Virus or not Virus?Rapport hijackthis joint

Quelqu'un saurait quelque chose svp?

Bonjour,

AVG Anti-Spyware n'est plus mis à jour, il est donc obsolète.


1/

Relance HijackThis.

Choisis Do a system scan only.

Coche les cases qui sont devant les lignes suivantes :

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,D:\DOCUME~1\Nader\LOCALS~1\Temp\winlogon.exe

F3 - REG:win.ini: run=

O2 - BHO: (no name) - {228E6BE4-B3E8-411B-B142-BBEBF27E6369} - D:\WINDOWS\system32\cbXRIXom.dll (file missing)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

Ferme HijackThis.


2/

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Nader at 2009-12-03 14:29:46
WIN_XP Service Pack 2
System drive D: has 19 GB (29%) free of 64 GB
Total RAM: 958 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:29:50, on 03/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\Mixer.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\a-squared Free\a2service.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Documents and Settings\Nader\Bureau\RSIT.exe
D:\Documents and Settings\Nader\Bureau\Nader.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - D:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [svchost.exe] D:\WINDOWS\system32\svchost.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-21-842925246-1383384898-725345543-1003\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUpload...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - D:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1c9f266f342bfd6) (gupdate1c9f266f342bfd6) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

--
End of file - 6771 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5ab669665ac6.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38D3FE60-3D53-4F37-BB0E-C7A97A26A156}]
CInterceptor Object - D:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll [2008-05-09 577536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - D:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - D:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-02-07 352256]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - D:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-03-29 79224]
"C-Media Mixer"=Mixer.exe /startup []
"svchost.exe"=D:\WINDOWS\system32\svchost [2009-12-02 24427]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=D:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2006-03-22 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
D:\WINDOWS\system32\cbXRIXom

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSMHelp"=01000000
"NoLogoff"=0
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoActiveDesktop"=0
"NoToolbarCustomize"=0
"LockTaskbar"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\World of Warcraft\WoW-1.12.0-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-1.12.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe"="D:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Program Files\World of Warcraft\WoW-2.0.3-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.3-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.7.6383-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.7.6383-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Program Files\VideoLAN\VLC\vlc.exe"="D:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"D:\Program Files\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Program Files\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Program Files\PPStream\PPStream.exe"="D:\Program Files\PPStream\PPStream.exe:*:Enabled PStream"
"D:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.12.6546-frFR-downloader.exe"="D:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.12.6546-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\WINDOWS\system32\dpvsetup.exe"="D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\WINDOWS\system32\rundll32.exe"="D:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"D:\Program Files\FlashGet\flashget.exe"="D:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"D:\Program Files\Freeplayer\vlc\vlc.exe"="D:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"D:\Program Files\UUSee\UUSeePlayer.exe"="D:\Program Files\uusee\UUSeePlayer.exe:*:Enabled:UUPlayer"
"D:\Program Files\PPMate\ppmate.exe"="D:\Program Files\PPMate\ppmate.exe:*:Enabled PMate"
"D:\Program Files\PPMate\ppmnet.exe"="D:\Program Files\PPMate\ppmnet.exe:*:Enabled PMate"
"D:\Program Files\TVAnts\Tvants.exe"="D:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
"D:\Program Files\UUSee\UURecorder.exe"="D:\Program Files\UUSee\UURecorder.exe:*:Enabled:UUSEE"
"D:\Program Files\SopCast\SopCast.exe"="D:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"D:\Documents and Settings\Nader\Application Data\SopCast\adv\SopAdver.exe"="D:\Documents and Settings\Nader\Application Data\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"D:\Program Files\Ratajik Software\StationRipper\StationRipperConsole.exe"="D:\Program Files\Ratajik Software\StationRipper\StationRipperConsole.exe:*:Enabled:StationRipperConsole"
"D:\Program Files\TVUPlayer\TVUPlayer.exe"="D:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVU Player Component"
"D:\Program Files\World of Warcraft\BackgroundDownloader.exe"="D:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:uTorrent"
"D:\PROGRA~1\PPMate\PPMate\ppmate.exe"="D:\PROGRA~1\PPMate\PPMate\ppmate.exe:*:Enabled:Share Streaming"
"D:\Program Files\Steam\steamapps\boubouabou\counter-strike\hl.exe"="D:\Program Files\Steam\steamapps\boubouabou\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\Steam\steamapps\boubouabou\condition zero\hl.exe"="D:\Program Files\Steam\steamapps\boubouabou\condition zero\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\Windows Media Player\wmplayer.exe"="D:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Lecteur Windows Media"
"D:\Program Files\SopCast\adv\SopAdver.exe"="D:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"D:\Program Files\eMule\emule.exe"="D:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"D:\Documents and Settings\Nader\Bureau\emule.exe"="D:\Documents and Settings\Nader\Bureau\emule.exe:*:Enabled:eMule"
"D:\Program Files\Internet Explorer\iexplore.exe"="D:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"D:\Program Files\Advanced System Optimizer\adblock.exe"="D:\Program Files\Advanced System Optimizer\adblock.exe:*:Enabled:Ad and Popup Blocker.lnk"
"D:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="D:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled ro Evolution Soccer 2008"
"D:\Documents and Settings\Nader\Bureau\PES2008.exe"="D:\Documents and Settings\Nader\Bureau\PES2008.exe:*:Enabled ro Evolution Soccer 2008"
"D:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="D:\Program Files\Veoh Networks\Veoh\VeohClient.exe:* isabled:Veoh Client"
"D:\Documents and Settings\Nader\Local Settings\Temp\Rar$EX00.782\PES2008.exe"="D:\Documents and Settings\Nader\Local Settings\Temp\Rar$EX00.782\PES2008.exe:*:Enabled ro Evolution Soccer 2008"
"D:\DOCUME~1\Nader\LOCALS~1\Temp\winlogon.exe"="D:\DOCUME~1\Nader\LOCALS~1\Temp\winlogon.exe:*:Enabled:Streams Drivers"
"D:\Program Files\Counter-Strike Source\hl2.exe"="D:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"D:\Program Files\Pando Networks\Pando\pando.exe"="D:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled ando Application"
"D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"D:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="D:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled ro Evolution Soccer 2009"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Documents and Settings\Nader\Local Settings\Temp\pes2010.exe"="D:\Documents and Settings\Nader\Local Settings\Temp\pes2010.exe:*:Enabled ro Evolution Soccer 2010"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Windows Live\Messenger\wlcsdk.exe"="D:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="D:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b5c380a-a0fd-11dc-8de3-001109ba809c}]
shell\AutoRun\command - K:\start.exe
shell\iledefrance\command - K:\start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74a4a11d-fc43-11dd-9090-0011675eeb03}]
shell\AutoRun\command - K:\start.exe
shell\iledefrance\command - K:\start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf91a856-8588-11dc-8d8e-001109ba809c}]
shell\AutoRun\command - J:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed740006-191d-11dd-8efb-001109ba809c}]
shell\AutoRun\command - K:\qh.com
shell\explore\command - K:\qh.com
shell\open\command - K:\qh.com


======File associations======

.reg - open -

======List of files/folders created in the last 1 months======

2009-12-03 14:29:45 ----D---- D:\rsit
2009-12-03 05:16:40 ----A---- D:\WINDOWS\OEWABLog.txt
2009-12-01 17:26:35 ----D---- D:\Documents and Settings\Nader\Application Data\QuickScan
2009-12-01 17:10:57 ----A---- D:\WINDOWS\setuplog.txt
2009-12-01 12:24:05 ----RA---- D:\WINDOWS\system32\cmnprop.dll
2009-12-01 12:24:05 ----RA---- D:\WINDOWS\mixer.exe
2009-12-01 12:08:19 ----RA---- D:\WINDOWS\SET26.tmp
2009-12-01 11:58:53 ----RA---- D:\WINDOWS\system32\Audio3D.dll
2009-12-01 11:58:53 ----RA---- D:\WINDOWS\cmuninst.exe
2009-11-17 21:57:26 ----A---- D:\WINDOWS\system32\MSVBVM60.dll
2009-11-17 21:56:06 ----A---- D:\WINDOWS\system32\bibliotheques-msvbvm60-dll_bibliotheques_msvbvm60.dll_francais_13454.DLL
2009-11-17 21:30:12 ----D---- D:\Program Files\KONAMI

======List of files/folders modified in the last 1 months======

2009-12-03 14:25:27 ----D---- D:\Program Files\Mozilla Firefox
2009-12-03 06:07:25 ----D---- D:\WINDOWS
2009-12-03 06:05:57 ----D---- D:\WINDOWS\Temp
2009-12-03 05:59:18 ----HD---- D:\WINDOWS\inf
2009-12-03 05:36:38 ----SHD---- D:\RECYCLER
2009-12-03 05:23:17 ----D---- D:\WINDOWS\system32\CatRoot2
2009-12-03 05:15:34 ----AD---- D:\Documents and Settings
2009-12-01 17:59:18 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-01 17:57:51 ----D---- D:\Program Files\a-squared Free
2009-12-01 12:46:47 ----D---- D:\WINDOWS\system32\drivers
2009-12-01 12:46:46 ----D---- D:\WINDOWS\system32
2009-12-01 12:24:05 ----D---- D:\WINDOWS\system
2009-12-01 12:11:28 ----AC---- D:\WINDOWS\mixerdef.ini
2009-12-01 12:08:13 ----D---- D:\WINDOWS\system32\ReinstallBackups
2009-12-01 11:18:34 ----D---- D:\Program Files\Lavalys
2009-12-01 11:01:39 ----AC---- D:\WINDOWS\win.ini
2009-12-01 11:01:39 ----AC---- D:\WINDOWS\system.ini
2009-12-01 11:01:23 ----D---- D:\WINDOWS\pss
2009-11-26 17:43:02 ----D---- D:\Program Files\Everest Poker
2009-11-26 12:37:06 ----D---- D:\Documents and Settings\Nader\Application Data\uTorrent
2009-11-17 21:41:16 ----SHD---- D:\WINDOWS\Installer
2009-11-17 21:30:12 ----D---- D:\Documents and Settings\All Users\Application Data\KONAMI
2009-11-17 21:30:12 ----AD---- D:\Program Files
2009-11-06 00:45:50 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2009-11-06 00:42:14 ----RSHDC---- D:\WINDOWS\system32\dllcache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2008-03-29 26944]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 75856]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2008-03-29 42912]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; D:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 avgio;avgio; \??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-27 75072]
R1 cpuidlep;CpuIdle Pro System Driver; D:\WINDOWS\system32\drivers\cpuidlep.sys [2007-04-19 4484]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2008-03-29 94544]
R2 fssfltr;FssFltr; D:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-22 1522688]
R3 avgntflt;avgntflt; \??\D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 BlueletAudio;Bluetooth Audio Service; D:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; D:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 BT;Bluetooth PAN Network Adapter; D:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-09-29 9696]
R3 BTHidEnum;Bluetooth HID Enumerator; D:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-29 11988]
R3 cmpci;C-Media PCI Audio Driver (WDM); D:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Pilote HID de souris; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-24 5888]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Concentrateur USB2; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbstor;Pilote de stockage de masse USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 VComm;Virtual Serial port driver; D:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; D:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 Arp1394;Protocole client ARP 1394; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-03 60800]
S3 asl2b2kl;asl2b2kl; D:\WINDOWS\system32\drivers\asl2b2kl.sys []
S3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2008-03-29 23152]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; D:\WINDOWS\System32\Drivers\btcusb.sys [2005-07-29 23000]
S3 CCDECODE;Décodeur sous-titre fermé; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cmuda3;C-Media PCI Audio Interface; D:\WINDOWS\system32\drivers\cmuda3.sys [2004-06-18 798592]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 driverhardwarev2;driverhardwarev2; \??\D:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 hidgame;Activateur de port HID à manette de jeu Microsoft; D:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; D:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; D:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;Pilote réseau 1394; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-03 61824]
S3 ovt519;Eye Toy; D:\WINDOWS\System32\Drivers\ov519vid.sys [2003-10-15 174530]
S3 SLIP;Détrameur décalage BDA; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; D:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbaudio;Pilote USB audio (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 Wdf01000;Wdf01000; D:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;Codec Teletext standard; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; D:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-08-28 55808]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; D:\Program Files\a-squared Free\a2service.exe [2009-12-01 1858144]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-25 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-25 151297]
R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-03-29 17272]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2006-03-22 405504]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 Bonjour Service;Service Bonjour; D:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 StarWindServiceAE;StarWind AE Service; D:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-03-29 144760]
S2 gupdate1c9f266f342bfd6;Service Google Update (gupdate1c9f266f342bfd6); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-21 133104]
S2 SeaPort;SeaPort; D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-03-29 247160]
S3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-03-29 345464]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 fsssvc;Windows Live Contrôle parental; D:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S4 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2006-03-17 520192]

-----------------EOF-----------------

CE QUI SUIT EST L4INFO TEXTE

info.txt logfile of random's system information tool 1.06 2009-12-03 14:29:53

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
AbiWord 2.7.4-->D:\Program Files\AbiWord\UninstallAbiWord2.exe
Actionaz 2.0.7.2-->"D:\Program Files\Jmgr.info\Actionaz 2\unins000.exe"
Adobe Flash Player 10 Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->D:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE D:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Advanced WindowsCare Personal 2.6.0-->"D:\Program Files\IObit\Advanced WindowsCare V2\unins000.exe"
AnalogX Virtual Piano-->D:\Program Files\AnalogX\VPiano\vpianou.exe
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
Arovax AntiSpyware 2.1.153-->D:\Program Files\Arovax AntiSpyware\uninst.exe
a-squared Free 3.5-->"D:\Program Files\a-squared Free\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI Display Driver-->rundll32 D:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class ISPLAY -clean
avast! Antivirus-->D:\Program Files\Alwil Software\Avast4\aswRunDll.exe "D:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG Anti-Spyware 7.5-->D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Avira AntiVir Personal - Free Antivirus-->D:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BlueSoleil-->MsiExec.exe /X{57D5CF00-60C0-43AB-80CD-84D0EB1BBE39}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner (remove only)-->"D:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
C-Media WDM Audio Driver-->D:\WINDOWS\system32\CMRMDRV3.exe
Correctif Explorer 2.0-->"D:\Program Files\Correctif Explorer\unins000.exe"
Counter-Strike: Source-->D:\Program Files\Counter-Strike Source\Uninst.exe
DivX Codec 3.1alpha release-->D:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 D:\WINDOWS\INF\DivX.inf
DivX Web Player-->D:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
D-Link VGA Webcam-->D:\WINDOWS\CleanDev.exe D:\WINDOWS\ov519.TXT
EA SPORTS online 2008-->D:\Program Files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
eMule-->"D:\Program Files\eMule\Uninstall.exe"
EVEREST Home Edition v2.20-->"D:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Everest Poker (Remove Only)-->D:\Program Files\Everest Poker\cstart.exe /uninstall
EVEREST Ultimate Edition v4.00-->"D:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
FIFA 08-->MsiExec.exe /X{0A2A5039-B37F-489D-B1DC-A5258DF9E697}
Freeplayer-->D:\Program Files\Freeplayer\Uninstall.exe
FreeUndelete-->D:\Program Files\FreeUndelete\GLF3F.exe /handle:fru
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
GoldWave v5.22-->"D:\Program Files\GoldWave\unstall.exe" "GoldWave v5.22" "D:\Program Files\GoldWave\unstall.log"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Guitar Pro 5.0-->"D:\Program Files\Guitar Pro 5\unins000.exe"
HijackThis 2.0.2-->"D:\Documents and Settings\Nader\Bureau\HijackThis.exe" /uninstall
Installation Windows Live-->D:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
iPod for Windows 2006-01-10-->D:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1036
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Java DB 10.3.1.4-->MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C59E29B5D02}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) SE Development Kit 6 Update 5-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160050}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Jitbit Macro Recorder-->MsiExec.exe /I{2D57FB4E-6277-4A6D-8739-304C38051B89}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Ma-Config.com plugin-->MsiExec.exe /I{D2D7529F-6B55-4C1C-BC9C-D6F1BCC066B6}
MemTurbo-->D:\WINDOWS\IsUninst.exe -f"D:\Program Files\Silicon Prairie Software\MemTurbo\Uninst.isu"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live & Sponsor (CiD)-->"D:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"D:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mise à jour de sécurité pour Windows XP (KB923789)-->D:\WINDOWS\system32\MacroMed\Flash\genuinst.exe D:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938829)-->"D:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.15)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Firefox (3.0b2)-->D:\Program Files\Mozilla Firefox 3 Beta 2\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
newObjects ActiveX Pack1 Family v.2.5.0-->D:\Program Files\newObjects\AXPack1\ALPInstall.exe /u AXPack1Uninst.cfg
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->D:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Pando-->MsiExec.exe /I{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}
PCI Audio Driver-->cmuninst.exe
Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}
Pro Evolution Soccer 2010-->MsiExec.exe /X{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RAM Idle LE-->"D:\Program Files\RAM Idle LE\unins000.exe"
RamBoost XP 4.0.6-->"D:\Program Files\RamBoost XP\unins000.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sony Eyetoy USB Webcam Drivers and Software-->"D:\Program Files\SEUCDaS\0.8\unins002.exe"
SopCast 2.0.4-->D:\Program Files\SopCast\uninst.exe
Spybot - Search & Destroy 1.4-->"D:\Program Files\Spybot - Search & Destroy\unins000.exe"
StationRipper 2.82-->D:\Program Files\Ratajik Software\StationRipper\uninstall-StationRipper.exe
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
TeamSpeak 2 RC2-->"D:\Program Files\Teamspeak2_RC2\unins000.exe"
Totalidea RAM-Disk Driver-->MsiExec.exe /I{C184D1AB-53A1-42D9-9ECA-109F6DEE8EF3}
TVAnts 1.0-->D:\PROGRA~1\TVAnts\UNWISE.EXE D:\PROGRA~1\TVAnts\INSTALL.LOG
UxTheme Multipatcher Fr-->D:\Program Files\UxTheme Multipatcher Fr\uninstall.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VeohTV BETA-->D:\Program Files\InstallShield Installation Information\{D1B11537-EA51-4DD8-BF1E-098BEE48868D}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6d-->D:\Program Files\VideoLAN\VLC\uninstall.exe
Virtual DJ - Atomix Productions-->D:\PROGRA~1\VIRTUA~1\UNWISE.EXE D:\PROGRA~1\VIRTUA~1\INSTALL.LOG
VobSub v2.05 (Remove Only)-->"D:\Program Files\Gabest\VobSub\uninstall.exe"
VTTV 1.0.1-->D:\Program Files\VTTV\uninst.exe
Windows Imaging Component-->"D:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
WinSCP 4.1.9-->"D:\Program Files\WinSCP\unins000.exe"
World of Warcraft-->D:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Wow Cartographe 1.07-->D:\Program Files\WowCartographe\uninst.exe
xp-AntiSpy 3.96-4-->D:\Program Files\xp-AntiSpy\Uninstall.exe
YesMessenger 2.2.30-->"D:\Program Files\YesMessenger\unins000.exe"

=====HijackThis Backups=====

F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe,D:\DOCUME~1\Nader\LOCALS~1\Temp\winlogon.exe [2009-12-03]
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-12-03]
O2 - BHO: (no name) - {228E6BE4-B3E8-411B-B142-BBEBF27E6369} - D:\WINDOWS\system32\cbXRIXom.dll (file missing) [2009-12-03]
F3 - REG:win.ini: run= [2009-12-03]
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) [2009-12-03]

======Hosts File======

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

Securitycenter WMI appears to be broken

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;D:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 31 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=1f00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;D:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=D:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

Il ne faut avoir qu'un seul antivirus, je te conseille de garder AntiVir.

Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

Double-clique sur UsbFix pour l'exécuter.

Choisis l'option 1 (Recherche).

Laisse travailler l'outil.

Poste le rapport UsbFix.txt.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

je n'utilise rien qui se branche en externe appart un iphone ... comment je règle le problème de process.exe?(ece cela qui fait que mon son marche pas, copier coller non plus, mannette de jeu non plus etc?)

############################## | UsbFix V6.059 |


############################## | Processus actifs |

D:\WINDOWS\System32\smss.exe 688
D:\WINDOWS\system32\csrss.exe 752
D:\WINDOWS\system32\winlogon.exe 780
D:\WINDOWS\system32\services.exe 824
D:\WINDOWS\system32\lsass.exe 836
D:\WINDOWS\system32\Ati2evxx.exe 992
D:\WINDOWS\System32\svchost.exe 1068
D:\WINDOWS\system32\svchost.exe 1228
D:\WINDOWS\system32\svchost.exe 1272
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1300
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe 1316
D:\WINDOWS\system32\Ati2evxx.exe 1420
D:\WINDOWS\Explorer.EXE 1488
D:\WINDOWS\Mixer.exe 1680
D:\Program Files\Windows Live\Messenger\msnmsgr.exe 1696
D:\Program Files\a-squared Free\a2service.exe 588
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe 628
D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 640
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 304
D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe 728
D:\Program Files\Bonjour\mDNSResponder.exe 756
D:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 1064
D:\Program Files\Mozilla Firefox\firefox.exe 1780

################## | Fichiers # Dossiers infectieux |


################## | Spyware.OnlineGames |


################## | Registre # Clés infectieuses |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{2b5c380a-a0fd-11dc-8de3-001109ba809c}
Shell\AutoRun\command =K:\start.exe
Shell\iledefrance\command =K:\start.exe

HKCU\..\..\Explorer\MountPoints2\{74a4a11d-fc43-11dd-9090-0011675eeb03}
Shell\AutoRun\command =K:\start.exe
Shell\iledefrance\command =K:\start.exe

HKCU\..\..\Explorer\MountPoints2\{bf91a856-8588-11dc-8d8e-001109ba809c}
Shell\AutoRun\command =J:\autorun.exe

HKCU\..\..\Explorer\MountPoints2\{ed740006-191d-11dd-8efb-001109ba809c}
Shell\AutoRun\command =K:\qh.com
Shell\explore\Command =K:\qh.com
Shell\open\Command =K:\qh.com

################## | Cracks / Keygens / Serials |

"D:\Program Files\Java\jdk1.6.0_05\bin\serialver.exe"
22/02/2008 02:12 |Size 25600 |Crc32 fd453e20 |Md5 d6ec9456324a57b68b206d2f91277882

"D:\Documents and Settings\Nader\Mes documents\Downloads\Pro Evolution Soccer 2010 Crack Only & Serial Keys.zip"
-> Contain : Pro Evolution Soccer 2010 Crack Only & Serial Keys\pes2010.exe

"D:\Documents and Settings\Nader\Mes documents\eMule Downloads\Incoming\keygen pes 2009 serial cds.zip"
-> Contain : 22_gui_5.exe 6439936 DFLT-N 36% 4146437 14-10-2008 03:48:58 48e5d940


################## | ! Fin du rapport # UsbFix V6.059 ! |

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

Double-clique sur UsbFix présent sur ton Bureau pour le lancer.

Choisis l'option 2 (Suppression).

Ton Bureau disparaîtra et le PC redémarrera.

Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.

Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

############################## | UsbFix V6.059 |


############################## | Processus actifs |

D:\WINDOWS\System32\smss.exe 688
D:\WINDOWS\system32\csrss.exe 752
D:\WINDOWS\system32\winlogon.exe 780
D:\WINDOWS\system32\services.exe 824
D:\WINDOWS\system32\lsass.exe 836
D:\WINDOWS\system32\Ati2evxx.exe 992
D:\WINDOWS\System32\svchost.exe 1068
D:\WINDOWS\system32\svchost.exe 1228
D:\WINDOWS\system32\svchost.exe 1264
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1284
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe 1300
D:\WINDOWS\system32\Ati2evxx.exe 1472
D:\WINDOWS\Explorer.EXE 1552

################## | Fichiers # Dossiers infectieux |


################## | Spyware.OnlineGames |


################## | Registre # Clés infectieuses |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{2b5c380a-a0fd-11dc-8de3-001109ba809c}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{74a4a11d-fc43-11dd-9090-0011675eeb03}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{bf91a856-8588-11dc-8d8e-001109ba809c}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{ed740006-191d-11dd-8efb-001109ba809c}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[18/04/2007 12:37|--a------|2] C:\-1471302155
[16/12/2006 18:54|--a------|0] C:\AUTOEXEC.BAT
[11/06/2007 14:24|--a------|140] C:\baseclasses.log
[01/12/2009 12:32|-rahs----|439] C:\boot.ini
[24/08/2001 17:00|-rahs----|4952] C:\Bootfont.bin
[16/12/2006 18:54|--a------|0] C:\CONFIG.SYS
[07/11/2007 07:00|--a------|17734] C:\eula.1028.txt
[07/11/2007 07:00|--a------|17734] C:\eula.1031.txt
[07/11/2007 07:00|--a------|10134] C:\eula.1033.txt
[07/11/2007 07:00|--a------|17734] C:\eula.1036.txt
[07/11/2007 07:00|--a------|17734] C:\eula.1040.txt
[07/11/2007 07:00|--a------|118] C:\eula.1041.txt
[07/11/2007 07:00|--a------|17734] C:\eula.1042.txt
[07/11/2007 07:00|--a------|17734] C:\eula.2052.txt
[07/11/2007 07:00|--a------|17734] C:\eula.3082.txt
[07/11/2007 07:00|--a------|1110] C:\globdata.ini
[07/11/2007 07:03|--a------|562688] C:\install.exe
[07/11/2007 07:00|--a------|843] C:\install.ini
[07/11/2007 07:03|--a------|76304] C:\install.res.1028.dll
[07/11/2007 07:03|--a------|96272] C:\install.res.1031.dll
[07/11/2007 07:03|--a------|91152] C:\install.res.1033.dll
[07/11/2007 07:03|--a------|97296] C:\install.res.1036.dll
[07/11/2007 07:03|--a------|95248] C:\install.res.1040.dll
[07/11/2007 07:03|--a------|81424] C:\install.res.1041.dll
[07/11/2007 07:03|--a------|79888] C:\install.res.1042.dll
[07/11/2007 07:03|--a------|75792] C:\install.res.2052.dll
[07/11/2007 07:03|--a------|96272] C:\install.res.3082.dll
[16/12/2006 18:54|-rahs----|0] C:\IO.SYS
[13/04/2008 13:52|--a------|9082515] C:\log_fs.log
[16/12/2006 18:54|-rahs----|0] C:\MSDOS.SYS
[04/08/2004 01:38|-rahs----|47564] C:\NTDETECT.COM
[04/08/2004 01:59|-rahs----|251712] C:\ntldr
[05/01/2007 15:56|--a------|7218088] C:\psa30se_fr_fr.exe
[07/11/2007 07:00|--a------|5686] C:\vcredist.bmp
[07/11/2007 07:09|--a------|1442522] C:\VC_RED.cab
[07/11/2007 07:12|--a------|232960] C:\VC_RED.MSI
[?|?|?] D:\hiberfil.sys
[?|?|?] D:\pagefile.sys
[04/12/2009 21:19|--a------|3427] D:\UsbFix.txt
[28/12/2007 13:28|--a------|4] D:\WINDOWSRegDefrag.dat

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# W:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |

"D:\Program Files\Java\jdk1.6.0_05\bin\serialver.exe"
22/02/2008 02:12 |Size 25600 |Crc32 fd453e20 |Md5 d6ec9456324a57b68b206d2f91277882

"D:\Documents and Settings\Nader\Mes documents\Downloads\Pro Evolution Soccer 2010 Crack Only & Serial Keys.zip"
-> Contain : Pro Evolution Soccer 2010 Crack Only & Serial Keys\pes2010.exe

"D:\Documents and Settings\Nader\Mes documents\eMule Downloads\Incoming\keygen pes 2009 serial cds.zip"
-> Contain : 22_gui_5.exe 6439936 DFLT-N 36% 4146437 14-10-2008 03:48:58 48e5d940


################## | ! Fin du rapport # UsbFix V6.059 ! |

Relance UsbFix et choisis l'option 5 pour le désinstaller.

Télécharge Lop S&D (par Eric_71) sur ton Bureau.

Puis double-clique sur Lop S&D présent sur ton Bureau.
(Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)

Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).

Patiente jusqu'à la fin du scan.

Poste le rapport généré (C:\lopR.txt).

Je ne suis pas chez moi mais des que je rentre je te tiens au courant...gentil de maider en tout cas!

--------------------\\ Lop S&D 4.2.5-0 XP/Vista


"D:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 05/12/2009|11:27 )

--------------------\\ Listing des dossiers dans APPLIC~1

[21/02/2007|10:38] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[28/08/2009|15:19] D:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[01/04/2009|19:46] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[28/08/2009|17:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/03/2007|19:03] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[23/03/2008|11:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Arovax
[12/10/2008|17:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[04/07/2008|01:03] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[19/04/2007|12:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/10/2007|18:05] D:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
[14/10/2007|22:49] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[14/10/2007|22:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[17/11/2009|21:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\KONAMI
[01/05/2007|20:56] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[08/03/2009|13:43] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/10/2007|18:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\New Owns Safe Surf
[01/12/2009|17:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[14/10/2007|22:37] D:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[16/03/2007|17:49] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/02/2008|23:48] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[21/02/2007|10:38] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[20/11/2007|13:24] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/02/2008|12:12] D:\DOCUME~1\Nader\APPLIC~1\Adobe
[21/10/2007|00:28] D:\DOCUME~1\Nader\APPLIC~1\ALLCapture
[28/08/2009|17:41] D:\DOCUME~1\Nader\APPLIC~1\Apple Computer
[17/05/2007|21:16] D:\DOCUME~1\Nader\APPLIC~1\ConvertTemp
[11/10/2008|15:38] D:\DOCUME~1\Nader\APPLIC~1\DAEMON Tools
[10/02/2008|12:14] D:\DOCUME~1\Nader\APPLIC~1\eMule
[18/04/2007|00:15] D:\DOCUME~1\Nader\APPLIC~1\Google
[27/02/2008|00:03] D:\DOCUME~1\Nader\APPLIC~1\Grisoft
[09/06/2008|00:59] D:\DOCUME~1\Nader\APPLIC~1\Help
[21/02/2007|10:42] D:\DOCUME~1\Nader\APPLIC~1\Identities
[31/05/2007|19:35] D:\DOCUME~1\Nader\APPLIC~1\Lavasoft
[01/03/2008|15:55] D:\DOCUME~1\Nader\APPLIC~1\ma-config.com
[21/02/2007|10:48] D:\DOCUME~1\Nader\APPLIC~1\Macromedia
[13/03/2009|19:18] D:\DOCUME~1\Nader\APPLIC~1\Microsoft
[06/12/2008|22:04] D:\DOCUME~1\Nader\APPLIC~1\Mozilla
[29/04/2007|19:17] D:\DOCUME~1\Nader\APPLIC~1\PPMate
[16/09/2007|15:01] D:\DOCUME~1\Nader\APPLIC~1\ppstream
[01/12/2009|17:28] D:\DOCUME~1\Nader\APPLIC~1\QuickScan
[08/11/2007|19:10] D:\DOCUME~1\Nader\APPLIC~1\Samsung
[23/08/2007|20:15] D:\DOCUME~1\Nader\APPLIC~1\Screenshot Sender
[15/10/2007|18:33] D:\DOCUME~1\Nader\APPLIC~1\secondexitford
[09/12/2007|20:31] D:\DOCUME~1\Nader\APPLIC~1\SopCast
[07/11/2007|20:27] D:\DOCUME~1\Nader\APPLIC~1\Styler
[21/02/2007|10:56] D:\DOCUME~1\Nader\APPLIC~1\Sun
[15/12/2007|20:50] D:\DOCUME~1\Nader\APPLIC~1\Systweak
[01/08/2008|14:25] D:\DOCUME~1\Nader\APPLIC~1\teamspeak2
[30/06/2007|19:59] D:\DOCUME~1\Nader\APPLIC~1\Temporary
[30/06/2007|19:59] D:\DOCUME~1\Nader\APPLIC~1\TransRender
[26/11/2009|12:37] D:\DOCUME~1\Nader\APPLIC~1\uTorrent
[25/04/2007|21:33] D:\DOCUME~1\Nader\APPLIC~1\vlc
[23/11/2008|22:50] D:\DOCUME~1\Nader\APPLIC~1\XnView

[21/02/2007|10:40] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[03/12/2009|05:17] D:\DOCUME~1\Paco\APPLIC~1\Adobe
[03/12/2009|05:16] D:\DOCUME~1\Paco\APPLIC~1\Identities
[03/12/2009|05:17] D:\DOCUME~1\Paco\APPLIC~1\Macromedia
[03/12/2009|05:30] D:\DOCUME~1\Paco\APPLIC~1\Microsoft
[03/12/2009|05:17] D:\DOCUME~1\Paco\APPLIC~1\Mozilla


--------------------\\ Tâches planifiées dans D:\WINDOWS\tasks

[01/11/2009 06:44][--a------] D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca5ab669665ac6.job
[28/08/2009 15:16][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/05/2007 00:49][--ah-----] D:\WINDOWS\tasks\SA.DAT
[24/08/2001 17:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans D:\Program Files

[19/06/2009|11:50] D:\Program Files\AbiWord
[01/04/2009|19:46] D:\Program Files\Adobe
[12/01/2008|11:49] D:\Program Files\Advanced System Optimizer
[28/10/2007|20:07] D:\Program Files\Alcohol Soft
[27/05/2007|12:41] D:\Program Files\Alwil Software
[27/03/2008|14:24] D:\Program Files\AnalogX
[28/08/2009|15:16] D:\Program Files\Apple Software Update
[04/05/2009|20:25] D:\Program Files\Arovax AntiSpyware
[01/12/2009|17:57] D:\Program Files\a-squared Free
[12/10/2008|17:59] D:\Program Files\Avira
[28/08/2009|15:18] D:\Program Files\Bonjour
[19/04/2007|12:34] D:\Program Files\CCleaner
[21/02/2007|10:35] D:\Program Files\ComPlus Applications
[12/10/2008|21:11] D:\Program Files\Correctif Explorer
[18/05/2008|20:24] D:\Program Files\CpuIdle95
[21/06/2009|12:53] D:\Program Files\DivX
[08/04/2007|10:06] D:\Program Files\DivXCodec
[13/01/2008|18:07] D:\Program Files\DMV
[10/02/2008|12:57] D:\Program Files\eChanblard
[31/05/2009|16:18] D:\Program Files\eMule
[17/01/2008|21:14] D:\Program Files\eToro
[26/11/2009|17:43] D:\Program Files\Everest Poker
[21/06/2009|12:53] D:\Program Files\Fichiers communs
[25/04/2007|21:07] D:\Program Files\Freeplayer
[05/04/2008|23:37] D:\Program Files\FreeUndelete
[08/04/2007|10:06] D:\Program Files\Gabest
[14/03/2008|22:34] D:\Program Files\GoldWave
[21/06/2009|12:54] D:\Program Files\Google
[08/04/2007|10:06] D:\Program Files\GordianKnot
[27/02/2008|00:01] D:\Program Files\Grisoft
[15/05/2008|13:35] D:\Program Files\Guitar Pro 5
[14/11/2007|01:09] D:\Program Files\Help
[08/03/2008|16:03] D:\Program Files\IDoser v4
[13/02/2008|15:10] D:\Program Files\InstallShield Installation Information
[11/05/2008|13:49] D:\Program Files\Internet Explorer
[18/05/2008|17:45] D:\Program Files\IObit
[28/08/2009|15:19] D:\Program Files\iPod
[28/08/2009|15:19] D:\Program Files\iTunes
[04/07/2008|00:56] D:\Program Files\IVT Corporation
[14/03/2008|23:25] D:\Program Files\Java
[10/06/2008|17:49] D:\Program Files\JitBit
[10/06/2008|17:40] D:\Program Files\Jmgr.info
[17/11/2009|21:30] D:\Program Files\KONAMI
[01/12/2009|11:18] D:\Program Files\Lavalys
[16/01/2008|14:49] D:\Program Files\ma-config.com
[20/05/2007|01:39] D:\Program Files\Messenger
[08/03/2009|13:57] D:\Program Files\Messenger Plus! Live
[08/03/2009|13:40] D:\Program Files\Microsoft
[07/11/2007|21:19] D:\Program Files\Microsoft Bootvis
[21/02/2007|10:38] D:\Program Files\microsoft frontpage
[08/03/2009|13:44] D:\Program Files\Microsoft Silverlight
[24/02/2008|23:55] D:\Program Files\Microsoft SQL Server Compact Edition
[08/03/2009|13:43] D:\Program Files\Microsoft Sync Framework
[21/02/2007|10:38] D:\Program Files\movie maker
[04/12/2009|21:20] D:\Program Files\Mozilla Firefox
[21/02/2007|10:35] D:\Program Files\MSN
[21/02/2007|10:35] D:\Program Files\MSN Gaming Zone
[10/05/2008|13:28] D:\Program Files\MSXML 4.0
[21/02/2007|10:36] D:\Program Files\NetMeeting
[27/05/2007|21:54] D:\Program Files\newObjects
[08/11/2007|18:37] D:\Program Files\NudgeMania
[21/02/2007|10:35] D:\Program Files\Online Services
[11/05/2008|13:46] D:\Program Files\Outlook Express
[14/05/2008|19:54] D:\Program Files\Pando Networks
[28/05/2007|19:55] D:\Program Files\PTDD Group
[28/08/2009|15:18] D:\Program Files\QuickTime
[07/11/2007|21:41] D:\Program Files\RAM Idle LE
[15/12/2008|19:14] D:\Program Files\RamBoost XP
[02/05/2007|19:02] D:\Program Files\Ratajik Software
[08/11/2007|19:09] D:\Program Files\Samsung
[10/10/2007|12:14] D:\Program Files\secondexitford
[21/02/2007|10:36] D:\Program Files\Services en ligne
[15/07/2008|17:29] D:\Program Files\SEUCDaS
[20/11/2007|13:39] D:\Program Files\Shareaza
[17/01/2008|21:01] D:\Program Files\SharkMate
[05/10/2008|21:11] D:\Program Files\SopCast
[14/10/2007|22:22] D:\Program Files\Spybot - Search & Destroy
[07/11/2007|20:23] D:\Program Files\Stardock
[08/11/2007|19:14] D:\Program Files\Styler
[14/03/2008|23:25] D:\Program Files\Sun
[19/05/2008|21:35] D:\Program Files\Teamspeak2_RC2
[14/10/2007|22:18] D:\Program Files\Trend Micro
[20/09/2009|19:42] D:\Program Files\TVAnts
[13/01/2008|18:19] D:\Program Files\Tweak-XP Pro 4
[21/02/2007|10:42] D:\Program Files\Uninstall Information
[30/08/2007|14:28] D:\Program Files\uTorrent
[07/11/2007|20:01] D:\Program Files\UxTheme Multipatcher Fr
[16/01/2008|21:47] D:\Program Files\Veoh Networks
[21/02/2007|10:47] D:\Program Files\VideoLAN
[26/05/2007|12:20] D:\Program Files\VirtualDJ
[08/03/2008|15:14] D:\Program Files\VTTV
[08/11/2007|18:38] D:\Program Files\Webteh
[08/03/2009|13:44] D:\Program Files\Windows Live
[24/02/2008|23:55] D:\Program Files\Windows Live Favorites
[08/03/2009|13:40] D:\Program Files\Windows Live SkyDrive
[08/03/2009|13:43] D:\Program Files\Windows Live Toolbar
[03/12/2009|22:33] D:\Program Files\Windows Media Player
[14/04/2007|01:01] D:\Program Files\Windows NT
[21/02/2007|10:36] D:\Program Files\WindowsUpdate
[09/06/2008|00:59] D:\Program Files\WinRAR
[20/09/2009|13:42] D:\Program Files\WinSCP
[15/12/2007|20:53] D:\Program Files\WowCartographe
[21/02/2007|10:38] D:\Program Files\xerox
[20/05/2007|00:48] D:\Program Files\xp-AntiSpy
[13/01/2008|18:19] D:\Program Files\Yahoo!
[02/07/2008|13:59] D:\Program Files\YesMessenger

--------------------\\ Listing des dossiers dans D:\Program Files\Fichiers communs

[01/04/2009|19:46] D:\Program Files\Fichiers communs\Adobe
[28/08/2009|15:19] D:\Program Files\Fichiers communs\Apple
[21/02/2007|10:54] D:\Program Files\Fichiers communs\Blizzard Entertainment
[21/06/2009|12:53] D:\Program Files\Fichiers communs\DivX Shared
[26/02/2007|02:11] D:\Program Files\Fichiers communs\InstallShield
[21/02/2007|10:51] D:\Program Files\Fichiers communs\Java
[19/06/2009|11:50] D:\Program Files\Fichiers communs\Microsoft Shared
[21/02/2007|10:36] D:\Program Files\Fichiers communs\MSSoap
[27/05/2007|21:54] D:\Program Files\Fichiers communs\newObjects
[21/02/2007|11:30] D:\Program Files\Fichiers communs\ODBC
[21/02/2007|10:36] D:\Program Files\Fichiers communs\Services
[21/02/2007|11:30] D:\Program Files\Fichiers communs\SpeechEngines
[11/05/2008|13:46] D:\Program Files\Fichiers communs\System
[08/03/2009|13:32] D:\Program Files\Fichiers communs\Windows Live
[19/12/2007|20:24] D:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 21 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

D:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
D:\DOCUME~1\Nader\LOCALS~1\Temp\nsp87.tmp

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-05 11:28:53
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 299

--------------------\\ Recherche d'autres infections

D:\WINDOWS\system32\moXIRXbc.ini
D:\WINDOWS\system32\moXIRXbc.ini2
D:\WINDOWS\system32\nXEKnnmp.ini
D:\WINDOWS\system32\nXEKnnmp.ini2
==> VUNDO <==

--------------------\\ Cracks & Keygens ..

D:\DOCUME~1\Nader\Application Data\uTorrent\Pro Evolution Soccer 2010 Crack Only & Serial Keys.zip.torrent
D:\DOCUME~1\Nader\Mes documents\Downloads\Pro Evolution Soccer 2010 Crack Only & Serial Keys.zip
D:\DOCUME~1\Nader\Mes documents\eMule Downloads\Incoming\keygen pes 2009 serial cds.zip
D:\DOCUME~1\Nader\Mes documents\eMule Downloads\Incoming\pes 2009 crack-serial-keygen.exe


[F:2833][D:244]-> D:\DOCUME~1\Nader\LOCALS~1\Temp
[F:127][D:0]-> D:\DOCUME~1\Nader\Cookies
[F:222][D:14]-> D:\DOCUME~1\Nader\LOCALS~1\TEMPOR~1\content.IE5

1 - "D:\Lop SD\LopR_1.txt" - 05/12/2009|11:29 - Option : [1]

--------------------\\ Fin du rapport a 11:29:40

Relance Lop S&D.
(Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)

Choisis cette fois-ci l'option 2 (Suppression).

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)