S'il vous plait ... Quelqu'un pour m'aider ???

Salut :

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

▶ Télécharge List&Kill'em et enregistre le sur ton bureau

Il ne necessite pas d'installation

▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

choisis la langue puis choisis l'option 1 = Mode Recherche

▶laisse travailler l'outil

le rapport va s'afficher , une fois le scan fini

▶colle le contenu dans ta prochaine réponse ♦G3и-н@¢км@и™©®♦

Bonjour,

Désolé de la longueur entre le dernier poste et celui ci, j'étais partie en déplacement .
Voici le rapport du logiciel

List'em by g3n-h@ckm@n 1.0.4.8

Thx to Chiquitine29.....

User : Compaq_Propriétaire (Administrateurs) # KURO
Update on 29/10/2009 by g3n-h@ckm@n ::::: 18.30
Start at: 13:57:49 | 02/11/2009
Contact : g3n-h@ckm@n sur CCM

AMD Athlon(tm) 64 Processor 3400+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]

C:\ -> Disque fixe local | 180,3 Go (3,53 Go free) [PRESARIO] | NTFS
E:\ -> Disque CD-ROM | 646,71 Mo (0 Mo free) [K2_UK_V_1_0_DSC_] | CDFS
F:\ -> Disque fixe local | 111,79 Go (25,48 Go free) | NTFS
G:\ -> Disque CD-ROM
L:\ -> Disque CD-ROM
M:\ -> Disque CD-ROM
O:\ -> Disque fixe local | 232,88 Go (110,6 Go free) [local] | NTFS
Z:\ -> Disque fixe local | 5,99 Go (2,34 Go free) [PRESARIO_RP] | FAT32
======================
Cles de demarrage "Run"
======================
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"EPSON Stylus DX7400 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATICDE.EXE /FU \"C:\\WINDOWS\\TEMP\\E_S11B.tmp\" /EF \"HKCU\""
"AlcoholAutomount"="\"C:\\Program Files\\Alcohol Soft\\Alcohol 120\\axcmd.exe\" /automount"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Free Download Manager"="\"C:\\Program Files\\Free Download Manager\\fdm.exe\" -autorun"
"PlayNC Launcher"=""

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /installquiet /keeploaded /nodetect"
"AlcxMonitor"="ALCXMNTR.EXE"
"KBD"="C:\\HP\\KBD\\KBD.EXE"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"HP Software Update"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,\
00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,48,00,50,00,5c,00,48,00,\
50,00,20,00,53,00,6f,00,66,00,74,00,77,00,61,00,72,00,65,00,20,00,55,00,70,\
00,64,00,61,00,74,00,65,00,5c,00,48,00,50,00,77,00,75,00,53,00,63,00,68,00,\
64,00,32,00,2e,00,65,00,78,00,65,00,00,00
"AVG8_TRAY"="C:\\PROGRA~1\\AVG\\AVG8\\avgtray.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"SearchSettings"="C:\\Program Files\\Search Settings\\SearchSettings.exe"
"UnlockerAssistant"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""

=====================
cles additionnelles
=====================
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

===============
===============
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

======
BHO :
======
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
@="WormRadar.com IESiteBlocker.NavFilter"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
"NoExplorer"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
"NoExplorer"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
"NoExplorer"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
@="JQSIEStartDetectorImpl"
"NoExplorer"=dword:00000001

==========================

contenu des autoruns presents
-----------------------------

E:\Autorun.inf :
----------------
[autorun]
OPEN=autorun.exe
ICON=autorun.exe,0

[Disk]
Disk=1
Label1=Disk1

[General]
Language=0
Background=swautorun.bmp
BackgroundSound=background.wav
ClickSound=click.wav
Data=Data

[Messages]
Caption=Star Wars Knights of the Old Republic II: The Sith Lords
InsertPlay=Please insert the Star Wars Knights of the Old Republic II 'Disc 1 - Play Disc'.
InsertInstall=Please insert the Star Wars Knights of the Old Republic II 'Disc 1 - Play Disc'.
CheckCD=Please check your CD for dirt or damage.

[Button1]
x=80
y=128
down=mousedown.bmp
over=mouseover.bmp
up=mousenormal.bmp
label=Install

[Button2]
x=80
y=182
down=mousedown.bmp
over=mouseover.bmp
up=mousenormal.bmp
label=Exit

contenu des autoruns presents
-----------------------------

Z:\Autorun.inf :
----------------
[AUTORUN]
ShellExecute=Info.exe protect.ed 480 480

===============
Path : C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\TortoiseSVN\bin
===============
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
C:\Program Files\Mozilla Firefox\searchplugins\search.xml
C:\Program Files\Search Settings
C:\WINDOWS\aucfg.ini
C:\WINDOWS\IFinst27.exe
C:\WINDOWS\patch.exe
C:\WINDOWS\System32\_000111_.tmp.dll
C:\WINDOWS\System32\SET103.tmp
C:\WINDOWS\System32\SET104.tmp
C:\WINDOWS\System32\SET106.tmp
C:\WINDOWS\System32\SET107.tmp
C:\WINDOWS\System32\SET108.tmp
C:\WINDOWS\System32\SET10B.tmp
C:\WINDOWS\System32\SET10C.tmp
C:\WINDOWS\System32\SET10D.tmp
C:\WINDOWS\System32\SET27D.tmp
C:\WINDOWS\System32\SET27F.tmp
C:\WINDOWS\System32\SET284.tmp
C:\WINDOWS\System32\SET28B.tmp
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\Dealio
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\Search Settings
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\AutoRun.exe
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\DWPUpgradeInstaller.exe
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\First15.exe
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\hijackthis-2.0.2.exe
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\jre-6u15-windows-i586-iftw.exe
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\msxml6-KB927977-enu-x86.exe
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\sspatch.exe
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\sspatch2.exe
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\VP6Install.exe
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\wlsetup-cvr.exe
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\tmp112.tmp
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\TMP3D.tmp
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\TMP57.tmp
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\TMPE1.tmp

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
HKCR\SearchSettings.BHO
HKCR\SearchSettings.BHO.1
HKLM\Software\Classes\SearchSettings.BHO
HKLM\Software\Classes\SearchSettings.BHO.1
HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
HKLM\Software\Dealio
"HKLM\Software\Search Settings"
HKCR\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

2009-04-15B1W_V23_D-GRF.EXE-347F991E.pf
2009-04-15B_V23_D-GRF.EXE-12C1E2EB.pf
2009-07-29ARAGEXERE X-RAY_PAT-0DF82948.pf
2009-10-13ARAGEXERE_PATCHED.E-0AE4BA6E.pf
ACRO.EXE-07C292D2.pf
ACRO.EXE-31EE9E67.pf
ALG.EXE-275708CF.pf
ARABASTA CHRONICLES.EXE-16FE50A6.pf
ARABASTA CHRONICLES.EXE-32ACA88C.pf
AVGCMGR.EXE-017B654E.pf
AVGCSRVX.EXE-31443687.pf
AVGEMC.EXE-15EBAF8D.pf
AVGNSX.EXE-14F0A211.pf
AVGRSX.EXE-0CBF9C06.pf
AVGTRAY.EXE-11DB8130.pf
AVGUPD.EXE-2AED0BE6.pf
CLIENT_ACRO_V1.0.EXE-23F452F6.pf
CLIENT_ACRO_V1.0.TMP-14CD46E7.pf
CMD.EXE-034B0549.pf
CSCRIPT.EXE-0A13A05C.pf
DAREDEVILRO V4.3B.EXE-0BC5CAEF.pf
DEFRAG.EXE-2858C7E2.pf
DFRGNTFS.EXE-38C3807C.pf
DIFFPATCH.EXE-076D1FEB.pf
DUMPREP.EXE-0AF2BF67.pf
DWWIN.EXE-2C373FB7.pf
FDM.EXE-26D9E559.pf
FIREFOX.EXE-06188867.pf
FIREFOX.EXE-2A1B96AB.pf
FIXCFG.EXE-3A39BB3F.pf
FLASHGOT.EXE-2482EC1B.pf
GOOGLECRASHHANDLER.EXE-2FB258D9.pf
GOOGLECRASHHANDLER.EXE-36491BAC.pf
GOOGLEUPDATE.EXE-149428D7.pf
GOOGLEUPDATE.EXE-160E1F62.pf
GOOGLEUPDATESETUP.EXE-3B362807.pf
GRFBUILDER.EXE-21C6BE17.pf
HELPSVC.EXE-1C192440.pf
IEXPLORE.EXE-2D97EBE6.pf
IMAPI.EXE-201490BB.pf
INK-RO.EXE-062591ED.pf
IPODSERVICE.EXE-37043579.pf
JAVA.EXE-32FD225F.pf
JAVAW.EXE-392A4E93.pf
JAVAWS.EXE-078C20EA.pf
JQSNOTIFY.EXE-359F83C5.pf
JRE-6U15-WINDOWS-I586-IFTW.EX-2C11F34B.pf
JUCHECK.EXE-1E35CB2F.pf
LANCEUR.EXE-202D6B66.pf
Layout.ini
LIST_KILLEM.EXE-2C801A1F.pf
LOGONUI.EXE-312BE1BF.pf
MODE.COM-318FFE37.pf
MSIEXEC.EXE-330626DC.pf
MSIMN.EXE-183B59AF.pf
NOTEPAD.EXE-2F2D61E1.pf
NTOSBOOT-B00DFAAD.pf
NVSVC32.EXE-0756FC6B.pf
PHOTOSHOP.EXE-3B55E1FF.pf
PHOTOSHOPPORTABLE.EXE-059FFDA1.pf
PUTTY.EXE-31226C22.pf
QTTASK.EXE-1876A1A1.pf
REG.EXE-07FA5B3F.pf
REGEDIT.EXE-2AE3423E.pf
RUNDLL32.EXE-3CDF6447.pf
RUNDLL32.EXE-41C4C933.pf
RUNDLL32.EXE-41FB74E5.pf
RUNDLL32.EXE-49FD1EB1.pf
RUNDLL32.EXE-4BBC42F5.pf
RUNDLL32.EXE-5482870C.pf
RUNDLL32.EXE-5ACE91DC.pf
RUNDLL32.EXE-5F120771.pf
RUNDLL32.EXE-66451CF0.pf
RUNDLL32.EXE-6E8D4657.pf
SNDVOL32.EXE-0EC6FD20.pf
SOFFICE.BIN-091CC27D.pf
SOFFICE.EXE-012D2D56.pf
STARWINDSERVICEAE.EXE-00465506.pf
SVCHOST.EXE-2D5FBD18.pf
SWRITER.EXE-04499097.pf
TASKMGR.EXE-06144C13.pf
TEAMSPEAK 3.EXE-06519DE0.pf
TOOLBARBROKER.EXE-3ADB739B.pf
USNSVC.EXE-05B86444.pf
VERCLSID.EXE-28F52AD2.pf
WINRAR.EXE-0AA31BB9.pf
WINSCP.EXE-1371EACC.pf
WLLOGINPROXY.EXE-090074F0.pf
WMIADAP.EXE-32F99497.pf
WMIAPSRV.EXE-02740A4B.pf
WMIPRVSE.EXE-0D449B4F.pf
WORDPAD.EXE-32191081.pf
WSCNTFY.EXE-0B14C27D.pf
WUAUCLT.EXE-1360D60A.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Hello , y a du boulot :

REDEMARRE EN MODE SANS ECHEC , puis :

▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),

mais cette fois-ci :

▶ choisis l'option 2 = Mode Destruction

laisse travailler l'outil

apres les verifications , un rapport va s'ouvrir.

▶ ferme-le.

un deuxieme rapport va s'ouvrir ,

▶ colle son contenu dans ta reponse apres avoir redemarré en mode normal

il se trouve ici :

C:\Kill'em.txt

ensuite :


▶ Télécharge Ad-remover ( de C_XX ) sur ton bureau :


▶ Déconnecte toi et ferme toutes applications en cours !

▶ Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

▶ Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis l'option "L" et tape sur [entrée] .

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

ensuite :

vire AD-Remover

ensuite :

▶ Télécharge et install UsbFix par Chiquitine29

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

▶ Double clic sur le raccourci UsbFix présent sur ton bureau .

▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

▶ Laisse travailler l'outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra.

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. ♦G3и-н@¢км@и™©®♦

Bonjour,

Voici les rapport demandé:

Kill'em.txt:

Kill'em by g3n-h@ckm@n 1.0.4.8 
 
User : Compaq_Propriétaire () # KURO
Update on 29/10/2009 by g3n-h@ckm@n ::::: 18.30 
Start at: 00:40:24 | 06/11/2009
Contact : g3n-h@ckm@n sur CCM

AMD Athlon(tm) 64 Processor 3400+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]

C:\ -> Disque fixe local | 180,3 Go (3,51 Go free) [PRESARIO] | NTFS
E:\ -> Disque CD-ROM | 646,71 Mo (0 Mo free) [K2_UK_V_1_0_DSC_] | CDFS
F:\ -> Disque fixe local | 111,79 Go (25,48 Go free) | NTFS
G:\ -> Disque CD-ROM
L:\ -> Disque CD-ROM
M:\ -> Disque CD-ROM
O:\ -> Disque fixe local | 232,88 Go (110,6 Go free) [local] | NTFS
Z:\ -> Disque fixe local | 5,99 Go (2,34 Go free) [PRESARIO_RP] | FAT32
  
Fichiers analysés : 
================= 
 

¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents : 

C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache  
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"  
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"  
"C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}"  
"C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com"  
"C:\Program Files\Mozilla Firefox\searchplugins\search.xml"  
"C:\Program Files\Search Settings"  
"C:\WINDOWS\aucfg.ini"  
"C:\WINDOWS\IFinst27.exe"  
"C:\WINDOWS\patch.exe"  
C:\WINDOWS\System32\_000111_.tmp.dll  
C:\WINDOWS\System32\SET103.tmp  
C:\WINDOWS\System32\SET104.tmp  
C:\WINDOWS\System32\SET106.tmp  
C:\WINDOWS\System32\SET107.tmp  
C:\WINDOWS\System32\SET108.tmp  
C:\WINDOWS\System32\SET10B.tmp  
C:\WINDOWS\System32\SET10C.tmp  
C:\WINDOWS\System32\SET10D.tmp  
C:\WINDOWS\System32\SET27D.tmp  
C:\WINDOWS\System32\SET27F.tmp  
C:\WINDOWS\System32\SET284.tmp  
C:\WINDOWS\System32\SET28B.tmp  
"C:\Documents and Settings\Compaq_Propri‚taire\Application Data\Dealio"  
"C:\Documents and Settings\Compaq_Propri‚taire\Application Data\Search Settings"  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\AutoRun.exe  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\DWPUpgradeInstaller.exe  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\First15.exe  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\hijackthis-2.0.2.exe  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\jre-6u15-windows-i586-iftw.exe  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\msxml6-KB927977-enu-x86.exe  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\sspatch.exe  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\sspatch2.exe  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\VP6Install.exe  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\wlsetup-cvr.exe  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\tmp112.tmp  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\TMP3D.tmp  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\TMP57.tmp  
C:\Documents and Settings\Compaq_Propri‚taire\LOCAL Settings\Temp\TMPE1.tmp  
 
 
¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers : 
  
Quarantaine : 

aucfg.ini.Kill'em
AutoRun.exe.Kill'em
Dealio.Kill'em
DWPUpgradeInstaller.exe.Kill'em
First15.exe.Kill'em
hijackthis-2.0.2.exe.Kill'em
IFinst27.exe.Kill'em
jre-6u15-windows-i586-iftw.exe.Kill'em
msxml6-KB927977-enu-x86.exe.Kill'em
PATCH.EXE.Kill'em
qmgr0.dat.Kill'em
qmgr1.dat.Kill'em
QTSBandwidthCache.Kill'em
Search Settings.Kill'em
search.xml.Kill'em
search@searchsettings.com.Kill'em
SET103.tmp.Kill'em
SET104.tmp.Kill'em
SET106.tmp.Kill'em
SET107.tmp.Kill'em
SET108.tmp.Kill'em
SET10B.tmp.Kill'em
SET10C.tmp.Kill'em
SET10D.tmp.Kill'em
SET27D.tmp.Kill'em
SET27F.tmp.Kill'em
SET284.tmp.Kill'em
SET28B.tmp.Kill'em
sspatch.exe.Kill'em
sspatch2.exe.Kill'em
tmp112.tmp.Kill'em
TMP3D.tmp.Kill'em
TMP57.tmp.Kill'em
TMPE1.tmp.Kill'em
VP6Install.exe.Kill'em
wlsetup-cvr.exe.Kill'em
_000111_.tmp.dll.Kill'em
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}.Kill'em

¤¤¤¤¤¤¤¤¤¤ Verification : 
 

===============
Path : C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\TortoiseSVN\bin 
===============
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents : 

 
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes : 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run "msconfig"  
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe  
HKCR\SearchSettings.BHO  
HKCR\SearchSettings.BHO.1  
HKLM\Software\Classes\SearchSettings.BHO  
HKLM\Software\Classes\SearchSettings.BHO.1  
HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}  
HKLM\Software\Dealio  
"HKLM\Software\Search Settings"  
HKCR\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}  
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}  
 
¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch : 

2009-07-29ARAGEXERE X-RAY_PAT-0DF82948.pf
Layout.ini
NTOSBOOT-B00DFAAD.pf
 
 
 

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_Z | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 17.10.2009 à 11:48
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à:  1:00:27, 06/11/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™  Service Pack 3 v5.1.2600
Nom du PC: KURO | Utilisateur actuel: Compaq_Propri‚taire
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

HKCU\Software\Search Settings 
HKLM\Software\Classes\SearchSettings.BHO 
HKLM\Software\Classes\SearchSettings.BHO.1 
HKLM\Software\Dealio 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1} 
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{94C3BB3A-56A1-43DE-A242-8B41F46E97EF} 
HKLM\Software\Search Settings 
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} 
HKLM\Software\Classes\TypeLib\{1FFEEBC8-D7CA-A5F1-1B02-8E46330FA5CA} 
HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} 
.
C:\DOCUME~1\COMPAQ~1\APPLIC~1\Dealio
C:\DOCUME~1\COMPAQ~1\APPLIC~1\DesktopIcon
C:\DOCUME~1\COMPAQ~1\APPLIC~1\Search Settings
C:\Program Files\Dealio Toolbar
C:\Program Files\Mozilla FireFox\regxpcom.exe
C:\Windows\Installer\4404bf.msi  
C:\Windows\Installer\4404c8.msi  
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\Microsoft\Internet Explorer\Quick Launch\Ebay.lnk  
C:\DOCUME~1\COMPAQ~1\MENUDM~1\Ebay.lnk  
C:\DOCUME~1\COMPAQ~1\Cookies\compaq_propri‚taire@partypoker[2].txt
C:\DOCUME~1\COMPAQ~1\Cookies\compaq_propri‚taire@rotator.adjuggler[1].txt
 
(!) -- Fichiers temporaires supprimés. 
 
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 2.0.0.20 [fr] *
.
 Nom du profil: gwlgfg7a.default (Compaq_Propri‚taire)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Yahoo! Search"); 
(Prefs.js) user_pref("browser.search.selectedEngine", "Yahoo! Search"); 
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="); 
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.8.1.20"); 
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\Compaq_Propri‚taire\Application Data\Azureus\torrents\Heroes[1].of.Might.and.Magic 5_PC.DVD_[.FR.ENG.ESP.IT.GER].+.CRACK.NoDVD.rar [mininova].torrent
C:\Documents and Settings\Compaq_Propri‚taire\Bureau\Google earth\Crack.exe
C:\Documents and Settings\Compaq_Propri‚taire\Bureau\win98\popsiclesthingys\win 98  y2k patches\y2k.exe
C:\Documents and Settings\Compaq_Propri‚taire\Bureau\win98\popsiclesthingys\win 98  y2k patches\y2kw98_2.exe
.
===================================
.
4010 Octet(s) - C:\Ad-Report-CLEAN[1].log 
.
1302 Fichier(s) - C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp 
17 Fichier(s) - C:\WINDOWS\Temp 
.
19 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
35 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE 
.
Fin à:  1:24:39 | 06/11/2009 - CLEAN[1]
.
============== E.O.F ==============
.

############################## | UsbFix V6.048 |

User : Compaq_Propriétaire (Administrateurs) # KURO
Update on 04/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 01:28:56 | 06/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 Processor 3400+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]

C:\ -> Disque fixe local # 180,3 Go (6,27 Go free) [PRESARIO] # NTFS
E:\ -> Disque CD-ROM # 646,71 Mo (0 Mo free) [K2_UK_V_1_0_DSC_] # CDFS
F:\ -> Disque fixe local # 111,79 Go (25,48 Go free) # NTFS
G:\ -> Disque CD-ROM
L:\ -> Disque CD-ROM
M:\ -> Disque CD-ROM
O:\ -> Disque fixe local # 232,88 Go (110,75 Go free) [local] # NTFS
Z:\ -> Disque fixe local # 5,99 Go (2,34 Go free) [PRESARIO_RP] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 756
C:\WINDOWS\system32\csrss.exe 832
C:\WINDOWS\system32\winlogon.exe 856
C:\WINDOWS\system32\services.exe 900
C:\WINDOWS\system32\lsass.exe 912
C:\WINDOWS\system32\svchost.exe 1080
C:\WINDOWS\system32\svchost.exe 1148
C:\WINDOWS\System32\svchost.exe 1396
C:\WINDOWS\system32\svchost.exe 1460
C:\WINDOWS\system32\svchost.exe 1712
C:\WINDOWS\system32\spoolsv.exe 144
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe 332
C:\WINDOWS\system32\svchost.exe 652
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 684
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe 696
C:\Program Files\Bonjour\mDNSResponder.exe 716
C:\Program Files\Java\jre6\bin\jqs.exe 1108
C:\WINDOWS\system32\libusbd-nt.exe 1224
C:\windows\system\hpsysdrv.exe 1528
C:\WINDOWS\ALCXMNTR.EXE 1608
C:\HP\KBD\KBD.EXE 1616
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe 1748
C:\PROGRA~1\AVG\AVG8\avgtray.exe 1840
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe 1864
C:\WINDOWS\system32\nvsvc32.exe 1948
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe 308
C:\Program Files\Unlocker\UnlockerAssistant.exe 340
C:\WINDOWS\system32\svchost.exe 576
C:\PROGRA~1\AVG\AVG8\avgrsx.exe 628
C:\Program Files\iTunes\iTunesHelper.exe 1336
C:\PROGRA~1\AVG\AVG8\avgemc.exe 288
C:\Program Files\Java\jre6\bin\jusched.exe 1476
C:\PROGRA~1\AVG\AVG8\avgnsx.exe 356
C:\WINDOWS\system32\ctfmon.exe 2884
C:\Program Files\Free Download Manager\fdm.exe 2972
C:\Program Files\MagicDisc\MagicDisc.exe 3072
C:\Program Files\AVG\AVG8\avgcsrvx.exe 3824
C:\Program Files\iPod\bin\iPodService.exe 3516
C:\WINDOWS\System32\alg.exe 3804
C:\WINDOWS\system32\wbem\wmiapsrv.exe 248
C:\WINDOWS\system32\wscntfy.exe 3320
C:\WINDOWS\explorer.exe 1276
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE 2840
C:\WINDOWS\system32\wbem\wmiprvse.exe 1376

################## | Fichiers # Dossiers infectieux |

E:\autorun.inf  
Z:\autorun.inf  

################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\E
Shell\AutoRun\command =E:\autorun.exe 

HKCU\..\..\Explorer\MountPoints2\Z
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

HKCU\..\..\Explorer\MountPoints2\{2a9a0008-b705-11dd-b6af-0013d3fbeb9f}
shell\explore\command =explorer.exe 
shell\open\Command =explorer.exe 

HKCU\..\..\Explorer\MountPoints2\{98a56187-80fd-11de-bdda-0013d3fbeb9f}
Shell\AutoRun\command =H:\RavMon.exe 
Shell\explore\Command =H:\RavMon.exe -e
Shell\open\Command =H:\RavMon.exe 

################## | Suspect | http://www.virustotal.com |


################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\Compaq_Propri‚taire\Bureau\Google earth\Crack.exe"  
02/09/2007 12:03 |Size 1516356 |Crc32 f4b6da64 |Md5 2302eace8e12fa460b14c2e6764ac952  
 
"C:\Program Files\Java\jdk1.5.0_04\bin\serialver.exe"  
03/06/2005 02:29 |Size 49277 |Crc32 2154eef5 |Md5 96ef5b153cebc9512bf6bfad78215df7  
 
"C:\Program Files\Java\jdk1.5.0_06\bin\serialver.exe"  
10/11/2005 11:37 |Size 49277 |Crc32 98b90c7a |Md5 bc9d147ee008f28a05088dff936eaa98  
 
"E:\Crack\Cracktro.exe"  
15/05/2006 17:30 |Size 109056 |Crc32 DENIED |Md5 DENIED  
 
"E:\Crack\swkotor2.exe"  
15/05/2006 18:10 |Size 4578816 |Crc32 a03e210a |Md5 4a318b515e0e35ba7f289b7764ac1aad  
 
"F:\Adobe Dreamweaver CS3\Crack\Dreamweaver2.exe"  
20/06/2008 16:02 |Size 16083128 |Crc32 90cdca4e |Md5 21a554b844d714644c05d6773c2fb598  
 
"F:\Adobe Flash Pro CS3 2007\Adobe.Flash.CS3.Keymaker.Only-ZWT\Keygen.exe"  
21/04/2007 03:51 |Size 53760 |Crc32 c684a5eb |Md5 e3c7d489013b51c671aa79c9068a2a00  
 
"F:\Adobe Premiere Pro CS3 + Keygen Activator And New Keygen\ADBEPPROCS3_ALP.exe"  
24/06/2008 18:17 |Size 37121024 |Crc32 48521d3e |Md5 f94256ce28c5d02dd67dc5c3a36a41cf  
 
"F:\Adobe Premiere Pro CS3 + New Keygen - Limited Keys (Grab Now)\ADBEPPROCS3_ALP.exe"  
24/06/2008 16:55 |Size 37169152 |Crc32 be6a3d54 |Md5 b5bbeaf5ce81becb026bd7ca9c51046e  
 
"F:\Adobe.After.Effects.CS3[ENG][Crack]\Xp Gold\xp.gold.edition.by.slisher\msconfig-cleanup-setup.exe"  
30/07/2005 13:09 |Size 709421 |Crc32 7365e0a0 |Md5 072491dc2caaa5570a41d0642646654c  
 
"F:\Adobe.After.Effects.CS3[ENG][Crack]\Xp Gold\xp.gold.edition.by.slisher\SETUP.EXE"  
01/09/2004 07:00 |Size 1314816 |Crc32 1ab7c8fe |Md5 fc65835d2a9cd4e527f2b2674f9b9778  
 
"F:\Adobe.After.Effects.CS3[ENG][Crack]\Xp Gold\xp.gold.edition.by.slisher\I386\spnpinst.exe"  
01/09/2004 07:00 |Size 11776 |Crc32 06fd3df6 |Md5 70e9c484ebad7c9a91cb3d393dc19615  
 
"F:\After Effects Final with Keygen\ADBEAFETCS3_ALP.exe"  
26/01/2008 03:19 |Size 877719320 |Crc32 8b0bea73 |Md5 1eccb29c06ef760493c751230069df63  
 
"F:\Macromedia DreamWeaver CS3 + Plugins and Crack\Crack\Dreamweaver.exe"  
19/04/2007 10:54 |Size 16083128 |Crc32 90cdca4e |Md5 21a554b844d714644c05d6773c2fb598  
 
"F:\Reason 4 + Keygen + Patch RPS\KEYGEN.EXE"  
31/08/2007 15:33 |Size 164352 |Crc32 dae7a014 |Md5 ac271f7c2907076984144dda7db30c4a  
 
"O:\AVS Video Converter v4.3.1.371[++Final++CrAcK]\AVSVideoConverter4.exe"  
05/01/2006 23:32 |Size 26708114 |Crc32 3486a9fe |Md5 dc08d793309996e8bc05ca015d9051bf  
 
"O:\AVS Video Converter v4.3.1.371[++Final++CrAcK]\Crack\AVSVideoConverter4.exe"  
04/01/2006 23:21 |Size 7067136 |Crc32 5e09df9a |Md5 cee2260e4ed854224c5bacca4927f4d3  
 

################## | ! Fin du rapport # UsbFix V6.048 ! |

Salut supprime tous ces cracks et keygens source d infection , puis :

▶ (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

▶ Double clic (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci UsbFix présent sur ton bureau

▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]

▶ Ton bureau disparaitra et le pc redémarrera .

▶ Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) ♦G3и-н@¢км@и™©®♦

Bonjour,
Voici le rapport USBfix:


############################## | UsbFix V6.048 |

User : Compaq_Propriétaire (Administrateurs) # KURO
Update on 04/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 12:00:14 | 06/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 Processor 3400+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AVG Anti-Virus Free 8.5 [ Enabled | Updated ]

C:\ -> Disque fixe local # 180,3 Go (6,19 Go free) [PRESARIO] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque fixe local # 111,79 Go (30,7 Go free) # NTFS
G:\ -> Disque CD-ROM
L:\ -> Disque CD-ROM
M:\ -> Disque CD-ROM
O:\ -> Disque fixe local # 232,88 Go (110,78 Go free) [local] # NTFS
Z:\ -> Disque fixe local # 5,99 Go (2,34 Go free) [PRESARIO_RP] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 760
C:\WINDOWS\system32\csrss.exe 840
C:\WINDOWS\system32\winlogon.exe 864
C:\WINDOWS\system32\services.exe 908
C:\WINDOWS\system32\lsass.exe 920
C:\WINDOWS\system32\svchost.exe 1096
C:\WINDOWS\system32\svchost.exe 1164
C:\WINDOWS\System32\svchost.exe 1620
C:\WINDOWS\system32\svchost.exe 1672
C:\WINDOWS\system32\svchost.exe 1760
C:\WINDOWS\Explorer.EXE 464
C:\WINDOWS\system32\spoolsv.exe 540
C:\Program Files\Google\Update\GoogleUpdate.exe 1116
C:\WINDOWS\system32\svchost.exe 1780
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1868
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe 1892
C:\Program Files\Bonjour\mDNSResponder.exe 1916
C:\Program Files\Google\Update\GoogleUpdate.exe 1956
C:\Program Files\Java\jre6\bin\jqs.exe 1992
C:\WINDOWS\system32\libusbd-nt.exe 248
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe 348
C:\Program Files\Google\Update\GoogleUpdate.exe 320
C:\WINDOWS\system32\nvsvc32.exe 1664
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe 1652
C:\WINDOWS\system32\svchost.exe 1908
C:\PROGRA~1\AVG\AVG8\avgrsx.exe 720
C:\PROGRA~1\AVG\AVG8\avgemc.exe 816
C:\PROGRA~1\AVG\AVG8\avgnsx.exe 1272
C:\WINDOWS\system32\wuauclt.exe 1232
C:\Program Files\AVG\AVG8\avgcsrvx.exe 1472
C:\WINDOWS\system32\wbem\wmiprvse.exe 2464
C:\WINDOWS\System32\alg.exe 2696

################## | Fichiers # Dossiers infectieux |

Supprimé ! Z:\autorun.inf

################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\E\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\Z\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2a9a0008-b705-11dd-b6af-0013d3fbeb9f}\Shell\explore\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{98a56187-80fd-11de-bdda-0013d3fbeb9f}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[06/11/2009 01:25|--a------|4345] C:\Ad-Report-CLEAN[1].log
[31/10/2009 19:47|--a------|2176495] C:\Archive.zip
[23/11/2004 22:21|--a------|0] C:\AUTOEXEC.BAT
[06/11/2009 00:50|-rahs----|296] C:\boot.ini
[05/08/2004 13:00|-rahs----|4952] C:\Bootfont.bin
[05/08/2004 13:00|-r-hs----|263488] C:\cmldr
[23/11/2004 22:21|--a------|0] C:\CONFIG.SYS
[?|?|?] C:\hiberfil.sys
[17/10/2009 04:40|--a------|6466] C:\index.html
[23/11/2004 22:21|-rahs----|0] C:\IO.SYS
[06/11/2009 00:50|--a------|5340] C:\Kill'em.txt
[23/11/2004 22:21|-rahs----|0] C:\MSDOS.SYS
[05/08/2004 13:00|-rahs----|47564] C:\NTDETECT.COM
[21/10/2009 04:39|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[05/10/2006 17:30|--a------|1333] C:\README.txt
[19/05/2008 17:10|--ah-----|268] C:\sqmdata00.sqm
[17/06/2008 14:52|--ah-----|232] C:\sqmdata01.sqm
[17/06/2008 14:59|--ah-----|232] C:\sqmdata02.sqm
[17/06/2008 15:24|--ah-----|232] C:\sqmdata03.sqm
[23/10/2008 21:58|--ah-----|268] C:\sqmdata04.sqm
[12/01/2009 06:00|--ah-----|268] C:\sqmdata05.sqm
[28/01/2009 22:07|--ah-----|232] C:\sqmdata06.sqm
[27/07/2009 19:52|--ah-----|268] C:\sqmdata07.sqm
[13/09/2009 13:11|--ah-----|232] C:\sqmdata08.sqm
[13/09/2009 20:27|--ah-----|232] C:\sqmdata09.sqm
[28/09/2009 02:42|--ah-----|232] C:\sqmdata10.sqm
[19/05/2008 17:10|--ah-----|244] C:\sqmnoopt00.sqm
[17/06/2008 14:52|--ah-----|244] C:\sqmnoopt01.sqm
[17/06/2008 14:59|--ah-----|244] C:\sqmnoopt02.sqm
[17/06/2008 15:24|--ah-----|244] C:\sqmnoopt03.sqm
[23/10/2008 21:58|--ah-----|244] C:\sqmnoopt04.sqm
[12/01/2009 06:00|--ah-----|244] C:\sqmnoopt05.sqm
[28/01/2009 22:07|--ah-----|244] C:\sqmnoopt06.sqm
[27/07/2009 19:52|--ah-----|244] C:\sqmnoopt07.sqm
[13/09/2009 13:11|--ah-----|244] C:\sqmnoopt08.sqm
[13/09/2009 20:27|--ah-----|244] C:\sqmnoopt09.sqm
[28/09/2009 02:42|--ah-----|244] C:\sqmnoopt10.sqm
[06/11/2009 11:57|--a------|1356] C:\trace.txt
[06/11/2009 12:15|--a------|4902] C:\UsbFix.txt
[11/07/2009 13:26|--a------|1010584] C:\Version08STABLE.zip
[08/10/2007 10:15|--a------|2618857] F:\01 - Kawai Kenji - Yuunagi.mp3
[08/10/2007 10:15|--a------|3699302] F:\02 - Kawai Kenji - Warabeshiku Narite (Type B).mp3
[08/10/2007 10:15|--a------|6391992] F:\03 - Kawai Kenji - Shigure no Koro.mp3
[08/10/2007 10:15|--a------|5312608] F:\04 - Kawai Kenji - Jashi Arite.mp3
[08/10/2007 10:15|--a------|5645938] F:\05 - Kawai Kenji - Hitori Iku Kimi yo.mp3
[08/10/2007 10:15|--a------|5431730] F:\06 - Kawai Kenji - Mamono no Kehai.mp3
[08/10/2007 10:15|--a------|6018952] F:\07 - Kawai Kenji - Oihi.mp3
[08/10/2007 10:15|--a------|9805663] F:\08 - Kawai Kenji - Yuugu.mp3
[08/10/2007 10:15|--a------|4831959] F:\09 - Kawai Kenji - Inishie no Mura.mp3
[08/10/2007 10:15|--a------|5072286] F:\10 - Kawai Kenji - Kihan wo Ikite.mp3
[08/10/2007 10:15|--a------|5005410] F:\11 - Kawai Kenji - Tama Shizume.mp3
[08/10/2007 10:15|--a------|6365866] F:\12 - Kawai Kenji - Youfu no Se.mp3
[08/10/2007 10:15|--a------|4405633] F:\13 - Kawai Kenji - Keijou.mp3
[08/10/2007 10:15|--a------|5085870] F:\14 - Kawai Kenji - Ousen no Gotoku.mp3
[08/10/2007 10:15|--a------|4965707] F:\15 - Kawai Kenji - Teidou no Balsa.mp3
[08/10/2007 10:15|--a------|7405543] F:\16 - Kawai Kenji - Souten no Taka.mp3
[08/10/2007 10:15|--a------|4085894] F:\17 - Kawai Kenji - Utsuro.mp3
[08/10/2007 10:15|--a------|3991853] F:\18 - Kawai Kenji - Suuhai.mp3
[08/10/2007 10:15|--a------|4765099] F:\19 - Kawai Kenji - Warabeshiku Narite (Type A).mp3
[08/10/2007 10:15|--a------|6005378] F:\20 - Kawai Kenji - Unmei no Toki.mp3
[08/10/2007 10:15|--a------|6632317] F:\21 - Kawai Kenji - Omoki I Maite.mp3
[08/10/2007 10:15|--a------|5338736] F:\22 - Kawai Kenji - Tsume no Mamono.mp3
[08/10/2007 10:15|--a------|7498532] F:\23 - Kawai Kenji - Soukoku.mp3
[08/10/2007 10:15|--a------|7271801] F:\24 - Kawai Kenji - Gonjou no Monotachi.mp3
[08/10/2007 10:15|--a------|6045086] F:\25 - Kawai Kenji - Shikou no Yari.mp3
[08/10/2007 10:15|--a------|7379418] F:\26 - Kawai Kenji - Seichou Nari.mp3
[08/10/2007 10:15|--a------|2045227] F:\27 - Kawai Kenji - Nahji no Uta (Short Ver.).mp3
[08/10/2007 10:15|--a------|8046062] F:\28 - Kawai Kenji - Iza, Saraba.mp3
[08/10/2007 10:15|--a------|3845588] F:\29 - Tainaka Sachi - Itoshii Hito he (TV Size).mp3
[01/10/2002 22:11|--a------|358963] F:\binkw32.dll
[23/05/2008 10:30|--a------|733593600] F:\Blow-Up (Michelangelo Antonioni, 1966).avi
[18/06/2008 00:04|--a------|8098304] F:\Blueboy6d7 Adobe Photoshop Cs3 Auto Cracker Setup.exe
[27/08/2007 12:11|--a------|47113] F:\Blueboy6d7 Adobe Photoshop Cs3 Auto Cracker.jpg
[08/10/2007 14:30|--a------|818522] F:\Booklet-Back.jpg
[08/10/2007 14:30|--a------|700157] F:\Booklet-Front.jpg
[08/10/2007 14:30|--a------|1610214] F:\Booklet-Page01-02.jpg
[08/10/2007 14:30|--a------|900683] F:\Booklet-Page03-04.jpg
[08/10/2007 14:30|--a------|1119532] F:\Booklet-Page05-06.jpg
[08/10/2007 14:30|--a------|970403] F:\Booklet-Page07-08.jpg
[08/10/2007 14:30|--a------|2003628] F:\Booklet-Page09-10.jpg
[02/03/2008 06:12|--a------|721172] F:\Config.tpc
[17/01/2008 17:04|--a------|2058] F:\config.xml
[25/04/2002 09:51|--a------|73728] F:\cps.dll
[20/03/2008 23:39|--a------|33] F:\Data.ini
[18/06/2002 12:11|--a------|163088] F:\dbghelp.dll
[08/10/2007 14:30|--a------|776771] F:\Disc.jpg
[15/01/2008 11:47|--a------|1552483] F:\dofus.dll
[15/01/2008 11:48|--a------|143360] F:\Dofus.exe
[14/12/2007 15:29|--a------|2684] F:\Dofus.html
[23/04/2003 13:37|--a------|267264] F:\FindHack.exe
[23/04/2003 13:37|--a------|898] F:\FORMAT.CFG
[20/06/2007 05:31|--a------|165569] F:\GameGuard.des
[01/10/2002 22:11|--a------|230455] F:\granny2.dll
[15/07/2003 15:33|--a------|71865] F:\GravityMain.jpg
[09/04/2006 14:00|--a------|102400] F:\GRF.dll
[17/11/2004 09:29|--a------|41844] F:\IFU7A.inf
[21/03/2001 08:35|--a------|372736] F:\ijl15.dll
[08/10/2007 14:30|--a------|533107] F:\Insert-Inside.jpg
[08/10/2007 14:30|--a------|1247943] F:\Insert-Outside.jpg
[03/02/2008 23:53|--a------|731889664] F:\Jurassic park 1 - divx fr.avi
[03/02/2008 22:17|--a------|725858304] F:\Jurassic Park 2 - Le Monde Perdu - Divx Fr.avi
[03/02/2008 23:15|--a------|729765888] F:\Jurassic park 3_DVDRip_fr_Ripped by Sel.2.mer.avi
[23/04/2003 13:37|--a------|837] F:\KOR_LANG.CFG
[07/11/2007 15:06|--a------|1921] F:\launch
[07/11/2007 15:06|--a------|1615] F:\launchMac
[07/11/2007 14:25|--a------|7510] F:\LICENSE-DE.txt
[17/09/2007 14:08|--a------|5944] F:\LICENSE-EN.txt
[17/09/2007 14:08|--a------|6623] F:\LICENSE-ES.txt
[17/09/2007 14:08|--a------|7069] F:\LICENSE-FR.txt
[17/01/2008 17:04|--a------|1157484] F:\loader.swf
[21/06/2005 08:58|--a------|188416] F:\lua.exe
[06/07/2002 11:16|--a------|125952] F:\Mp3dec.asi
[31/03/2001 10:41|--a------|346624] F:\Mss32.dll
[06/07/2002 11:16|--a------|62976] F:\Mssfast.m3d
[28/12/2004 12:35|--a------|401462] F:\msvcp60.dll
[08/10/2007 13:57|--a------|802] F:\Nipponsei - Seirei no Moribito Original Soundtrack 2.txt
[28/12/2004 08:18|--a------|7942] F:\notice_close.txt
[21/06/2002 23:39|--a------|61952] F:\NPCHK.DLL
[23/04/2003 13:37|--a------|55296] F:\NPCIPHER.DLL
[01/02/2005 14:55|--a------|233555] F:\npkcrypt.dll
[01/02/2005 14:55|--a------|21442] F:\npkcrypt.sys
[01/02/2005 14:55|--a------|18562] F:\npkcrypt.vxd
[01/02/2005 14:55|--a------|37009] F:\npkcusb.sys
[20/05/2003 16:04|--a------|81920] F:\npkeysdk.dll
[01/02/2005 14:55|--a------|53248] F:\npkpdb.dll
[21/06/2002 23:39|--a------|31744] F:\NPPSK.DLL
[15/11/2004 13:52|--a------|278619] F:\NPSCAN.DES
[15/04/2001 10:20|--a------|156672] F:\npupdate.dll
[23/04/2003 13:37|--a------|164864] F:\NPUPDATE0.DLL
[17/06/2003 13:33|--a------|126976] F:\NPX.DLL
[31/01/2008 17:06|--a------|4] F:\Patch.inf
[28/03/2005 17:24|--a------|51] F:\patch4.txt
[20/03/2008 23:19|--a------|146234874] F:\pfdata.grf
[21/06/2006 22:54|--a------|743936] F:\Phoenix-Feather Patch.exe
[15/03/2008 22:14|--a------|3174486] F:\phoenix-feather.exe
[13/03/2007 23:20|--a------|35979] F:\Photoshop CS3 Read Me.html
[30/04/2008 08:22|--a------|6140685] F:\Pizzicato_v3.2.2.zip
[21/06/2008 14:03|--a------|112675479] F:\Portable Adobe Flash CS3 - PReCracked by NeoXe.rar
[11/11/2008 05:02|--a------|280] F:\Raccourci vers local (E).lnk
[27/08/2007 12:22|--a------|263] F:\Read Me.txt
[12/12/2007 17:08|--a------|1124156128] F:\sdata.grf
[21/06/2002 23:09|--a------|192512] F:\Setup.exe
[26/05/2008 22:36|--a------|4388782236] F:\SoulCalibur3.nrg
[15/12/2008 22:22|--a------|373] F:\TriadPatcherLog.txt
[15/04/2008 13:53|--a------|155] F:\TriadPatchsList.ini
[23/04/2008 16:43|--a------|209976616] F:\[Ch-F]_Macross_Frontier_01_[51A45BC0].mkv
[06/04/2008 16:44|--a------|157117952] F:\[Nipponsei] Seirei no Moribito Original Soundtrack Vol.1.zip
[06/04/2008 18:23|--a------|171703097] F:\[Nipponsei] Seirei no Moribito Original Soundtrack Vol.2.zip
[28/10/2008 19:26|--a------|1028] O:\account.txt
[26/10/2009 14:34|--a------|1565686656] O:\AcroV0.1a-1.bin
[26/10/2009 14:49|--a------|869756245] O:\AcroV0.1a-2.bin
[26/10/2009 14:49|--a------|313050] O:\AcroV0.1a.exe
[05/09/2008 03:03|--a------|731512832] O:\Batman.The.Dark.Knight.TRUEFRENCH.DVDSCR.avi
[11/07/2009 19:10|--a------|1392005034] O:\Beherit-Online1.1.exe
[27/07/2009 18:22|--a------|4446] O:\beta.iss
[23/10/2009 03:57|--a------|167522870] O:\Chronicles.grf
[10/07/2009 18:40|--a------|2934360] O:\eathenasql-v1.0.0-rc5.rar
[03/10/2008 23:38|--a------|835942400] O:\Jackie Chan-Combats.de.Maitre 2 (Druken master 2).DVDRip.MZISYS.avi
[05/09/2008 02:40|--a------|209715304] O:\Le.Jour.D.Apres.FRENCH.720p.HD.DVD.up.fab6xL.avi.001.xtm
[29/10/2008 22:41|--a------|7991163] O:\Metin2-Multihack.rar
[29/10/2008 21:18|--a------|531171017] O:\Metin2_20080908.exe
[12/10/2008 03:19|--a------|734289920] O:\Postal T21 by thewarrior10.avi
[08/07/2009 17:09|--a------|129900] O:\Ragnarok_-_The_Animated_-_dvd_01_ao_06[trader.newdreamteam.org] [mininova]-1.torrent
[13/05/2008 01:09|--a------|591] O:\README.txt
[11/11/2008 04:58|--ahs----|10752] O:\Thumbs.db
[17/07/2009 18:18|--a------|1553703665] O:\Versus-Online2.0.exe
[17/07/2009 18:00|--a------|4249971] O:\Versus-Online2.0.exe.filepart
[27/07/2009 18:49|--a------|1427478524] O:\versus3.0.exe
[27/07/2009 16:45|--a------|1428094843] O:\Versus_online_setup.exe
[04/09/2008 12:53|--a------|3858106940] O:\vff.avi
[20/10/2008 17:42|--a------|1283912] O:\wowclient-downloader.exe
[23/07/2009 16:00|--a------|998719488] O:\[A-F]FFVII_-_Dirge_of_Cerberus_CG_Movie.avi
[02/11/2008 20:55|--a------|231203062] O:\[DB-FR]_Naruto_Shippuuden_080v2HD_subfrench_H264_LC_AAC_[7521D65.mp4
[02/11/2008 20:39|--a------|231090626] O:\[DB-FR]_Naruto_Shippuuden_081v2HD_subfrench_H264_LC_AAC_[68F859C6].mp4
[02/11/2008 19:02|--a------|134281776] O:\[DB]_Naruto_Shippuuden_082_Sub_French_[3870DFD8].avi
[09/10/2008 02:06|-rah-----|244236007] O:\[EROBEAT]_Shin_Bible_Black_-_06_[x264][85DE1ECE].mp4
[05/10/2008 18:13|--a------|806299316] O:\[RAW-TV] One Piece 373(1280x720) (Divx 5).avi
[28/09/2008 19:49|--a------|175706914] O:\[VS] One Piece 372 - Eng Sub (704x400).mp4
[28/07/2001 07:07|---hs----|0] Z:\AUTOEXEC.BAT
[23/11/2004 17:48|---hs----|6] Z:\BLOCK.RIN
[09/01/2002 20:52|---hs----|244] Z:\BOOT.INI
[17/08/2001 10:26|---hs----|237728] Z:\CMLDR
[28/07/2001 07:07|---hs----|0] Z:\CONFIG.SYS
[10/09/2002 00:14|---hs----|100] Z:\Desktop.ini
[10/09/2002 17:21|---hs----|7850] Z:\Folder.htt
[30/04/2001 21:16|---hs----|14] Z:\Graph
[25/01/2002 19:21|---hs----|0] Z:\GRAPH16
[30/11/2004 12:01|---hs----|73728] Z:\Info.exe
[28/07/2001 07:07|---hs----|0] Z:\IO.SYS
[01/01/2005 23:05|---hs----|942] Z:\MASTER.LOG
[28/07/2001 07:07|---hs----|0] Z:\MSDOS.SYS
[25/07/2001 23:00|---hs----|45124] Z:\NTDETECT.COM
[17/08/2001 16:32|---hs----|0] Z:\NTFS
[25/07/2001 23:00|---hs----|222880] Z:\NTLDR
[03/03/2003 13:46|---hs----|111377] Z:\protect.ed
[23/11/2004 17:39|---hs----|36] Z:\SaveFile.Dir
[30/04/2001 21:16|---hs----|14] Z:\SVGA
[01/01/2005 23:05|--ahs----|942] Z:\USER
[03/03/2003 13:41|---hs----|88038] Z:\Warning.bmp
[18/08/2001 16:00|---hs----|10] Z:\WIN51
[22/01/2001 16:00|---hs----|11] Z:\WIN51.B2
[25/07/2001 16:00|---hs----|11] Z:\WIN51.RC1
[25/07/2001 21:47|---hs----|11] Z:\WIN51.RC2
[18/08/2001 16:00|---hs----|10] Z:\WIN51IC
[20/03/2001 16:00|---hs----|11] Z:\WIN51IC.B2
[25/07/2001 16:00|---hs----|11] Z:\WIN51IC.RC1
[25/07/2001 16:00|---hs----|11] Z:\WIN51IC.RC2
[17/08/2001 16:00|---hs----|10] Z:\WIN51IP
[22/01/2001 16:00|---hs----|11] Z:\WIN51IP.B2
[25/07/2001 21:47|---hs----|11] Z:\WIN51IP.RC2
[17/08/2001 14:17|---hs----|184] Z:\WINBOM.INI
[24/02/2004 17:38|--a------|498] Z:\BATCH.OLD
[01/02/2006 13:39|--ahs----|1552] Z:\BATCH.LOG
[01/01/2005 23:41|---hs----|218] Z:\cPCinfo.log

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.
# O:\autorun.inf -> Dossier créé par UsbFix.
# Z:\autorun.inf -> Dossier créé par UsbFix.

################## | Suspect | http://www.virustotal.com |


################## | Cracks / Keygens / Serials |


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\COMPAQ~1\Bureau\UsbFix_Upload_Me_KURO.zip : http://forum-aide-contre-virus.be/usbfix/choix_fichier.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.048 ! |

J'ai bien uploader sur le site internet comme le demande le logiciel.

Tu peux refaire l'option 2 de usbfix stp ? ♦G3и-н@¢км@и™©®♦