VIRUS anti-antivirus sous vista, HELP!

jimmy -  
Destrio5 Messages postés 99820 Statut Modérateur -
Bonjour,
je vais essayer de décrire mon problème clairement...

tout a commencé lorsque j'ai décompressé un .rar d'un certain Burn4Free (logiciel de gravure) trouvé sur Emule. J'ai lancé le .exe. M'attendant à une installation standard, je clique sans trop réfléchir sur le seul bouton disponible "process". Et là, écran bleu, plantage. je redémarre, de nouveau écran bleu plantage (2fois seulement). Impossible de choisir "redémarrage en mode sans échec" car mon clavier est (étrangement) inactif avant l'ouverture de windows, donc "redémarrage de windows normalement" obligé après les 20sec d'attente.

Désormais, mon ordinateur s'allume et s'éteint normalement, mais mon antivirus a disparu (Antivir) de la barre windows, il est impossible de le lancer (lui ou tout autre antivirus, j'ai essayé Avast) que ce soit par des raccourcis ou lorsque je navigue dans ses dossiers (j'ai rarement le temps d'atteindre le dossier avant que la fenêtre ne réponde plus.)
Lorsque j'arrive à en lancer un, on me dit que ce ne sont pas des applications Win32 valides! on me dit également ça lorsque j'essaye d'accéder à mon disque dur externe! de plus, les capacités de mon ordinateurs sont lourdement parasités (des pointes régulières à 30%de CU utilisée) et d'autres programmes (le logiciel de la carte son creative fatal1ty par exemple) sont mis hors jeu exactement comme les antivirus.

Tout ceci me broie majestueusement les couilles si vous me permettez l'expression, et j'ai vraiment besoin d'aide. J'ai apparement choppé une saloperie de virus anti-antivirus et il faut vraiment que je m'en débarrasse car l'utilisation de mon dde m'est indispensable.

Je vous remercie d'avance :)
A voir également:

9 réponses

Réponse 1 / 9
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
Salut,

Tu as gagné l'infection Bagle.

---> Désactive l'UAC le temps de la désinfection :
http://www.commentcamarche.net/faq/sujet 8343 vista desactiver l uac

--> Télécharge FindyKill (par Chiquitine29) sur ton Bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

--> Lance l'installation avec les paramètres par défaut.

--> Clique droit sur le raccourci FindyKill situé sur ton Bureau et choisis Exécuter en tant qu'administrateur.

--> Choisis F pour Français et valide.

--> Au menu principal, choisis l'option 1 (Recherche).

--> Poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
1
jimmy
 
vous etes rapides les mecs! :) voici donc le rapport findkill:



----------------- FindyKill V4.705 ------------------

* User : Jimmy - PC-DE-JIMMY
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 17/11/08 par Chiquitine29
* Recherche effectuée à 12:13:52 le 24/11/2008
* Windows Vista - Internet Explorer 7.0.6001.18000

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Windows\System32\CTHELPER.EXE
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\explorer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:

Found ! [24/11/2008 00:18] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\Windows


»»»» Presence des fichiers dans C:\Windows\Prefetch

Found ! - C:\Windows\prefetch\6640619.EXE-F33026B6.pf
Found ! - C:\Windows\prefetch\6648809.EXE-44E3674B.pf
Found ! - C:\Windows\prefetch\6653770.EXE-82328ED8.pf
Found ! - C:\Windows\prefetch\FLEC006.EXE-D021030F.pf
Found ! - C:\Windows\prefetch\MDELK.EXE-74B0283C.pf
Found ! - C:\Windows\prefetch\WINFILSE.EXE-48314F7F.pf
Found ! - C:\Windows\prefetch\WINTEMS.EXE-9889BB0E.pf

»»»» Presence des fichiers dans C:\Windows\system32

Found ! [24/11/2008 08:13] - C:\Windows\system32\mdelk.exe
Found ! [24/11/2008 08:13] - C:\Windows\system32\wintems.exe
Found ! [24/11/2008 09:15] - C:\Windows\system32\ban_list.txt

»»»» Presence des fichiers dans C:\Windows\system32\drivers

Found ! [23/11/2008 23:52] - C:\Windows\system32\drivers\srosa.sys
Found ! [23/11/2008 23:52] - C:\Windows\system32\drivers\srosa2.sys
Found ! [06/10/2005 09:10] - C:\Windows\system32\drivers\winfilse.exe
Found ! [24/11/2008 08:20] - "C:\Windows\system32\drivers\downld"
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\105643.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\108826.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\135986.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\141508.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\15150707.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\15186510.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\15192157.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\15210206.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\15379592.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\15505298.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\15639537.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\15654591.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\175547.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\177513.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\209946.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\213643.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\214532.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\244547.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\251848.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\30150032.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\30157411.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\30159064.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\30174961.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\30181076.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\30319324.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\30323739.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\30493577.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\30582576.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\30601592.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\353373.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\356321.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\360284.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\364839.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\476021.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\604332.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\622896.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\6615206.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\6617094.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\6640619.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\6648809.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\6653770.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\72680.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\73538.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\78484.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\84131.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\86970.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\87766.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\89731.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\90652.exe
Found ! [24/11/2008 08:20] - C:\Windows\system32\drivers\downld\92009.exe

»»»» Presence des fichiers dans C:\Users\Jimmy\AppData\Roaming

Found ! [24/11/2008 08:13] - "C:\Users\Jimmy\AppData\Roaming\m\flec006.exe"
Found ! [24/11/2008 08:14] - "C:\Users\Jimmy\AppData\Roaming\m\list.oct"
Found ! [24/11/2008 08:14] - "C:\Users\Jimmy\AppData\Roaming\m\data.oct"
Found ! [24/11/2008 08:14] - "C:\Users\Jimmy\AppData\Roaming\m\srvlist.oct"
Found ! [24/11/2008 10:03] - "C:\Users\Jimmy\AppData\Roaming\m\shared"
Found ! [24/11/2008 04:04] - "C:\Users\Jimmy\AppData\Roaming\m"

»»»» Presence des fichiers dans C:\Users\Jimmy\AppData\Local\Temp


»»»» Presence des fichiers dans C:\Users\Jimmy\Local Settings\Temporary Internet Files\Content.IE5

Found ! [23/11/2008 23:27] - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1UR628QG\b64_3[1].jpg
Found ! [23/11/2008 23:41] - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9WO3IAN4\b64[2].jpg
Found ! [23/11/2008 23:44] - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9WO3IAN4\b64_2[1].jpg
Found ! [23/11/2008 23:44] - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XT730OEU\b64_1[1].jpg
Found ! [23/11/2008 23:42] - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XT730OEU\WMPdd237293-cc04-4af7-8be5-78b647551c37[1]..jpg
Found ! [23/11/2008 23:41] - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1CXCKZH\b64_2[1].jpg
Found ! [26/02/2007 17:45] - C:\Users\Jimmy\Desktop\MUSIQUE\Citizen Cope\The Clarence Greenwood Recordings\AlbumArt_{4C2779C1-1E02-4B64-9F35-9B9096DE2FD5}_Large.jpg
Found ! [26/02/2007 17:45] - C:\Users\Jimmy\Desktop\MUSIQUE\Citizen Cope\The Clarence Greenwood Recordings\AlbumArt_{4C2779C1-1E02-4B64-9F35-9B9096DE2FD5}_Small.jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

filehippo.com="C:\Program Files\filehippo.com\UpdateChecker.exe" /background
DAEMON Tools Lite="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
Orb="C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
eMuleAutoStart=C:\Program Files\eMule\emule.exe -AutoStart
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
RCSystem="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
AudioDrvEmulator="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
VolPanel="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
CTHelper=CTHELPER.EXE
UpdReg=C:\Windows\UpdReg.EXE
avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
CTxfiHlp=CTXFIHLP.EXE
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
Logitech Hardware Abstraction Layer=KHALMNPR.EXE
Acrobat Assistant 8.0="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
<NO NAME>=
Adobe_ID0EYTHM=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
WinampAgent="C:\Program Files\Winamp\winampa.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-1290542435-382262474-971793042-1000\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_USERS\S-1-5-21-1290542435-382262474-971793042-1000\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1290542435-382262474-971793042-1000\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-1290542435-382262474-971793042-1000\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1290542435-382262474-971793042-1000\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\FFC
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s

--------------- [ Etat / Services ] ----------------



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

EapHost - Type de démarrage = 3

Wlansvc - Type de démarrage = 3

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

/!\ wscsvc - Type de démarrage = 4

/!\ WinDefend - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe
E: - Lecteur fixe

+- Contenu de l'autorun : E:\autorun.inf

[autorun]
open=Launch.exe
icon=Launch.exe


+- presence des fichiers :

Found ! [02/07/2007 07:34][--a------] - E:\autorun.inf


--------------- [ Registre / Mountpoint2 ] ----------------


-> Not found !


------------------- ! Fin du rapport ! --------------------
0
Réponse 2 / 9
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
--> Supprime tes cracks et keygens.

--> Branche tes disques amovibles à ton PC (clefs USB, disque dur externe, etc...) sans les ouvrir.

--> Clique droit sur le raccourci FindyKill situé sur ton Bureau et choisis Exécuter en tant qu'administrateur.

--> Choisis F pour Français puis valide.

--> Au menu principal, choisis l'option 2 (Suppression).

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

--> Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
1
jimmy
 
voilà le rapport, je n'ai encore pas testé voir si ça a réglé le problème? guidez moi :)
vous gérez les mecs
voici le rapport :




----------------- FindyKill V4.705 ------------------

* User : Jimmy - PC-DE-JIMMY
* executed from : C:\Program Files\FindyKill
* Update on 17/11/08 par Chiquitine29
* Start at 12:36:21 the 24/11/2008
* Windows Vista - Internet Explorer 7.0.6001.18000


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\conime.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\Windows


»»»» Supression files in C:\Windows\Prefetch

Deleted ! - C:\Windows\prefetch\6640619.EXE-F33026B6.pf
Deleted ! - C:\Windows\prefetch\6648809.EXE-44E3674B.pf
Deleted ! - C:\Windows\prefetch\6653770.EXE-82328ED8.pf
Deleted ! - C:\Windows\prefetch\FLEC006.EXE-D021030F.pf
Deleted ! - C:\Windows\prefetch\MDELK.EXE-74B0283C.pf
Deleted ! - C:\Windows\prefetch\WINFILSE.EXE-48314F7F.pf
Deleted ! - C:\Windows\prefetch\WINTEMS.EXE-9889BB0E.pf

»»»» Supression files in C:\Windows\system32

Deleted ! - C:\Windows\system32\mdelk.exe
Deleted ! - C:\Windows\system32\wintems.exe
Deleted ! - C:\Windows\system32\ban_list.txt

»»»» Supression files in C:\Windows\system32\drivers

Deleted ! - C:\Windows\system32\drivers\srosa.sys
Deleted ! - C:\Windows\system32\drivers\srosa2.sys
Deleted ! - C:\Windows\system32\drivers\winfilse.exe
Deleted ! - C:\Windows\system32\drivers\downld\105643.exe
Deleted ! - C:\Windows\system32\drivers\downld\108826.exe
Deleted ! - C:\Windows\system32\drivers\downld\135986.exe
Deleted ! - C:\Windows\system32\drivers\downld\141508.exe
Deleted ! - C:\Windows\system32\drivers\downld\15150707.exe
Deleted ! - C:\Windows\system32\drivers\downld\15186510.exe
Deleted ! - C:\Windows\system32\drivers\downld\15192157.exe
Deleted ! - C:\Windows\system32\drivers\downld\15210206.exe
Deleted ! - C:\Windows\system32\drivers\downld\15379592.exe
Deleted ! - C:\Windows\system32\drivers\downld\15505298.exe
Deleted ! - C:\Windows\system32\drivers\downld\15639537.exe
Deleted ! - C:\Windows\system32\drivers\downld\15654591.exe
Deleted ! - C:\Windows\system32\drivers\downld\175547.exe
Deleted ! - C:\Windows\system32\drivers\downld\177513.exe
Deleted ! - C:\Windows\system32\drivers\downld\209946.exe
Deleted ! - C:\Windows\system32\drivers\downld\213643.exe
Deleted ! - C:\Windows\system32\drivers\downld\214532.exe
Deleted ! - C:\Windows\system32\drivers\downld\244547.exe
Deleted ! - C:\Windows\system32\drivers\downld\251848.exe
Deleted ! - C:\Windows\system32\drivers\downld\30150032.exe
Deleted ! - C:\Windows\system32\drivers\downld\30157411.exe
Deleted ! - C:\Windows\system32\drivers\downld\30159064.exe
Deleted ! - C:\Windows\system32\drivers\downld\30174961.exe
Deleted ! - C:\Windows\system32\drivers\downld\30181076.exe
Deleted ! - C:\Windows\system32\drivers\downld\30319324.exe
Deleted ! - C:\Windows\system32\drivers\downld\30323739.exe
Deleted ! - C:\Windows\system32\drivers\downld\30493577.exe
Deleted ! - C:\Windows\system32\drivers\downld\30582576.exe
Deleted ! - C:\Windows\system32\drivers\downld\30601592.exe
Deleted ! - C:\Windows\system32\drivers\downld\353373.exe
Deleted ! - C:\Windows\system32\drivers\downld\356321.exe
Deleted ! - C:\Windows\system32\drivers\downld\360284.exe
Deleted ! - C:\Windows\system32\drivers\downld\364839.exe
Deleted ! - C:\Windows\system32\drivers\downld\476021.exe
Deleted ! - C:\Windows\system32\drivers\downld\604332.exe
Deleted ! - C:\Windows\system32\drivers\downld\622896.exe
Deleted ! - C:\Windows\system32\drivers\downld\6615206.exe
Deleted ! - C:\Windows\system32\drivers\downld\6617094.exe
Deleted ! - C:\Windows\system32\drivers\downld\6640619.exe
Deleted ! - C:\Windows\system32\drivers\downld\6648809.exe
Deleted ! - C:\Windows\system32\drivers\downld\6653770.exe
Deleted ! - C:\Windows\system32\drivers\downld\72680.exe
Deleted ! - C:\Windows\system32\drivers\downld\73538.exe
Deleted ! - C:\Windows\system32\drivers\downld\78484.exe
Deleted ! - C:\Windows\system32\drivers\downld\84131.exe
Deleted ! - C:\Windows\system32\drivers\downld\86970.exe
Deleted ! - C:\Windows\system32\drivers\downld\87766.exe
Deleted ! - C:\Windows\system32\drivers\downld\89731.exe
Deleted ! - C:\Windows\system32\drivers\downld\90652.exe
Deleted ! - C:\Windows\system32\drivers\downld\92009.exe
Deleted ! - "C:\Windows\system32\drivers\downld"

»»»» Supression files in C:\Users\Jimmy\AppData\Roaming

Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m\flec006.exe"
Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m\list.oct"
Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m\data.oct"
Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m\srvlist.oct"
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\001_Joiner_and_Splitter_Pro_2.1.4.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\1-abc.net_Folder-To-TXT_1.01.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ABSYNTH_4.0.1.007.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ActivePrint_UltraLight_4.7.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\AD Picture Viewer 3.9.1.311.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\AD_Three_Bears_5.07.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Age of Mythology The Titans Aurum Athina map.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Allok_Video_Joiner_3.2.0807.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Amazing Places - Austria 1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Amazon.com Searchbar 2.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Anonymity_Gateway_2.5_(Patch).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\AudioTools Pro 4.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Avira.AntiVir.PersonalEdition.Premium.7.+.Key_01_10_2006.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\AVI_Toolbox_1.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\AVS Video Editor 3.5.1.355.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Barcode_Components_1.0.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Belltech Label Maker Pro 2.1.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Bix_Photo_Book_2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Blat PHP Example 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\BloodRayne 1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Body_Account_1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Body_Account_1.1_(Patch).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Cabbage Soup Diet 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\CD MP3 Terminator 2.07.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Celebrity_Magnet_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Clicktionary_English-Japanese_3.2.2_[Serial].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Coin Collector Professional 7.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ColorMaker 3.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\CommuniCrypt File Encryption Tools 1.01.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\CPU-Control_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Crazy Mouse 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Create Floor Schedules for Your Agents 3.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Delicioius Diabetic Recipes 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Delivery_Waitress_1.0_[Key+Serial].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Desert_Combat_(Battlefield_1942) -_Baghdad_Intl_Airport_map_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Diablo II Screensaver 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Drop_Menu_II_Applet_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\DVD-fx 2.3.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Ease CD Ripper 1.50.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Easy Auction Creator 1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\EasyFP 2.3 [KeyGen].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Easy_Login_1.1.5.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\eBookGuard Document Protection 3.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\EBSQ Art of the Day 0.1.2.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\EGPicJpgDBF 1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Elite_Helisquad_1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Employee_Expense_Organizer_Deluxe_2.8_[Serial].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\F-Prot Antivirus 6.0.9.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Fastcrop 1.03.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Fast_Port_Scanner_1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Find My Heart 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Flash Retriever 1.2.0.41.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\FLASH-Album Author 1.5.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\FTP_Client_Engine_for_FoxPro_2.6.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Goldfish Aquarium 2.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\GoldFish0009 ScreenMate.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\How_to_Study_Ebook_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ImageExtractor_2003.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\IrisSkin_3.41_(Crack).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Jazz Globals 1.5.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Kaspersky.5.0.121.personal.fr.+.manuel.+.clǸ.key.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Kernel_FAT-NTFS_-_Windows_Data_Recovery_4.03_(Crack).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Kitchen_Design_Secrets_1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\LabelWidget_1.1.4.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Leithauser_Research_EBook_Reader_-_15000_Useful_Phrases_1.0_[Serial].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Madcrosoft File Encrypter 2.5.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Magic Polyphonic Ringtone 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Mail_Merge_Pro_(OS_X)_2.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Michelangelo Art 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Monkey Beach Demo Screensaver 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Mouz 1.00.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\MyTVPal_Player_5.3.152.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Nasser Exe2Swf 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Network Ping 1.0.0.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\NetworkGazer 1.0.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Nick Video Jigsaw Jam 1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\No One Lives Forever 2 A Spy in H.A.R.M.'s Way map pack 2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\One_Smart_Cookie_1.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\PassKeeper_2.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Peaceful_Rain_Demo_Screensaver_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Peacock Screensaver1 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\PEBundle 3.0.17.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Personal_Finance_1.1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Pic-Matic_1.0_(Key+Serial).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\PL.NOD32.2.51.30.PL.+.key.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Plexis_Serial_Barcode_Wedge_2.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Plugin Commander Light 1.52 Rev4.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Power_Phone_Book_Personal_Edition_1.61_[Crack].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\PQ_DVD_to_iPhone_Video_Converter_Suite_1.0_Build_01_[Cracked].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Primasoft Text 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Proactive_System_Password_Recovery_4.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ProCon Latte 1.7.9.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Professional Renamer 2.45.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Recovozaur_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\RegView_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Richlaur Backgammon 1.0.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ScreenWorks 3.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SDE for JDeveloper (CE) for Windows 3.3 Community Edition.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SecureBlackbox (VCL) 6.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Send2_for_Outlook_1.20.0456.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SNRemove_1.00.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Sophos.Enterprise.Console.v2.0.0.&.EM.Library.v1.3.0-ARN-Shared.by.koolman.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SpaceObServer 2.3.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Speed Reader 2.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Spider_3D_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Sporting Life 4 Screensaver.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SpyStudio_0.8.2b.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\StatsNET 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\STL WebMail Server 1.4.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SweetMail_2.2r6.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\TakeItEasy 1.5.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\TeamTrax_Lite_1.1_(Crack).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Terrasoft_CRM_2.8.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\The Journal 4.0.0.127 (Crack).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\The_Complete_Guide_to_Internet_Marketing_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\The_Leaf_Writer_2006.1_build_29.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Traylook_1.6.5_(Key+Serial).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\TriviaFrog 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Tunebounce_1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\uCertify_PrepKit_-_C220-601_A+_Essentials_8.00.05.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\UpdateIP_JumpGate_0.4.55_Beta.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\VirusScan.-.McAfee.-.VirusScan.2006.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Visendo_FaxServer_Standard_3.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Wallpaper_Wrangler_1.0.1.15.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\WebThumb 2005 release 5.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\WickedOrange Notes 0.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\WinContentFilter_2005_2.0.37.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Word_Finder_Pro_1.0.zip
Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m\shared"
Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m"

»»»» Supression files in C:\Users\Jimmy\AppData\Local\Temp


»»»» Supression files in C:\Users\Jimmy\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1UR628QG\b64_3[1].jpg
Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9WO3IAN4\b64[2].jpg
Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9WO3IAN4\b64_2[1].jpg
Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XT730OEU\b64_1[1].jpg
Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XT730OEU\WMPdd237293-cc04-4af7-8be5-78b647551c37[1]..jpg
Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1CXCKZH\b64_2[1].jpg
Deleted ! - C:\Users\Jimmy\Desktop\MUSIQUE\Citizen Cope\The Clarence Greenwood Recordings\AlbumArt_{4C2779C1-1E02-4B64-9F35-9B9096DE2FD5}_Large.jpg
Deleted ! - C:\Users\Jimmy\Desktop\MUSIQUE\Citizen Cope\The Clarence Greenwood Recordings\AlbumArt_{4C2779C1-1E02-4B64-9F35-9B9096DE2FD5}_Small.jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-1290542435-382262474-971793042-1000\Software\Local AppWizard-Generated Applications\winfilse

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Wlansvc - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

WinDefend - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe
E: - Lecteur fixe

+- deleting files :

Deleted ! - E:\autorun.inf

--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Users\Jimmy\Desktop\MUSIQUE\David Bowie\1983 - Ziggy Stardust The Motion Picture\09 - Cracked Actor.mp3
C:\Users\Jimmy\Desktop\MUSIQUE\David Bowie\1989 - Tin Machine\04 - Crack City.mp3


---------------- ! End of report ! ------------------
0
jimmy
 
voilà le rapport, je n'ai encore pas testé voir si ça a réglé le problème? guidez moi :)
vous gérez les mecs
voici le rapport :




----------------- FindyKill V4.705 ------------------

* User : Jimmy - PC-DE-JIMMY
* executed from : C:\Program Files\FindyKill
* Update on 17/11/08 par Chiquitine29
* Start at 12:36:21 the 24/11/2008
* Windows Vista - Internet Explorer 7.0.6001.18000


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\conime.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:

Deleted ! - C:\InfoSat.txt

»»»» Supression files in C:\Windows


»»»» Supression files in C:\Windows\Prefetch

Deleted ! - C:\Windows\prefetch\6640619.EXE-F33026B6.pf
Deleted ! - C:\Windows\prefetch\6648809.EXE-44E3674B.pf
Deleted ! - C:\Windows\prefetch\6653770.EXE-82328ED8.pf
Deleted ! - C:\Windows\prefetch\FLEC006.EXE-D021030F.pf
Deleted ! - C:\Windows\prefetch\MDELK.EXE-74B0283C.pf
Deleted ! - C:\Windows\prefetch\WINFILSE.EXE-48314F7F.pf
Deleted ! - C:\Windows\prefetch\WINTEMS.EXE-9889BB0E.pf

»»»» Supression files in C:\Windows\system32

Deleted ! - C:\Windows\system32\mdelk.exe
Deleted ! - C:\Windows\system32\wintems.exe
Deleted ! - C:\Windows\system32\ban_list.txt

»»»» Supression files in C:\Windows\system32\drivers

Deleted ! - C:\Windows\system32\drivers\srosa.sys
Deleted ! - C:\Windows\system32\drivers\srosa2.sys
Deleted ! - C:\Windows\system32\drivers\winfilse.exe
Deleted ! - C:\Windows\system32\drivers\downld\105643.exe
Deleted ! - C:\Windows\system32\drivers\downld\108826.exe
Deleted ! - C:\Windows\system32\drivers\downld\135986.exe
Deleted ! - C:\Windows\system32\drivers\downld\141508.exe
Deleted ! - C:\Windows\system32\drivers\downld\15150707.exe
Deleted ! - C:\Windows\system32\drivers\downld\15186510.exe
Deleted ! - C:\Windows\system32\drivers\downld\15192157.exe
Deleted ! - C:\Windows\system32\drivers\downld\15210206.exe
Deleted ! - C:\Windows\system32\drivers\downld\15379592.exe
Deleted ! - C:\Windows\system32\drivers\downld\15505298.exe
Deleted ! - C:\Windows\system32\drivers\downld\15639537.exe
Deleted ! - C:\Windows\system32\drivers\downld\15654591.exe
Deleted ! - C:\Windows\system32\drivers\downld\175547.exe
Deleted ! - C:\Windows\system32\drivers\downld\177513.exe
Deleted ! - C:\Windows\system32\drivers\downld\209946.exe
Deleted ! - C:\Windows\system32\drivers\downld\213643.exe
Deleted ! - C:\Windows\system32\drivers\downld\214532.exe
Deleted ! - C:\Windows\system32\drivers\downld\244547.exe
Deleted ! - C:\Windows\system32\drivers\downld\251848.exe
Deleted ! - C:\Windows\system32\drivers\downld\30150032.exe
Deleted ! - C:\Windows\system32\drivers\downld\30157411.exe
Deleted ! - C:\Windows\system32\drivers\downld\30159064.exe
Deleted ! - C:\Windows\system32\drivers\downld\30174961.exe
Deleted ! - C:\Windows\system32\drivers\downld\30181076.exe
Deleted ! - C:\Windows\system32\drivers\downld\30319324.exe
Deleted ! - C:\Windows\system32\drivers\downld\30323739.exe
Deleted ! - C:\Windows\system32\drivers\downld\30493577.exe
Deleted ! - C:\Windows\system32\drivers\downld\30582576.exe
Deleted ! - C:\Windows\system32\drivers\downld\30601592.exe
Deleted ! - C:\Windows\system32\drivers\downld\353373.exe
Deleted ! - C:\Windows\system32\drivers\downld\356321.exe
Deleted ! - C:\Windows\system32\drivers\downld\360284.exe
Deleted ! - C:\Windows\system32\drivers\downld\364839.exe
Deleted ! - C:\Windows\system32\drivers\downld\476021.exe
Deleted ! - C:\Windows\system32\drivers\downld\604332.exe
Deleted ! - C:\Windows\system32\drivers\downld\622896.exe
Deleted ! - C:\Windows\system32\drivers\downld\6615206.exe
Deleted ! - C:\Windows\system32\drivers\downld\6617094.exe
Deleted ! - C:\Windows\system32\drivers\downld\6640619.exe
Deleted ! - C:\Windows\system32\drivers\downld\6648809.exe
Deleted ! - C:\Windows\system32\drivers\downld\6653770.exe
Deleted ! - C:\Windows\system32\drivers\downld\72680.exe
Deleted ! - C:\Windows\system32\drivers\downld\73538.exe
Deleted ! - C:\Windows\system32\drivers\downld\78484.exe
Deleted ! - C:\Windows\system32\drivers\downld\84131.exe
Deleted ! - C:\Windows\system32\drivers\downld\86970.exe
Deleted ! - C:\Windows\system32\drivers\downld\87766.exe
Deleted ! - C:\Windows\system32\drivers\downld\89731.exe
Deleted ! - C:\Windows\system32\drivers\downld\90652.exe
Deleted ! - C:\Windows\system32\drivers\downld\92009.exe
Deleted ! - "C:\Windows\system32\drivers\downld"

»»»» Supression files in C:\Users\Jimmy\AppData\Roaming

Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m\flec006.exe"
Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m\list.oct"
Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m\data.oct"
Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m\srvlist.oct"
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\001_Joiner_and_Splitter_Pro_2.1.4.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\1-abc.net_Folder-To-TXT_1.01.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ABSYNTH_4.0.1.007.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ActivePrint_UltraLight_4.7.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\AD Picture Viewer 3.9.1.311.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\AD_Three_Bears_5.07.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Age of Mythology The Titans Aurum Athina map.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Allok_Video_Joiner_3.2.0807.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Amazing Places - Austria 1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Amazon.com Searchbar 2.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Anonymity_Gateway_2.5_(Patch).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\AudioTools Pro 4.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Avira.AntiVir.PersonalEdition.Premium.7.+.Key_01_10_2006.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\AVI_Toolbox_1.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\AVS Video Editor 3.5.1.355.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Barcode_Components_1.0.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Belltech Label Maker Pro 2.1.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Bix_Photo_Book_2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Blat PHP Example 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\BloodRayne 1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Body_Account_1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Body_Account_1.1_(Patch).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Cabbage Soup Diet 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\CD MP3 Terminator 2.07.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Celebrity_Magnet_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Clicktionary_English-Japanese_3.2.2_[Serial].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Coin Collector Professional 7.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ColorMaker 3.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\CommuniCrypt File Encryption Tools 1.01.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\CPU-Control_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Crazy Mouse 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Create Floor Schedules for Your Agents 3.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Delicioius Diabetic Recipes 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Delivery_Waitress_1.0_[Key+Serial].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Desert_Combat_(Battlefield_1942) -_Baghdad_Intl_Airport_map_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Diablo II Screensaver 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Drop_Menu_II_Applet_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\DVD-fx 2.3.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Ease CD Ripper 1.50.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Easy Auction Creator 1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\EasyFP 2.3 [KeyGen].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Easy_Login_1.1.5.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\eBookGuard Document Protection 3.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\EBSQ Art of the Day 0.1.2.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\EGPicJpgDBF 1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Elite_Helisquad_1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Employee_Expense_Organizer_Deluxe_2.8_[Serial].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\F-Prot Antivirus 6.0.9.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Fastcrop 1.03.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Fast_Port_Scanner_1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Find My Heart 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Flash Retriever 1.2.0.41.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\FLASH-Album Author 1.5.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\FTP_Client_Engine_for_FoxPro_2.6.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Goldfish Aquarium 2.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\GoldFish0009 ScreenMate.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\How_to_Study_Ebook_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ImageExtractor_2003.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\IrisSkin_3.41_(Crack).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Jazz Globals 1.5.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Kaspersky.5.0.121.personal.fr.+.manuel.+.clǸ.key.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Kernel_FAT-NTFS_-_Windows_Data_Recovery_4.03_(Crack).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Kitchen_Design_Secrets_1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\LabelWidget_1.1.4.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Leithauser_Research_EBook_Reader_-_15000_Useful_Phrases_1.0_[Serial].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Madcrosoft File Encrypter 2.5.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Magic Polyphonic Ringtone 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Mail_Merge_Pro_(OS_X)_2.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Michelangelo Art 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Monkey Beach Demo Screensaver 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Mouz 1.00.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\MyTVPal_Player_5.3.152.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Nasser Exe2Swf 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Network Ping 1.0.0.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\NetworkGazer 1.0.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Nick Video Jigsaw Jam 1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\No One Lives Forever 2 A Spy in H.A.R.M.'s Way map pack 2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\One_Smart_Cookie_1.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\PassKeeper_2.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Peaceful_Rain_Demo_Screensaver_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Peacock Screensaver1 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\PEBundle 3.0.17.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Personal_Finance_1.1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Pic-Matic_1.0_(Key+Serial).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\PL.NOD32.2.51.30.PL.+.key.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Plexis_Serial_Barcode_Wedge_2.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Plugin Commander Light 1.52 Rev4.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Power_Phone_Book_Personal_Edition_1.61_[Crack].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\PQ_DVD_to_iPhone_Video_Converter_Suite_1.0_Build_01_[Cracked].zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Primasoft Text 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Proactive_System_Password_Recovery_4.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ProCon Latte 1.7.9.2.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Professional Renamer 2.45.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Recovozaur_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\RegView_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Richlaur Backgammon 1.0.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\ScreenWorks 3.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SDE for JDeveloper (CE) for Windows 3.3 Community Edition.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SecureBlackbox (VCL) 6.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Send2_for_Outlook_1.20.0456.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SNRemove_1.00.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Sophos.Enterprise.Console.v2.0.0.&.EM.Library.v1.3.0-ARN-Shared.by.koolman.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SpaceObServer 2.3.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Speed Reader 2.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Spider_3D_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Sporting Life 4 Screensaver.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SpyStudio_0.8.2b.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\StatsNET 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\STL WebMail Server 1.4.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\SweetMail_2.2r6.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\TakeItEasy 1.5.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\TeamTrax_Lite_1.1_(Crack).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Terrasoft_CRM_2.8.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\The Journal 4.0.0.127 (Crack).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\The_Complete_Guide_to_Internet_Marketing_1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\The_Leaf_Writer_2006.1_build_29.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Traylook_1.6.5_(Key+Serial).zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\TriviaFrog 1.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Tunebounce_1.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\uCertify_PrepKit_-_C220-601_A+_Essentials_8.00.05.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\UpdateIP_JumpGate_0.4.55_Beta.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\VirusScan.-.McAfee.-.VirusScan.2006.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Visendo_FaxServer_Standard_3.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Wallpaper_Wrangler_1.0.1.15.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\WebThumb 2005 release 5.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\WickedOrange Notes 0.1.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\WinContentFilter_2005_2.0.37.0.zip
Deleted ! - C:\Users\Jimmy\AppData\Roaming\m\shared\Word_Finder_Pro_1.0.zip
Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m\shared"
Deleted ! - "C:\Users\Jimmy\AppData\Roaming\m"

»»»» Supression files in C:\Users\Jimmy\AppData\Local\Temp


»»»» Supression files in C:\Users\Jimmy\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1UR628QG\b64_3[1].jpg
Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9WO3IAN4\b64[2].jpg
Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9WO3IAN4\b64_2[1].jpg
Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XT730OEU\b64_1[1].jpg
Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XT730OEU\WMPdd237293-cc04-4af7-8be5-78b647551c37[1]..jpg
Deleted ! - C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1CXCKZH\b64_2[1].jpg
Deleted ! - C:\Users\Jimmy\Desktop\MUSIQUE\Citizen Cope\The Clarence Greenwood Recordings\AlbumArt_{4C2779C1-1E02-4B64-9F35-9B9096DE2FD5}_Large.jpg
Deleted ! - C:\Users\Jimmy\Desktop\MUSIQUE\Citizen Cope\The Clarence Greenwood Recordings\AlbumArt_{4C2779C1-1E02-4B64-9F35-9B9096DE2FD5}_Small.jpg

--------------- [ Registry / Infected keys ] ----------------

Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Deleted ! - HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Deleted ! - HKEY_USERS\S-1-5-21-1290542435-382262474-971793042-1000\Software\Local AppWizard-Generated Applications\winfilse

--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Wlansvc - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2

WinDefend - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixe
E: - Lecteur fixe

+- deleting files :

Deleted ! - E:\autorun.inf

--------------- [ Registry / Mountpoint2 ] ----------------


-> Not found !


--------------- [ Searching Cracks / Keygen ] ----------------

C:\Users\Jimmy\Desktop\MUSIQUE\David Bowie\1983 - Ziggy Stardust The Motion Picture\09 - Cracked Actor.mp3
C:\Users\Jimmy\Desktop\MUSIQUE\David Bowie\1989 - Tin Machine\04 - Crack City.mp3


---------------- ! End of report ! ------------------
0
Réponse 3 / 9
totobetourne Messages postés 5677 Statut Membre 65
 
bonjour

surement infection bagle.fait les differents points dans l ordre.


1)pour vista si infection.

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection: IMPORTANT A NE SURTOUT PAS OUBLIER):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html




2) Télécharges FindyKill de Chiquitine29

Fais un clique droit sur le lien et choisis "enregistrer la cible sous ...." , destination le bureau .

http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe


Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils ) .

--> Entre dans le dossier " FindyKill "

Double clic sur " FindyKill.bat " (et pas sur autre chose!) pour lancer l'outil .

->choisis l'option 1 . Puis laisses travailler ...

Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )
0
Réponse 4 / 9
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
---> Réinstalle tes applications infectées (Message d'erreur win32).

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
0
jimmy
 
mon logo créative est réapparu dans la barre des taches et j'ai accés à mon dde, vous etes des chefs! :
voici les .txt, log puis info

Logfile of random's system information tool 1.04 (written by random/random)
Run by Jimmy at 2008-11-24 12:57:14
Microsoft® Windows Vista™ Professionnel Service Pack 1
System drive C: has 310 GB (65%) free of 477 GB
Total RAM: 2046 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:57:27, on 24/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\System32\CTHELPER.EXE
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y80NKQN\RSIT[1].exe
C:\Program Files\trend micro\Jimmy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
--> Télécharge UsbFix (de Chiquitine29) sur ton Bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe

--> Lance l'installation avec les paramètres par défaut.

--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.

--> Clique droit sur le raccourci UsbFix situé sur ton Bureau et choisis Exécuter en tant qu'administrateur.

--> Choisis l'option 1 (Nettoyage).

--> Le PC va redémarrer.

--> Après redémarrage, poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
0
jimmy
 
je vais faire ça cher destrio5 mais je pense que nous pouvons considérer le problème résolu! j'ai réinstallé AntiVir et il me scanne tout tranquilement... je suis super content vous êtes des chefs! la bise
(je poste mon rapport usbFix très bientot)
0
Réponse 6 / 9
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
Pour moi, retirer juste Bagle ne suffit pas.
0
jimmy
 
j'ai fait le scan usbfix, voici le rapport. dis moi si il y'a encore un risque :) encore merci




-------------- UsbFix V2.413 ---------------

* User : Jimmy - PC-DE-JIMMY
* Outils mis a jours le 23/11/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 15:06:22 le 24/11/2008
* Windows Vista - Internet Explorer 7.0.6001.18000


--------------- [ Processus actifs ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Jimmy\AppData\Local\Temp\E436.tmp\b2e.exe
C:\Windows\system32\conime.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe
E: - Lecteur fixe

--------------- [ Lecteur C ] ----------------

C: - Lecteur fixe

+- Listing des fichiers présents :

[18/09/2006 22:43][--a------] C:\autoexec.bat
[24/11/2008 12:38][--a------] C:\FindyKill.txt
[24/11/2008 12:38][--a------] C:\UsbFix.txt
[18/09/2006 22:43][--a------] C:\config.sys
[18/09/2006 22:43][--a------] C:\hiberfil.sys
[18/09/2006 22:43][--a------] C:\pagefile.sys

--------------- [ Lecteur E ] ----------------

E: - Lecteur fixe

+- Listing des fichiers présents :


--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

filehippo.com="C:\Program Files\filehippo.com\UpdateChecker.exe" /background
DAEMON Tools Lite="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
Orb="C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
eMuleAutoStart=C:\Program Files\eMule\emule.exe -AutoStart
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
RCSystem="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
AudioDrvEmulator="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
VolPanel="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
CTHelper=CTHELPER.EXE
UpdReg=C:\Windows\UpdReg.EXE
StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
CTxfiHlp=CTXFIHLP.EXE
SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
Logitech Hardware Abstraction Layer=KHALMNPR.EXE
Acrobat Assistant 8.0="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
<NO NAME>=
Adobe_ID0EYTHM=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
WinampAgent="C:\Program Files\Winamp\winampa.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{698d7ea2-b99c-11dd-b249-001fd0264aca}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b9681b6a-ba23-11dd-8f59-001fd0264aca}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ccbcbf81-a637-11dd-8034-806e6f6e6963}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e11c7a95-ab61-11dd-a5fb-001fd0264aca}\Shell\AutoRun\command

--------------- [ Nettoyage des disques ] ----------------


--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[18/09/2006 22:43][--a------] C:\autoexec.bat

--------------- ! Fin du rapport ! ----------------
0
Réponse 7 / 9
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
Reposte le rapport info de RSIT car il a bogué ;)
0
jimmy
 
info.txt logfile of random's system information tool 1.04 2008-11-24 12:57:28

======Uninstall list======

-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W /L:FRN
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAAE8EC2-2340-4D6E-A74D-07814046A11B}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAAE8EC2-2340-4D6E-A74D-07814046A11B}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEC86016-B796-4348-B93B-36C5EDEB85E1}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEC86016-B796-4348-B93B-36C5EDEB85E1}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DCCC08BD-FC52-4AEB-ACF8-6A5C06550468}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DCCC08BD-FC52-4AEB-ACF8-6A5C06550468}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x40c /remove
Add or Remove Adobe Creative Suite 3 Web Premium-->C:\Program Files\Common Files\Adobe\Installers\247961ef275e20c5cb073c36394ac32\Setup.exe
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Contribute CS3-->MsiExec.exe /I{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}
Adobe Creative Suite 3 Web Premium-->MsiExec.exe /I{C347D234-93D8-4595-BDAA-C04638B23B48}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop 7.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Setup-->MsiExec.exe /I{6A5D1A94-624A-4D20-B178-3A283B500370}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
ArmA Queen's Gambit Uninstall-->C:\Program files\Bohemia Interactive\ArmA\UnInstallQG.exe
ArmA Uninstall-->C:\Program files\Bohemia Interactive\ArmA\UnInstall.exe
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
BattlEye Uninstall-->C:\Program files\Bohemia Interactive\ArmA\BattlEye\UnInstallBE.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{FA3A247D-437A-455E-A88F-7EB6E5F9E799}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Creative Audio Console-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x40c /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Energy Saver Advance B8.0610.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7ED169D4-5053-4166-93DF-53B12AE6C539}\setup.exe" -l0x9 -removeonly
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x40c -removeonly
FEAR Perseus Mandate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B15759F-B7A0-400C-9A5E-634C9D0871CE}\setup.exe" -l0x40c -removeonly
filehippo.com Update Checker-->"C:\Program Files\filehippo.com\uninstall.exe"
Filzip 3.06-->"C:\Program Files\Filzip\unins000.exe"
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HydraVision-->MsiExec.exe /X{A434533D-989F-0440-1D1F-A784F64E15F3}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Jupiter-8V Demo 1.1-->"C:\Program Files\Arturia\Jupiter-8V\unins000.exe"
KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x40c UNINSTALL
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly
Ma-Config.com-->MsiExec.exe /X{49C3F7D7-215F-47D7-A93B-E9FC772A5E96}
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0.0.18)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Propriétés de Creative Sound Blaster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x40c /remove
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.EXE -runfromtemp -l0x040c -removeonly
Reason 4.0-->"C:\Program Files\Propellerhead\Reason\Uninstall Reason\unins000.exe"
Sound Blaster X-Fi-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\SETUP.EXE" -l0x40c /remove
TransMac version 8.1-->"C:\Program Files\TransMac\unins000.exe"
VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2}

======Security center information======

AS: Avira AntiVir PersonalEdition (outdated)
AS: Windows Defender

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE

-----------------EOF-----------------


Logfile of random's system information tool 1.04 (written by random/random)
Run by Jimmy at 2008-11-24 12:57:14
Microsoft® Windows Vista™ Professionnel Service Pack 1
System drive C: has 310 GB (65%) free of 477 GB
Total RAM: 2046 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:57:27, on 24/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\System32\CTHELPER.EXE
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y80NKQN\RSIT[1].exe
C:\Program Files\trend micro\Jimmy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
0
Réponse 8 / 9
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
1/

- eMule

---> Par rapport au P2P :
http://www.libellules.ch/...


2/

---> Désinstalle les programmes suivants :
- DAEMON Tools Toolbar
- FindyKill
- Java 6 Update 7
- UsbFix

---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp


3/

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
0
jimmy
 
merci pour les infos sur P2P mais je télécharge que très rarement^^
voici le rapport de Malwarebytes, il me semble cool:

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1419
Windows 6.0.6001 Service Pack 1

24/11/2008 15:34:23
mbam-log-2008-11-24 (15-34-23).txt

Type de recherche: Examen rapide
Eléments examinés: 42157
Temps écoulé: 2 minute(s), 39 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 9 / 9
Destrio5 Messages postés 99820 Statut Modérateur 10 304
 
---> Supprime le dossier RSIT situé dans C:\

---> Refais un scan RSIT et poste les deux rapports.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Mac comment taper l'inverse d'un slash (/) ?
caldu -
@Adriendu10_MC sur Twitter -

12 réponses
Comment taper le anti slash?
Flagadatof -
SANG -

26 réponses
comment obtenir un slash inversé ?
Quynh-Anh -
Quynh-Anh -

5 réponses