: 133DEB10641BF017962BEC85206D037B
    PID: 5792 (3744) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    size: 3883856
    MD5: 18B4B12358EFCF68D76812058A26181F
    PID: 5752 (3588) C:\hp\kbd\kbd.exe
    size: 67128
    MD5: 7CAC10A1C258DFCB5ADE563BAE6D2F15
    PID: 2068 ( 880) C:\Program Files\Windows Live\Contacts\wlcomm.exe
    size: 26464
    MD5: ADC11749E6698FC30C603DFCCC4F98F2
    PID: 3544 (5336) C:\Windows\system32\conime.exe
    size: 69120
    MD5: 6080A176D09435FC8E6E800996656E18
    PID: 2652 (1112) C:\Windows\system32\taskeng.exe
    size: 169984
    MD5: E5BBFC283D6F5D69B41E464676361020
    PID: 6020 (2240) C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
    size: 1457064
    MD5: 8A7D05395EF04AA6616F4C1B9F763D2D
    PID: 4620 (3744) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 5365592
    MD5: 0477C2F9171599CA5BC3307FDFBA8D89
    PID: 4628 (4484) C:\Program Files\Internet Explorer\IEUser.exe
    size: 299520
    MD5: A8986E339A9215B9410484814224531E
    PID: 3524 (4972) C:\Windows\system32\cmd.exe
    size: 318976
    MD5: 74F26FC01B180D4A99A168ED69C30A53
    PID: 4488 (4628) C:\Program Files\Internet Explorer\iexplore.exe
    size: 636080
    MD5: 2C5168C856455CC43C4B4E1CC1920001
    PID: 4724 (3524) C:\Windows\system32\cmd.exe
    size: 318976
    MD5: 74F26FC01B180D4A99A168ED69C30A53
    PID: 4680 (4724) C:\Windows\system32\findstr.exe
    size: 60928
    MD5: 186954438DE3DDBF0B46F895B7936DE3
    PID: 0 ( 0) [System Process]
    PID: 4 ( 0) System
    PID: 488 ( 4) smss.exe
    size: 64000
    PID: 564 ( 552) csrss.exe
    size: 6144
    PID: 624 ( 552) wininit.exe
    size: 96768
    PID: 636 ( 616) csrss.exe
    size: 6144
    PID: 672 ( 624) services.exe
    size: 279552
    PID: 684 ( 624) lsass.exe
    size: 9728
    PID: 696 ( 624) lsm.exe
    size: 229888
    PID: 796 ( 616) winlogon.exe
    size: 314368
    PID: 880 ( 672) svchost.exe
    size: 21504
    PID: 944 ( 672) nvvsvc.exe
    size: 211488
    PID: 972 ( 672) svchost.exe
    size: 21504
    PID: 1032 ( 672) svchost.exe
    size: 21504
    PID: 1064 ( 672) svchost.exe
    size: 21504
    PID: 1100 ( 672) svchost.exe
    size: 21504
    PID: 1112 ( 672) svchost.exe
    size: 21504
    PID: 1192 (1064) audiodg.exe
    size: 88576
    PID: 1220 ( 672) SLsvc.exe
    size: 3408896
    PID: 1256 ( 672) svchost.exe
    size: 21504
    PID: 1392 ( 672) svchost.exe
    size: 21504
    PID: 1584 ( 944) nvvsvc.exe
    size: 211488
    PID: 1684 ( 672) aswUpdSv.exe
    PID: 1700 ( 672) ashServ.exe
    PID: 2008 ( 672) spoolsv.exe
    size: 127488
    PID: 2032 ( 672) CCSVCHST.EXE
    PID: 496 ( 672) svchost.exe
    size: 21504
    PID: 2368 ( 672) HPBtnSrv.exe
    PID: 2500 ( 672) svchost.exe
    size: 21504
    PID: 2528 ( 672) IAANTmon.exe
    PID: 2564 ( 672) LSSrvc.exe
    PID: 2620 ( 672) svchost.exe
    size: 21504
    PID: 2780 ( 672) svchost.exe
    size: 21504
    PID: 2792 ( 672) svchost.exe
    size: 21504
    PID: 2816 ( 672) svchost.exe
    size: 21504
    PID: 2852 ( 672) svchost.exe
    size: 21504
    PID: 2880 ( 672) SearchIndexer.exe
    size: 441344
    PID: 3164 ( 672) SDWinSec.exe
    size: 1153368
    MD5: 794D4B48DFB6E999537C7C3947863463
    PID: 3372 (1100) WUDFHost.exe
    size: 142336
    PID: 3816 (1112) taskeng.exe
    size: 169984
    PID: 6028 ( 672) ashMaiSv.exe
    PID: 3480 ( 672) ashWebSv.exe
    PID: 5620 ( 672) wmpnetwk.exe
    PID: 5824 ( 672) AluSchedulerSvc.exe
    PID: 5280 ( 672) HPHC_Service.exe
    PID: 5368 ( 672) PresentationFontCache.exe

    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 24/11/2009 16:26:06

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\Windows\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    about:blank
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

    --- Winsock Layered Service Provider list ---
    Protocol 0: MSAFD Tcpip [TCP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 1: MSAFD Tcpip [UDP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 2: MSAFD Tcpip [RAW/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 3: MSAFD Tcpip [TCP/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 4: MSAFD Tcpip [UDP/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 5: MSAFD Tcpip [RAW/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 6: Fournisseur de services RSVP TCPv6
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 7: Fournisseur de services RSVP TCP
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 8: Fournisseur de services RSVP UDPv6
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 9: Fournisseur de services RSVP UDP
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 6
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 6
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 15
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 15
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 9
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 9
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 10
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 10
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 7
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 7
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] SEQPACKET 13
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] DATAGRAM 13
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] SEQPACKET 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] DATAGRAM 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 18
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 18
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 16
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 16
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 14
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 14
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] SEQPACKET 12
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] DATAGRAM 12
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 11
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 11
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 8
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 39: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 8
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 40: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] SEQPACKET 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 41: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] DATAGRAM 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 42: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 43: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 44: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 45: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Namespace Provider 0: Espace de noms NLAv1 (Network Location Awareness Legacy)
    GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
    Filename:
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: NLA-Namespace

    Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
    GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
    Filename:

    Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
    GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
    GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    Namespace Provider 4: mdnsNSP
    GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
    Filename: C:\Program Files\Bonjour\mdnsNSP.dll
    Description: Apple Rendezvous protocol
    DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
    DB protocol: mdnsNSP

    Namespace Provider 5: TCP/IP
    GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
    Filename:
    Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: TCP/IP

    Namespace Provider 6: NTDS
    GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
    Filename: %SystemRoot%\System32\winrnr.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\winrnr.dll
    DB protocol: NTDS
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. silverius Messages postés 281 Statut Membre 48
     
    Pour la suppression :

    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-01-26 TeaTimer.exe (1.6.4.26)
    2009-11-24 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-01-26 advcheck.dll (1.6.2.15)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2009-01-26 Tools.dll (2.1.6.10)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2009-10-08 Includes\Adware.sbi
    2009-11-10 Includes\AdwareC.sbi
    2009-01-22 Includes\Cookies.sbi
    2009-11-03 Includes\Dialer.sbi
    2009-10-13 Includes\DialerC.sbi
    2009-01-22 Includes\HeavyDuty.sbi
    2009-05-26 Includes\Hijackers.sbi
    2009-11-17 Includes\HijackersC.sbi
    2009-10-20 Includes\Keyloggers.sbi
    2009-10-20 Includes\KeyloggersC.sbi
    2004-11-29 Includes\LSP.sbi
    2009-11-10 Includes\Malware.sbi
    2009-11-18 Includes\MalwareC.sbi
    2009-03-25 Includes\PUPS.sbi
    2009-11-17 Includes\PUPSC.sbi
    2009-01-22 Includes\Revision.sbi
    2009-01-13 Includes\Security.sbi
    2009-11-10 Includes\SecurityC.sbi
    2008-06-03 Includes\Spybots.sbi
    2008-06-03 Includes\SpybotsC.sbi
    2009-11-03 Includes\Spyware.sbi
    2009-11-10 Includes\SpywareC.sbi
    2009-06-08 Includes\Tracks.uti
    2009-11-17 Includes\Trojans.sbi
    2009-11-17 Includes\TrojansC.sbi
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

    --- System information ---
    Windows Vista (Build: 6002) Service Pack 3 (6.0.6002)
    / MSXML4SP2: Security update for MSXML4 SP2 (KB954430)

    --- Startup entries list ---
    Located: HK_LM:Run,
    command:
    file:
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_LM:Run, Adobe Reader Speed Launcher
    command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    size: 39792
    MD5: 392845E8D49B5F0E81AAC4D795000A8C

    Located: HK_LM:Run, avast!
    command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    size: 81000
    MD5: 28E9092D50AE450662EEA4719E5AA304

    Located: HK_LM:Run, ccApp
    command: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    file: c:\Program Files\Common Files\Symantec Shared\ccApp.exe
    size: 51048
    MD5: B01902E9451B3D39DC5CAFDC9B9B398C

    Located: HK_LM:Run, GrooveMonitor
    command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    size: 33648
    MD5: 35DCD380D4D579D8B8EA91D5D8AE444C

    Located: HK_LM:Run, IAAnotif
    command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    size: 178712
    MD5: 1992E7E8BC448CEBA62DC698098C0BD2

    Located: HK_LM:Run, KBD
    command: C:\HP\KBD\KbdStub.EXE
    file: C:\HP\KBD\KbdStub.EXE
    size: 65536
    MD5: 7088B136BB58A5F95CF0DE8386CA6C0F

    Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot)
    command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    size: 1312080
    MD5: C5FCC0B761069FABD59E41B7C3280DDF

    Located: HK_LM:Run, NPSStartup
    command:
    file:
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_LM:Run, NvCplDaemon
    command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    file: C:\Windows\system32\NvCpl.dll
    size: 13781536
    MD5: 274631707A40398B8773CCB6DB3C2A81

    Located: HK_LM:Run, OsdMaestro
    command: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    file: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    size: 118784
    MD5: B1361669BDC6ED612C35B7C67ADA2240

    Located: HK_LM:Run, RtHDVCpl
    command: RtHDVCpl.exe
    file: C:\Windows\RtHDVCpl.exe
    size: 6266880
    MD5: D93985F5D87DF1A119E939EADB5C4B9E

    Located: HK_LM:Run, SunJavaUpdateReg
    command: "C:\Windows\system32\jureg.exe"
    file: C:\Windows\system32\jureg.exe
    size: 54936
    MD5: 4F89DD4EA74C66916E15A6E7D74A50B5

    Located: HK_LM:Run, SunJavaUpdateSched
    command: "C:\Program Files\Java\jre6\bin\jusched.exe"
    file: C:\Program Files\Java\jre6\bin\jusched.exe
    size: 149280
    MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0

    Located: HK_LM:Run, Windows Defender
    command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    file: C:\Program Files\Windows Defender\MSASCui.exe
    size: 1008184
    MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E

    Located: HK_CU:Run,
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command:
    file:
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: HK_CU:Run, BitComet
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: "C:\Program Files\BitComet\BitComet.exe" /tray
    file: C:\Program Files\BitComet\BitComet.exe
    size: 2567992
    MD5: AC13C3F37D94401C3DAAC39A207BACC0

    Located: HK_CU:Run, ehTray.exe
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: C:\Windows\ehome\ehTray.exe
    file: C:\Windows\ehome\ehTray.exe
    size: 125952
    MD5: BF08674925F151BD4537B89A493E3E0C

    Located: HK_CU:Run, msnmsgr
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    size: 3883856
    MD5: 18B4B12358EFCF68D76812058A26181F

    Located: HK_CU:Run, Sidebar
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    file: C:\Program Files\Windows Sidebar\sidebar.exe
    size: 1233920
    MD5: 9E35FF7F943AE0FB89192BFE058B7FD4

    Located: HK_CU:Run, Speech Recognition
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
    file: C:\Windows\Speech\Common\sapisvr.exe
    size: 49664
    MD5: 105A4D87C8DCF2CF5DB042830B203E5F

    Located: HK_CU:Run, Task Menu
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: C:\Users\stephane\Documents\task.exe
    file: C:\Users\stephane\Documents\task.exe
    size: 421517
    MD5: 133DEB10641BF017962BEC85206D037B

    Located: HK_CU:Run, Windows Live Updater
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: C:\Users\stephane\Documents\Live Microsoft Update.exe
    file: C:\Users\stephane\Documents\Live Microsoft Update.exe
    size: 421517
    MD5: 133DEB10641BF017962BEC85206D037B

    Located: HK_CU:Run, WMPNSCFG
    where: S-1-5-21-2014506545-1587375794-4220175357-1000...
    command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
    file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
    size: 202240
    MD5: 35937EAD711207544E219C2A19A78A7D

    Located: Démarrage (désactivé), HP Digital Imaging Monitor (DISABLED)
    command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
    file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
    size: 214360
    MD5: CF03C8F6F6B0D71F6E5BCE167FCF7CA6

    Located: Démarrage (désactivé), WiFi Station (DISABLED)
    command: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE -s
    file: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE
    size: 98304
    MD5: BD009223C9C4AF53F67EBB4D5E9B790C

    Located: Démarrage (désactivé), Enregistrement de (DISABLED)
    command: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe /remind /language=FRA /PRNM="Electronic Arts Product"
    file: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    Located: Démarrage (désactivé), ImpulseNow (DISABLED)
    command: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
    file: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
    size: 365872
    MD5: 4CD21FD02727AC6276B427B213D02100

    Located: Démarrage (désactivé), OneNote 2007 - Capture d'écran et lancement (DISABLED)
    command: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE /tsr
    file: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE
    size: 101440
    MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681

    Located: Démarrage (désactivé), OpenOffice.org 3.1 (DISABLED)
    command: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
    file: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
    size: 384000
    MD5: C047C9C6CD8E134AFDFDB374E80547E5

    Located: Démarrage (désactivé), PES2010_widget4256769472 (DISABLED)
    command: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
    file: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!

    --- Browser helper object list ---
    {053F9267-DC04-4294-A72C-58F732D338C0} (HP Print Clips)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: HP Print Clips
    Path: C:\Program Files\HP\Smart Web Printing\
    Long name: hpswp_framework.dll
    Short name: HPSWP_~3.DLL
    Date (created): 02/03/2007 16:52:08
    Date (last access): 17/03/2009 22:04:26
    Date (last write): 02/03/2007 16:52:08
    Filesize: 177768
    Attributes: readonly archive
    MD5: A40456DE4EF7E318104955361C72AC9D
    CRC32: 6F06AAE2
    Version: 2.15.7.0

    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Aide pour le lien d'Adobe PDF Reader
    description: Adobe Acrobat reader
    classification: Legitimate
    known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
    info link: https://get2.adobe.com/reader/otherversions/
    info source: TonyKlein
    Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
    Long name: AcroIEHelper.dll
    Short name: ACROIE~1.DLL
    Date (created): 22/10/2006 23:08:42
    Date (last access): 12/11/2009 13:06:24
    Date (last write): 22/10/2006 23:08:42
    Filesize: 62080
    Attributes: archive
    MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
    CRC32: E388508F
    Version: 8.0.0.456

    {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet ClickCapture)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: BitComet ClickCapture
    CLSID name: BitComet Helper
    Path: C:\Program Files\BitComet\tools\
    Long name: BitCometBHO_1.2.8.7.dll
    Short name: BITCOM~2.DLL
    Date (created): 11/08/2008 09:12:14
    Date (last access): 04/10/2008 13:50:12
    Date (last write): 11/08/2008 09:12:14
    Filesize: 656696
    Attributes: archive
    MD5: F5508AC38274799624B53798F8BA7EE6
    CRC32: AB441D08
    Version: 1.2.8.7

    {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Spybot-S&D IE Protection
    description: Spybot-S&D IE Browser plugin
    classification: Legitimate
    known filename: SDhelper.dll
    info link: http://spybot.eon.net.au/
    info source: Patrick M. Kolla
    Path: C:\PROGRA~1\SPYBOT~1\
    Long name: SDHelper.dll
    Short name:
    Date (created): 19/11/2009 14:25:08
    Date (last access): 19/11/2009 14:25:08
    Date (last write): 26/01/2009 15:31:02
    Filesize: 1879896
    Attributes: archive
    MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
    CRC32: 5BA24007
    Version: 1.6.2.14

    {5C255C8A-E604-49b4-9D64-90988571CECB} ()
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name:

    {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (NCO 2.0 IE BHO)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: NCO 2.0 IE BHO
    CLSID name:
    Path: c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\
    Long name: CoIEPlg.dll
    Short name:
    Date (created): 24/08/2007 14:51:00
    Date (last access): 20/03/2008 10:33:06
    Date (last write): 24/08/2007 14:51:00
    Filesize: 316784
    Attributes: archive
    MD5: 6BC066FCC66BB0EE33A618EBC65683D5
    CRC32: D7E3A9BB
    Version: 2008.2.0.84

    {6D53EC84-6AAE-4787-AEEE-F4628F01010C} (Symantec Intrusion Prevention)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: Symantec Intrusion Prevention
    CLSID name: Symantec Intrusion Prevention
    Path: C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
    Long name: IPSBHO.dll
    Short name:
    Date (created): 20/03/2008 10:32:50
    Date (last access): 04/10/2008 13:45:10
    Date (last write): 04/10/2008 13:45:10
    Filesize: 116088
    Attributes: archive
    MD5: FA3E00177B57D5B2BF058D560931D750
    CRC32: DF9D41CC
    Version: 8.2.0.86

    {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Groove GFS Browser Helper
    Path: C:\Program Files\Microsoft Office\Office12\
    Long name: GrooveShellExtensions.dll
    Short name: GRA8E1~1.DLL
    Date (created): 24/08/2007 07:01:22
    Date (last access): 06/11/2009 17:06:52
    Date (last write): 24/08/2007 07:01:22
    Filesize: 2212224
    Attributes: archive
    MD5: 32C4927E013C018A13D8DFBDA4148812
    CRC32: 9A9F3D8B
    Version: 12.0.6211.1000

    {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
    Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
    Long name: WindowsLiveLogin.dll
    Short name: WINDOW~1.DLL
    Date (created): 17/02/2009 16:11:04
    Date (last access): 05/03/2009 13:59:18
    Date (last write): 17/02/2009 16:11:04
    Filesize: 408440
    Attributes: archive
    MD5: 1A82C1B9BB43385695EFC3A84F6756A2
    CRC32: 75E558CA
    Version: 5.0.818.6

    {DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Java(tm) Plug-In 2 SSV Helper
    Path: C:\Program Files\Java\jre6\bin\
    Long name: jp2ssv.dll
    Short name:
    Date (created): 26/09/2009 13:42:10
    Date (last access): 11/10/2009 04:18:20
    Date (last write): 11/10/2009 04:17:30
    Filesize: 41760
    Attributes: archive
    MD5: C9EDE29F223A27873E187D9FB6045EA6
    CRC32: 5951C3E0
    Version: 6.0.170.4

    --- ActiveX list ---
    {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_17
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    description: Sun Java
    classification: Legitimate
    known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
    info link:
    info source: Patrick M. Kolla
    Path: C:\Program Files\Java\jre6\bin\
    Long name: jp2iexp.dll
    Short name:
    Date (created): 26/09/2009 13:42:10
    Date (last access): 11/10/2073 04:18:18
    Date (last write): 11/10/2009 04:17:30
    Filesize: 100128
    Attributes: archive
    MD5: 048369C957BCE15E4628FDEB65820BE8
    CRC32: C8C19051
    Version: 6.0.170.4

    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
    DPF name:
    CLSID name:
    Installer: C:\Windows\Downloaded Program Files\erma.inf
    Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

    {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_01
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    Path: C:\Program Files\Java\jre6\bin\
    Long name: jp2iexp.dll
    Short name:
    Date (created): 26/09/2009 13:42:10
    Date (last access): 11/10/2073 04:18:18
    Date (last write): 11/10/2009 04:17:30
    Filesize: 100128
    Attributes: archive
    MD5: 048369C957BCE15E4628FDEB65820BE8
    CRC32: C8C19051
    Version: 6.0.170.4

    {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_17
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    Path: C:\Program Files\Java\jre6\bin\
    Long name: jp2iexp.dll
    Short name:
    Date (created): 26/09/2009 13:42:10
    Date (last access): 11/10/2073 04:18:18
    Date (last write): 11/10/2009 04:17:30
    Filesize: 100128
    Attributes: archive
    MD5: 048369C957BCE15E4628FDEB65820BE8
    CRC32: C8C19051
    Version: 6.0.170.4

    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
    DPF name: Java Runtime Environment 1.6.0
    CLSID name: Java Plug-in 1.6.0_17
    Installer:
    Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    Path: C:\Program Files\Java\jre6\bin\
    Long name: npjpi160_17.dll
    Short name: NPJPI1~1.DLL
    Date (created): 11/10/2009 02:14:36
    Date (last access): 11/10/2073 04:18:30
    Date (last write): 11/10/2009 04:17:30
    Filesize: 136992
    Attributes: archive
    MD5: 3D58770680F268A23A8CE1F14B49AA2F
    CRC32: 6091A816
    Version: 6.0.170.4

    --- Process list ---
    PID: 3704 (1100) C:\Windows\system32\Dwm.exe
    size: 81920
    MD5: 01DD1004181FD46ECDC3628228EB269D
    PID: 3744 (3696) C:\Windows\Explorer.EXE
    size: 2926592
    MD5: D07D4C3038F3578FFCE1C0237F2A1253
    PID: 3948 (1112) C:\Windows\system32\taskeng.exe
    size: 169984
    MD5: E5BBFC283D6F5D69B41E464676361020
    PID: 2512 (3744) C:\Program Files\Windows Defender\MSASCui.exe
    size: 1008184
    MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
    PID: 1876 (3744) C:\Windows\RtHDVCpl.exe
    size: 6266880
    MD5: D93985F5D87DF1A119E939EADB5C4B9E
    PID: 1728 (3744) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    size: 118784
    MD5: B1361669BDC6ED612C35B7C67ADA2240
    PID: 3832 ( 752) C:\Windows\system32\schtasks.exe
    size: 151552
    MD5: 1F171553F1138DC0062A71A7D275055A
    PID: 532 (3744) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    size: 178712
    MD5: 1992E7E8BC448CEBA62DC698098C0BD2
    PID: 3996 (3812) c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    size: 149352
    MD5: 2F237AAB91497AAA03AF48EAE68758FC
    PID: 4032 (3744) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    size: 33648
    MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
    PID: 4084 (3744) C:\Program Files\Java\jre6\bin\jusched.exe
    size: 149280
    MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
    PID: 2828 (3744) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    size: 81000
    MD5: 28E9092D50AE450662EEA4719E5AA304
    PID: 1572 (3744) C:\Program Files\Windows Sidebar\sidebar.exe
    size: 1233920
    MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
    PID: 1776 (3744) C:\Windows\ehome\ehtray.exe
    size: 125952
    MD5: BF08674925F151BD4537B89A493E3E0C
    PID: 3904 ( 880) C:\Windows\ehome\ehmsas.exe
    size: 37376
    MD5: 0F4195B9B348DE5CF9B822F81704B20E
    PID: 6064 ( 880) C:\Windows\System32\mobsync.exe
    size: 95744
    MD5: 9B89B3BB79EA1ACF041F40A7B6FC5827
    PID: 4756 (3744) C:\Program Files\Windows Media Player\wmpnscfg.exe
    size: 202240
    MD5: 35937EAD711207544E219C2A19A78A7D
    PID: 5660 (3744) C:\Program Files\BitComet\BitComet.exe
    size: 2567992
    MD5: AC13C3F37D94401C3DAAC39A207BACC0
    PID: 5696 (3744) C:\Users\stephane\Documents\task.exe
    size: 421517
    MD5: 133DEB10641BF017962BEC85206D037B
    PID: 5764 (3744) C:\Users\stephane\Documents\Live Microsoft Update.exe
    size: 421517
    MD5: 133DEB10641BF017962BEC85206D037B
    PID: 5792 (3744) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    size: 3883856
    MD5: 18B4B12358EFCF68D76812058A26181F
    PID: 5752 (3588) C:\hp\kbd\kbd.exe
    size: 67128
    MD5: 7CAC10A1C258DFCB5ADE563BAE6D2F15
    PID: 2068 ( 880) C:\Program Files\Windows Live\Contacts\wlcomm.exe
    size: 26464
    MD5: ADC11749E6698FC30C603DFCCC4F98F2
    PID: 3544 (5336) C:\Windows\system32\conime.exe
    size: 69120
    MD5: 6080A176D09435FC8E6E800996656E18
    PID: 2652 (1112) C:\Windows\system32\taskeng.exe
    size: 169984
    MD5: E5BBFC283D6F5D69B41E464676361020
    PID: 6020 (2240) C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
    size: 1457064
    MD5: 8A7D05395EF04AA6616F4C1B9F763D2D
    PID: 4620 (3744) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 5365592
    MD5: 0477C2F9171599CA5BC3307FDFBA8D89
    PID: 4628 (4484) C:\Program Files\Internet Explorer\IEUser.exe
    size: 299520
    MD5: A8986E339A9215B9410484814224531E
    PID: 3524 (4972) C:\Windows\system32\cmd.exe
    size: 318976
    MD5: 74F26FC01B180D4A99A168ED69C30A53
    PID: 4488 (4628) C:\Program Files\Internet Explorer\iexplore.exe
    size: 636080
    MD5: 2C5168C856455CC43C4B4E1CC1920001
    PID: 4724 (3524) C:\Windows\system32\cmd.exe
    size: 318976
    MD5: 74F26FC01B180D4A99A168ED69C30A53
    PID: 4680 (4724) C:\Windows\system32\findstr.exe
    size: 60928
    MD5: 186954438DE3DDBF0B46F895B7936DE3
    PID: 0 ( 0) [System Process]
    PID: 4 ( 0) System
    PID: 488 ( 4) smss.exe
    size: 64000
    PID: 564 ( 552) csrss.exe
    size: 6144
    PID: 624 ( 552) wininit.exe
    size: 96768
    PID: 636 ( 616) csrss.exe
    size: 6144
    PID: 672 ( 624) services.exe
    size: 279552
    PID: 684 ( 624) lsass.exe
    size: 9728
    PID: 696 ( 624) lsm.exe
    size: 229888
    PID: 796 ( 616) winlogon.exe
    size: 314368
    PID: 880 ( 672) svchost.exe
    size: 21504
    PID: 944 ( 672) nvvsvc.exe
    size: 211488
    PID: 972 ( 672) svchost.exe
    size: 21504
    PID: 1032 ( 672) svchost.exe
    size: 21504
    PID: 1064 ( 672) svchost.exe
    size: 21504
    PID: 1100 ( 672) svchost.exe
    size: 21504
    PID: 1112 ( 672) svchost.exe
    size: 21504
    PID: 1192 (1064) audiodg.exe
    size: 88576
    PID: 1220 ( 672) SLsvc.exe
    size: 3408896
    PID: 1256 ( 672) svchost.exe
    size: 21504
    PID: 1392 ( 672) svchost.exe
    size: 21504
    PID: 1584 ( 944) nvvsvc.exe
    size: 211488
    PID: 1684 ( 672) aswUpdSv.exe
    PID: 1700 ( 672) ashServ.exe
    PID: 2008 ( 672) spoolsv.exe
    size: 127488
    PID: 2032 ( 672) CCSVCHST.EXE
    PID: 496 ( 672) svchost.exe
    size: 21504
    PID: 2368 ( 672) HPBtnSrv.exe
    PID: 2500 ( 672) svchost.exe
    size: 21504
    PID: 2528 ( 672) IAANTmon.exe
    PID: 2564 ( 672) LSSrvc.exe
    PID: 2620 ( 672) svchost.exe
    size: 21504
    PID: 2780 ( 672) svchost.exe
    size: 21504
    PID: 2792 ( 672) svchost.exe
    size: 21504
    PID: 2816 ( 672) svchost.exe
    size: 21504
    PID: 2852 ( 672) svchost.exe
    size: 21504
    PID: 2880 ( 672) SearchIndexer.exe
    size: 441344
    PID: 3164 ( 672) SDWinSec.exe
    size: 1153368
    MD5: 794D4B48DFB6E999537C7C3947863463
    PID: 3372 (1100) WUDFHost.exe
    size: 142336
    PID: 3816 (1112) taskeng.exe
    size: 169984
    PID: 6028 ( 672) ashMaiSv.exe
    PID: 3480 ( 672) ashWebSv.exe
    PID: 5620 ( 672) wmpnetwk.exe
    PID: 5824 ( 672) AluSchedulerSvc.exe
    PID: 5280 ( 672) HPHC_Service.exe
    PID: 5368 ( 672) PresentationFontCache.exe

    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 24/11/2009 16:26:06

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\Windows\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    about:blank
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

    --- Winsock Layered Service Provider list ---
    Protocol 0: MSAFD Tcpip [TCP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 1: MSAFD Tcpip [UDP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 2: MSAFD Tcpip [RAW/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 3: MSAFD Tcpip [TCP/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 4: MSAFD Tcpip [UDP/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 5: MSAFD Tcpip [RAW/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip [*]

    Protocol 6: Fournisseur de services RSVP TCPv6
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 7: Fournisseur de services RSVP TCP
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 8: Fournisseur de services RSVP UDPv6
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 9: Fournisseur de services RSVP UDP
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 6
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 6
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 15
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 15
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 9
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 9
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 10
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 10
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 7
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 7
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] SEQPACKET 13
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] DATAGRAM 13
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] SEQPACKET 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] DATAGRAM 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 18
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 18
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 16
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 16
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 14
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 14
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] SEQPACKET 12
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] DATAGRAM 12
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 11
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 11
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 8
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 39: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 8
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 40: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] SEQPACKET 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 41: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] DATAGRAM 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 42: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 43: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 44: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 45: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Namespace Provider 0: Espace de noms NLAv1 (Network Location Awareness Legacy)
    GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
    Filename:
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: NLA-Namespace

    Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
    GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
    Filename:

    Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
    GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
    GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    Namespace Provider 4: mdnsNSP
    GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
    Filename: C:\Program Files\Bonjour\mdnsNSP.dll
    Description: Apple Rendezvous protocol
    DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
    DB protocol: mdnsNSP

    Namespace Provider 5: TCP/IP
    GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
    Filename:
    Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: TCP/IP

    Namespace Provider 6: NTDS
    GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
    Filename: %SystemRoot%\System32\winrnr.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\winrnr.dll
    DB protocol: NTDS
    0
    1. Utilisateur anonyme
       
      Re

      Prière de faire ce qu'il t'est demandé.
      Merci
      0
  7. silverius Messages postés 281 Statut Membre 48
     
    Voici le rapport fait à l'aide de usbfix :

    ############################## | UsbFix V6.058 |

    User : stephane (Administrateurs) # GAIAII
    Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 20:53:57 | 26/11/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 3
    Internet Explorer 7.0.6002.18005
    Windows Firewall Status : Enabled

    C:\ -> Disque fixe local # 455,46 Go (73,67 Go free) [HP] # NTFS
    D:\ -> Disque fixe local # 10,3 Go (1,37 Go free) [FACTORY_IMAGE] # NTFS
    E:\ -> Disque fixe local # 465,76 Go (338,34 Go free) [NEW_VOLUME] # NTFS
    F:\ -> Disque CD-ROM
    G:\ -> Disque CD-ROM
    H:\ -> Disque amovible
    I:\ -> Disque amovible
    J:\ -> Disque amovible
    K:\ -> Disque fixe local # 298,08 Go (154,76 Go free) [Baal] # NTFS
    L:\ -> Disque amovible
    M:\ -> Disque fixe local # 465,76 Go (280,51 Go free) [IOMEGA_HDD] # NTFS

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe 484
    C:\Windows\system32\csrss.exe 560
    C:\Windows\system32\csrss.exe 620
    C:\Windows\system32\wininit.exe 628
    C:\Windows\system32\services.exe 668
    C:\Windows\system32\lsass.exe 684
    C:\Windows\system32\lsm.exe 692
    C:\Windows\system32\winlogon.exe 728
    C:\Windows\system32\svchost.exe 880
    C:\Windows\system32\nvvsvc.exe 944
    C:\Windows\system32\svchost.exe 972
    C:\Windows\System32\svchost.exe 1040
    C:\Windows\System32\svchost.exe 1116
    C:\Windows\System32\svchost.exe 1144
    C:\Windows\system32\svchost.exe 1156
    C:\Windows\system32\SLsvc.exe 1316
    C:\Windows\system32\svchost.exe 1352
    C:\Windows\system32\nvvsvc.exe 1476
    C:\Windows\system32\svchost.exe 1512
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1712
    C:\Program Files\Alwil Software\Avast4\ashServ.exe 1728
    C:\Windows\System32\spoolsv.exe 260
    c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 344
    C:\Windows\system32\svchost.exe 872
    C:\Windows\system32\taskeng.exe 2332
    c:\hp\HPEZBTN\HPBtnSrv.exe 2500
    C:\Windows\system32\svchost.exe 2600
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2612
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2644
    C:\Windows\System32\svchost.exe 2692
    C:\Windows\System32\svchost.exe 2736
    C:\Windows\system32\svchost.exe 2748
    C:\Windows\system32\svchost.exe 2776
    C:\Windows\System32\svchost.exe 2832
    C:\Windows\system32\SearchIndexer.exe 2872
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3108
    C:\Windows\system32\WUDFHost.exe 3260
    c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 4172
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4256
    C:\Windows\system32\taskeng.exe 4752
    C:\Windows\system32\Dwm.exe 3692
    C:\Windows\Explorer.EXE 2348
    C:\Program Files\Windows Defender\MSASCui.exe 5024
    C:\Windows\RtHDVCpl.exe 4940
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 3680
    c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 4492
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3468
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 5532
    C:\Program Files\Java\jre6\bin\jusched.exe 5500
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2560
    C:\Program Files\Windows Sidebar\sidebar.exe 5716
    C:\Windows\ehome\ehtray.exe 5708
    C:\Program Files\Windows Media Player\wmpnscfg.exe 3652
    C:\Users\stephane\Documents\task.exe 3816
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3856
    C:\Windows\ehome\ehmsas.exe 3484
    C:\Program Files\Windows Media Player\wmpnetwk.exe 336
    C:\Windows\system32\schtasks.exe 1060
    C:\hp\kbd\kbd.exe 1752
    C:\Windows\system32\conime.exe 4020
    C:\Windows\System32\mobsync.exe 5576
    C:\Program Files\Windows Live\Contacts\wlcomm.exe 3020
    C:\Windows\system32\taskeng.exe 4772
    C:\Program Files\iPod\bin\iPodService.exe 5464
    C:\Program Files\iTunes\iTunesHelper.exe 4776
    C:\Program Files\Internet Explorer\IEUser.exe 3404
    C:\Program Files\Internet Explorer\iexplore.exe 1652
    C:\Program Files\Mozilla Firefox\firefox.exe 4308
    C:\Windows\system32\SearchProtocolHost.exe 3312
    C:\Windows\system32\SearchFilterHost.exe 3496
    C:\Windows\system32\wbem\wmiprvse.exe 5248

    ################## | Fichiers # Dossiers infectieux |

    C:\Windows\System32\autorun.inf

    ################## | Registre # Clés infectieuses |

    ################## | Registre # Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{30d3676c-9370-11dd-ba2e-806e6f6e6963}
    shell\Auto\command =cmd /C launch.bat
    shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

    HKCU\..\..\Explorer\MountPoints2\{fceb596e-a987-11dd-8f6a-001e8cc5a021}
    shell\AutoRun\command =F:\Autorun.exe

    ################## | Cracks / Keygens / Serials |

    "C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
    02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52

    "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
    24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2

    "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
    24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f

    "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
    24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
    27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
    27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
    27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
    27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
    27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
    27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
    27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
    27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
    27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
    27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
    07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
    07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

    "E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
    15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
    27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
    27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
    27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
    27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
    27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
    27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
    27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
    27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
    27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
    27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf

    "M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
    13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

    "M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
    13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

    "M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
    26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

    "M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
    22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f

    "C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
    -> Contain : OfflineActivation.exe

    "E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
    -> Contain : DeleteSecuromReg.exe

    "C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
    -> contain : rld-sim3.exe

    "C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
    -> contain : TS3.exe

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
    -> contain : GTAIV.exe

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
    -> contain : LaunchGTAIV.exe

    "E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
    -> contain : Jericho.exe

    "M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
    -> contain : FalloutLauncher.exe

    ################## | ! Fin du rapport # UsbFix V6.058 ! |
    0
    1. Utilisateur anonyme
       
      Re

      1)Ceci peux te poser également des soucis d'infections:
      ################## | Cracks / Keygens / Serials |

      "C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
      02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52

      "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
      24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2

      "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
      24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f

      "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
      24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8

      "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
      27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449

      "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
      27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d

      "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
      27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799

      "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
      27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b

      "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
      27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845

      "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
      27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520

      "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
      27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da

      "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
      27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730

      "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
      27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191

      "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
      27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf

      "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
      07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc

      "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
      07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

      "E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
      15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b

      "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
      27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449

      "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
      27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d

      "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
      27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799

      "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
      27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b

      "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
      27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845

      "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
      27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520

      "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
      27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da

      "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
      27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730

      "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
      27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191

      "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
      27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf

      "M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
      13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

      "M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
      13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

      "M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
      26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

      "M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
      22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f

      "C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
      -> Contain : OfflineActivation.exe

      "E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
      -> Contain : DeleteSecuromReg.exe

      "C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
      -> contain : rld-sim3.exe

      "C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
      -> contain : TS3.exe

      "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
      -> contain : GTAIV.exe

      "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
      -> contain : LaunchGTAIV.exe

      "E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
      -> contain : Jericho.exe

      "M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
      -> contain : FalloutLauncher.exe


      2) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

      # Clic droit"exécuter en temps qu'administrateur" sur le raccourci UsbFix présent sur ton bureau

      # choisi l option 2 (Suppression)

      # Ton bureau disparaîtra et le pc redémarrera.

      # Au redémarrage, UsbFix scannera ton pc, laisse travailler l outil.

      # Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau.

      # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:UsbFix.txt )

      ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

      @+
      0
  8. silverius Messages postés 281 Statut Membre 48
     
    Voici le rapport dois-je l'envoyer au site? ou n'est-ce pas préférable?

    ############################## | UsbFix V6.058 |

    User : stephane (Administrateurs) # GAIAII
    Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 21:13:08 | 26/11/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 3
    Internet Explorer 7.0.6002.18005
    Windows Firewall Status : Enabled

    C:\ -> Disque fixe local # 455,46 Go (73,66 Go free) [HP] # NTFS
    D:\ -> Disque fixe local # 10,3 Go (1,37 Go free) [FACTORY_IMAGE] # NTFS
    E:\ -> Disque fixe local # 465,76 Go (338,34 Go free) [NEW_VOLUME] # NTFS
    F:\ -> Disque CD-ROM
    G:\ -> Disque CD-ROM
    H:\ -> Disque amovible
    I:\ -> Disque amovible
    J:\ -> Disque amovible
    K:\ -> Disque fixe local # 298,08 Go (154,76 Go free) [Baal] # NTFS
    L:\ -> Disque amovible
    M:\ -> Disque fixe local # 465,76 Go (280,51 Go free) [IOMEGA_HDD] # NTFS

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe 484
    C:\Windows\system32\csrss.exe 560
    C:\Windows\system32\csrss.exe 620
    C:\Windows\system32\wininit.exe 628
    C:\Windows\system32\services.exe 668
    C:\Windows\system32\lsass.exe 684
    C:\Windows\system32\lsm.exe 692
    C:\Windows\system32\winlogon.exe 728
    C:\Windows\system32\svchost.exe 880
    C:\Windows\system32\nvvsvc.exe 944
    C:\Windows\system32\svchost.exe 972
    C:\Windows\System32\svchost.exe 1040
    C:\Windows\System32\svchost.exe 1116
    C:\Windows\System32\svchost.exe 1144
    C:\Windows\system32\svchost.exe 1156
    C:\Windows\system32\SLsvc.exe 1316
    C:\Windows\system32\svchost.exe 1352
    C:\Windows\system32\nvvsvc.exe 1476
    C:\Windows\system32\svchost.exe 1512
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1712
    C:\Program Files\Alwil Software\Avast4\ashServ.exe 1728
    C:\Windows\System32\spoolsv.exe 260
    c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 344
    C:\Windows\system32\svchost.exe 872
    C:\Windows\system32\taskeng.exe 2332
    c:\hp\HPEZBTN\HPBtnSrv.exe 2500
    C:\Windows\system32\svchost.exe 2600
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2612
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2644
    C:\Windows\System32\svchost.exe 2692
    C:\Windows\System32\svchost.exe 2736
    C:\Windows\system32\svchost.exe 2748
    C:\Windows\system32\svchost.exe 2776
    C:\Windows\System32\svchost.exe 2832
    C:\Windows\system32\SearchIndexer.exe 2872
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3108
    C:\Windows\system32\WUDFHost.exe 3260
    c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 4172
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4256
    C:\Windows\system32\taskeng.exe 4752
    C:\Windows\system32\Dwm.exe 3692
    C:\Windows\Explorer.EXE 2348
    C:\Program Files\Windows Defender\MSASCui.exe 5024
    C:\Windows\RtHDVCpl.exe 4940
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 3680
    c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 4492
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3468
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 5532
    C:\Program Files\Java\jre6\bin\jusched.exe 5500
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2560
    C:\Program Files\Windows Sidebar\sidebar.exe 5716
    C:\Windows\ehome\ehtray.exe 5708
    C:\Program Files\Windows Media Player\wmpnscfg.exe 3652
    C:\Users\stephane\Documents\task.exe 3816
    C:\Windows\ehome\ehmsas.exe 3484
    C:\Program Files\Windows Media Player\wmpnetwk.exe 336
    C:\Windows\system32\schtasks.exe 1060
    C:\hp\kbd\kbd.exe 1752
    C:\Windows\system32\conime.exe 4020
    C:\Windows\System32\mobsync.exe 5576
    C:\Windows\system32\taskeng.exe 4772
    C:\Program Files\iPod\bin\iPodService.exe 5464
    C:\Program Files\iTunes\iTunesHelper.exe 4776
    C:\Program Files\Internet Explorer\IEUser.exe 3404
    C:\Program Files\Internet Explorer\iexplore.exe 1652
    C:\Windows\system32\SearchProtocolHost.exe 3504
    C:\Windows\system32\SearchFilterHost.exe 1488
    C:\Windows\system32\wbem\wmiprvse.exe 5800

    ################## | Fichiers # Dossiers infectieux |

    Supprimé ! C:\Windows\System32\autorun.inf

    ################## | Registre # Clés infectieuses |

    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDesktop"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoViewContextMenu"

    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{30d3676c-9370-11dd-ba2e-806e6f6e6963}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{fceb596e-a987-11dd-8f6a-001e8cc5a021}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [20/03/2008 10:20|--a------|74] C:\autoexec.bat
    [11/04/2009 07:36|-rahs----|333257] C:\bootmgr
    [20/03/2008 18:08|-ra-s----|8192] C:\BOOTSECT.BAK
    [20/11/2009 21:13|--a------|1486] C:\cleannavi.txt
    [18/09/2006 22:43|--a------|10] C:\config.sys
    [17/10/2009 22:36|--a------|125] C:\FINIS_IT.TXT
    [10/12/2008 19:30|-rahs----|0] C:\IO.SYS
    [10/12/2008 19:30|-rahs----|0] C:\MSDOS.SYS
    [?|?|?] C:\pagefile.sys
    [12/10/2008 17:07|--a------|574] C:\RHDSetup.log
    [26/11/2009 17:14|--a------|1688] C:\TB.txt
    [08/04/2009 18:38|--a------|1013] C:\updatedatfix.log
    [26/11/2009 21:14|--a------|5583] C:\UsbFix.txt
    [22/06/2007 16:44|---hs----|438328] D:\boo.mgr
    [02/11/2006 00:53|---hs----|438840] D:\bootmgr
    [19/06/2007 15:22|---hs----|1322] D:\Desktop.ini
    [20/03/2008 20:21|---hs----|111] D:\MASTER.LOG
    [04/10/2008 13:32|---hs----|428] D:\pcdr.ini
    [19/06/2007 15:22|---hs----|181616] D:\Protect.ed
    [20/03/2008 20:21|---hs----|44] D:\RESTORE.INI
    [26/08/2008 18:06|--a------|727910400] E:\Disjoncté.avi
    [15/03/2009 13:02|--a------|3051] K:\lapin.txt
    [10/12/2007 09:38|--a------|28181] K:\mynameisearls03e04.srt
    [10/12/2007 09:32|--a------|27855] K:\mynameisearls03e05.srt
    [25/04/2009 13:06|--a------|42970300] K:\West Side De Paname.mp3

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.
    # D:\autorun.inf -> Dossier créé par UsbFix.
    # E:\autorun.inf -> Dossier créé par UsbFix.
    # K:\autorun.inf -> Dossier créé par UsbFix.
    # M:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Suspect | https://www.virustotal.com/gui/ |

    ################## | Cracks / Keygens / Serials |

    "C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
    02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52

    "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
    24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2

    "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
    24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f

    "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
    24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
    27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
    27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
    27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
    27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
    27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
    27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
    27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
    27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
    27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
    27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
    07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
    07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

    "E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
    15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
    27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
    27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
    27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
    27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
    27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
    27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
    27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
    27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
    27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
    27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf

    "M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
    13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

    "M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
    13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

    "M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
    26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

    "M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
    22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f

    "C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
    -> Contain : OfflineActivation.exe

    "E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
    -> Contain : DeleteSecuromReg.exe

    "C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
    -> contain : rld-sim3.exe

    "C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
    -> contain : TS3.exe

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
    -> contain : GTAIV.exe

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
    -> contain : LaunchGTAIV.exe

    "E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
    -> contain : Jericho.exe

    "M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
    -> contain : FalloutLauncher.exe

    Merci pour ton aide précieuse.
    0
  9. silverius Messages postés 281 Statut Membre 48
     
    Voici le rapport dois-je l'envoyer au site? ou n'est-ce pas préférable?

    ############################## | UsbFix V6.058 |

    User : stephane (Administrateurs) # GAIAII
    Update on 26/11/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 21:13:08 | 26/11/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 3
    Internet Explorer 7.0.6002.18005
    Windows Firewall Status : Enabled

    C:\ -> Disque fixe local # 455,46 Go (73,66 Go free) [HP] # NTFS
    D:\ -> Disque fixe local # 10,3 Go (1,37 Go free) [FACTORY_IMAGE] # NTFS
    E:\ -> Disque fixe local # 465,76 Go (338,34 Go free) [NEW_VOLUME] # NTFS
    F:\ -> Disque CD-ROM
    G:\ -> Disque CD-ROM
    H:\ -> Disque amovible
    I:\ -> Disque amovible
    J:\ -> Disque amovible
    K:\ -> Disque fixe local # 298,08 Go (154,76 Go free) [Baal] # NTFS
    L:\ -> Disque amovible
    M:\ -> Disque fixe local # 465,76 Go (280,51 Go free) [IOMEGA_HDD] # NTFS

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe 484
    C:\Windows\system32\csrss.exe 560
    C:\Windows\system32\csrss.exe 620
    C:\Windows\system32\wininit.exe 628
    C:\Windows\system32\services.exe 668
    C:\Windows\system32\lsass.exe 684
    C:\Windows\system32\lsm.exe 692
    C:\Windows\system32\winlogon.exe 728
    C:\Windows\system32\svchost.exe 880
    C:\Windows\system32\nvvsvc.exe 944
    C:\Windows\system32\svchost.exe 972
    C:\Windows\System32\svchost.exe 1040
    C:\Windows\System32\svchost.exe 1116
    C:\Windows\System32\svchost.exe 1144
    C:\Windows\system32\svchost.exe 1156
    C:\Windows\system32\SLsvc.exe 1316
    C:\Windows\system32\svchost.exe 1352
    C:\Windows\system32\nvvsvc.exe 1476
    C:\Windows\system32\svchost.exe 1512
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1712
    C:\Program Files\Alwil Software\Avast4\ashServ.exe 1728
    C:\Windows\System32\spoolsv.exe 260
    c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 344
    C:\Windows\system32\svchost.exe 872
    C:\Windows\system32\taskeng.exe 2332
    c:\hp\HPEZBTN\HPBtnSrv.exe 2500
    C:\Windows\system32\svchost.exe 2600
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 2612
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2644
    C:\Windows\System32\svchost.exe 2692
    C:\Windows\System32\svchost.exe 2736
    C:\Windows\system32\svchost.exe 2748
    C:\Windows\system32\svchost.exe 2776
    C:\Windows\System32\svchost.exe 2832
    C:\Windows\system32\SearchIndexer.exe 2872
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3108
    C:\Windows\system32\WUDFHost.exe 3260
    c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 4172
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 4256
    C:\Windows\system32\taskeng.exe 4752
    C:\Windows\system32\Dwm.exe 3692
    C:\Windows\Explorer.EXE 2348
    C:\Program Files\Windows Defender\MSASCui.exe 5024
    C:\Windows\RtHDVCpl.exe 4940
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 3680
    c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 4492
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3468
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 5532
    C:\Program Files\Java\jre6\bin\jusched.exe 5500
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2560
    C:\Program Files\Windows Sidebar\sidebar.exe 5716
    C:\Windows\ehome\ehtray.exe 5708
    C:\Program Files\Windows Media Player\wmpnscfg.exe 3652
    C:\Users\stephane\Documents\task.exe 3816
    C:\Windows\ehome\ehmsas.exe 3484
    C:\Program Files\Windows Media Player\wmpnetwk.exe 336
    C:\Windows\system32\schtasks.exe 1060
    C:\hp\kbd\kbd.exe 1752
    C:\Windows\system32\conime.exe 4020
    C:\Windows\System32\mobsync.exe 5576
    C:\Windows\system32\taskeng.exe 4772
    C:\Program Files\iPod\bin\iPodService.exe 5464
    C:\Program Files\iTunes\iTunesHelper.exe 4776
    C:\Program Files\Internet Explorer\IEUser.exe 3404
    C:\Program Files\Internet Explorer\iexplore.exe 1652
    C:\Windows\system32\SearchProtocolHost.exe 3504
    C:\Windows\system32\SearchFilterHost.exe 1488
    C:\Windows\system32\wbem\wmiprvse.exe 5800

    ################## | Fichiers # Dossiers infectieux |

    Supprimé ! C:\Windows\System32\autorun.inf

    ################## | Registre # Clés infectieuses |

    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDesktop"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFind"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFolderOptions"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"
    Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoViewContextMenu"

    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{30d3676c-9370-11dd-ba2e-806e6f6e6963}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{fceb596e-a987-11dd-8f6a-001e8cc5a021}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [20/03/2008 10:20|--a------|74] C:\autoexec.bat
    [11/04/2009 07:36|-rahs----|333257] C:\bootmgr
    [20/03/2008 18:08|-ra-s----|8192] C:\BOOTSECT.BAK
    [20/11/2009 21:13|--a------|1486] C:\cleannavi.txt
    [18/09/2006 22:43|--a------|10] C:\config.sys
    [17/10/2009 22:36|--a------|125] C:\FINIS_IT.TXT
    [10/12/2008 19:30|-rahs----|0] C:\IO.SYS
    [10/12/2008 19:30|-rahs----|0] C:\MSDOS.SYS
    [?|?|?] C:\pagefile.sys
    [12/10/2008 17:07|--a------|574] C:\RHDSetup.log
    [26/11/2009 17:14|--a------|1688] C:\TB.txt
    [08/04/2009 18:38|--a------|1013] C:\updatedatfix.log
    [26/11/2009 21:14|--a------|5583] C:\UsbFix.txt
    [22/06/2007 16:44|---hs----|438328] D:\boo.mgr
    [02/11/2006 00:53|---hs----|438840] D:\bootmgr
    [19/06/2007 15:22|---hs----|1322] D:\Desktop.ini
    [20/03/2008 20:21|---hs----|111] D:\MASTER.LOG
    [04/10/2008 13:32|---hs----|428] D:\pcdr.ini
    [19/06/2007 15:22|---hs----|181616] D:\Protect.ed
    [20/03/2008 20:21|---hs----|44] D:\RESTORE.INI
    [26/08/2008 18:06|--a------|727910400] E:\Disjoncté.avi
    [15/03/2009 13:02|--a------|3051] K:\lapin.txt
    [10/12/2007 09:38|--a------|28181] K:\mynameisearls03e04.srt
    [10/12/2007 09:32|--a------|27855] K:\mynameisearls03e05.srt
    [25/04/2009 13:06|--a------|42970300] K:\West Side De Paname.mp3

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix.
    # D:\autorun.inf -> Dossier créé par UsbFix.
    # E:\autorun.inf -> Dossier créé par UsbFix.
    # K:\autorun.inf -> Dossier créé par UsbFix.
    # M:\autorun.inf -> Dossier créé par UsbFix.

    ################## | Suspect | https://www.virustotal.com/gui/ |

    ################## | Cracks / Keygens / Serials |

    "C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\Crack\LaunchGTAIV.exe"
    02/10/2009 17:50 |Size 28160 |Crc32 373b5f85 |Md5 b4f4a2841f0857aaf18232724762cc52

    "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Exe\Anno4.exe"
    24/10/2009 23:02 |Size 14708672 |Crc32 cbdd026c |Md5 8e4edf35d1fe4d20cd606dd02702fbd2

    "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Anno4.exe"
    24/10/2009 23:03 |Size 14658048 |Crc32 b2279462 |Md5 7648ffdd996f1b64e7ff6fc107e69e4f

    "E:\download\Anno_1404_Dawn_Of_Discovery-Razor1911-Crack\Razor1911\Trainer\rzr-a4t4.exe"
    24/10/2009 23:02 |Size 361299 |Crc32 8557504c |Md5 e5fbd09d6443301fbcbc7a8f7f7931e8

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
    27/12/2008 14:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
    27/12/2008 14:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
    27/12/2008 12:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
    27/12/2008 14:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
    27/12/2008 16:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
    27/12/2008 14:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
    27/12/2008 12:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
    27/12/2008 15:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
    27/12/2008 15:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191

    "E:\download\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
    27/12/2008 12:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\GTAIV.exe"
    07/12/2008 16:41 |Size 13411688 |Crc32 be148d03 |Md5 9fa1c2a3f2932d46538bc14e715cfccc

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\LaunchGTAIV.exe"
    07/12/2008 16:41 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

    "E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.exe"
    15/08/2009 20:32 |Size 65536 |Crc32 b9345910 |Md5 ecbcd35f44cebd44d64ff5d5529ed22b

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Crack\Civ4BeyondSword.exe"
    27/12/2008 13:22 |Size 12767232 |Crc32 c06e1bee |Md5 a1fe79ac326c16bf4922a5c4158c4449

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 1\Civ4BeyondTheSwordPatch3.02.exe"
    27/12/2008 13:22 |Size 28388287 |Crc32 0635df5c |Md5 8313b9e254ad33edba1e7c24bfc8e56d

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 2\Civ4BeyondTheSwordPatch3.03.exe"
    27/12/2008 11:20 |Size 85021405 |Crc32 fc6af1c3 |Md5 c02e96f29160b4e6eda7eac62db24799

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Beyond The Sword\Patch 3\Civ4BeyondTheSwordPatch3.13.exe"
    27/12/2008 13:21 |Size 126887463 |Crc32 001fa334 |Md5 39d34db36bc165b5f75c31bdc0e4249b

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Crack\Civilization4.exe"
    27/12/2008 15:17 |Size 10407936 |Crc32 d8be76e3 |Md5 ae3b47863e7d88636a5c87d90643e845

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 1\Civ4Patch1.61.exe"
    27/12/2008 13:24 |Size 48291703 |Crc32 45b9550a |Md5 dffd182f5e13813468a79eaccbb52520

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Civilization IV\Patch 2\Civ4Patch1.74_Final.exe"
    27/12/2008 11:55 |Size 63228492 |Crc32 52574a24 |Md5 127a37aaff0f95f9f1e52f73f9c538da

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Crack\Civ4Warlords.exe"
    27/12/2008 14:38 |Size 9976832 |Crc32 64f34fdf |Md5 0b40d3ea2040552bd47cd9ff37205730

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 1\Civ4WarlordsPatch2.08.exe"
    27/12/2008 14:38 |Size 67299871 |Crc32 f9c88a18 |Md5 1a4e98c1aaaf3ff9b65a64b118c80191

    "M:\ioméga\2\iso games\Civilization 4 Complete\Civilization Patches + Cracks\Warlords\Patch 2\Civ4WarlordsPatch2.13.exe"
    27/12/2008 11:56 |Size 84846989 |Crc32 b9fbfc2e |Md5 5378b7b7bf6eae6d22fd4ac67c9479cf

    "M:\ioméga\2\iso games\GTA IV PCgame\GTA 4 v1.0.2.0 Crack - Razor1911\Crack\LaunchGTAIV.exe"
    13/10/2009 11:24 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

    "M:\ioméga\2\iso games\GTA IV PCgame\Readme\GTA 4 v1.0.2.0 Crack - Razor1911\LaunchGTAIV.exe"
    13/10/2009 11:30 |Size 73728 |Crc32 83eb9232 |Md5 25ea124fc3e2b578c48900633d00a0bd

    "M:\ioméga\2\iso games\Pro Evolution Soccer 2010\Crack\pes2010.exe"
    26/10/2009 19:18 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07

    "M:\ioméga\2\utorren\téléchargement\Borderlands-RELOADED\Crack\Borderlands.exe"
    22/10/2009 01:19 |Size 35745460 |Crc32 25f4b07e |Md5 af55737b3e2f399a3dd271d0f77dee3f

    "C:\Users\stephane\Desktop\ced\iso\GTA.IV-ArenaBG\autre\Grand.Theft.Auto.IV.Crack.Offline.Activation.zip"
    -> Contain : OfflineActivation.exe

    "E:\download\Sacred 2 Fallen Angel PC FR\Crack\DeleteSecuromReg.zip"
    -> Contain : DeleteSecuromReg.exe

    "C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
    -> contain : rld-sim3.exe

    "C:\Users\stephane\Desktop\ced\iso\serial+crack.Sims3.rar"
    -> contain : TS3.exe

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
    -> contain : GTAIV.exe

    "E:\download\Grand_Theft_Auto_IV_Crack_Only-Razor1911\rzr-gta4-crack.rar"
    -> contain : LaunchGTAIV.exe

    "E:\Iso game\Clive Barker's Jericho [PC rip] (~GHo$T~) (Fps équipe horreur)\Clive Barker's Jericho No-DVD Crack (Fairlight).rar"
    -> contain : Jericho.exe

    "M:\ioméga\2\utorren\téléchargement\Fallout 3 Hope Collection of mods\INSTALLATION\Fallout 3 No cd crack v1.4.0.6.rar"
    -> contain : FalloutLauncher.exe

    Merci pour ton aide précieuse.
    0
    1. Utilisateur anonyme
       
      Re

      Passe à la suite;merci
      0