Défi pour helper

lut,
pour les virus c'est dans virus/sécurité, pas hardware (a moins que tu veuille qu'on désosse ton matos ^^)

ok j'ai créer un topic dans le forum approprié:
http://www.commentcamarche.net/forum/affich-22077094-defi-pour-un-helper#p22077094

ha ben non, elle est passée aux fraises...

comment ça se fait?

Redirigé dans V/S.

salut,
je parlais du lecteur blu-ray

Salut gen-hackman

Blu-ray !

Edit: papa_ours est toujours la, je me retire. Bonne nuit

et si tu le debranches ?

plus rien! (pour l'instant)

revenons ici

je parlais de juste debrancher la nappe

oui, exactement

c'est quoi que tu apelles "redémarre" ?

Il vaut mieux lire son autre topic, qui est plus complet.

visuellement parlant, elle se comporte exactement de le même façon que lors d'un démarrage ou d'un redémarrage du pc;
la diode en façade s'allume à plusieurs reprises et elle émet deux ou trois "clic"

voila, et merci de ton aide

2011/05/12 01:19:41.0840 3508 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/12 01:19:42.0180 3508 ================================================================================
2011/05/12 01:19:42.0180 3508 SystemInfo:
2011/05/12 01:19:42.0180 3508
2011/05/12 01:19:42.0180 3508 OS Version: 6.1.7601 ServicePack: 1.0
2011/05/12 01:19:42.0180 3508 Product type: Workstation
2011/05/12 01:19:42.0180 3508 ComputerName: YANNICK-PC
2011/05/12 01:19:42.0180 3508 UserName: yannick
2011/05/12 01:19:42.0180 3508 Windows directory: C:\Windows
2011/05/12 01:19:42.0180 3508 System windows directory: C:\Windows
2011/05/12 01:19:42.0180 3508 Running under WOW64
2011/05/12 01:19:42.0180 3508 Processor architecture: Intel x64
2011/05/12 01:19:42.0180 3508 Number of processors: 4
2011/05/12 01:19:42.0180 3508 Page size: 0x1000
2011/05/12 01:19:42.0180 3508 Boot type: Normal boot
2011/05/12 01:19:42.0180 3508 ================================================================================
2011/05/12 01:19:42.0630 3508 Initialize success
2011/05/12 01:19:44.0310 1328 ================================================================================
2011/05/12 01:19:44.0310 1328 Scan started
2011/05/12 01:19:44.0310 1328 Mode: Manual;
2011/05/12 01:19:44.0310 1328 ================================================================================
2011/05/12 01:19:45.0264 1328 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/05/12 01:19:45.0342 1328 a2acc (0b8ed3de81ec30ad50873f033b34b39e) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
2011/05/12 01:19:45.0404 1328 a2injectiondriver (f75ddc4047aa1ac85164445cba7601ef) C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
2011/05/12 01:19:45.0436 1328 a2util (e41d79682a209f72f4f578cfd4a53952) C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
2011/05/12 01:19:45.0498 1328 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/05/12 01:19:45.0545 1328 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/05/12 01:19:45.0576 1328 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/12 01:19:45.0607 1328 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/12 01:19:45.0638 1328 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/12 01:19:45.0716 1328 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/05/12 01:19:45.0763 1328 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/05/12 01:19:45.0810 1328 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/05/12 01:19:45.0826 1328 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/05/12 01:19:45.0841 1328 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/12 01:19:45.0888 1328 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/12 01:19:45.0919 1328 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/05/12 01:19:45.0950 1328 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/12 01:19:45.0982 1328 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/05/12 01:19:46.0013 1328 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/05/12 01:19:46.0060 1328 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/05/12 01:19:46.0075 1328 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/12 01:19:46.0169 1328 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/12 01:19:46.0325 1328 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/05/12 01:19:46.0372 1328 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/05/12 01:19:46.0418 1328 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/05/12 01:19:46.0465 1328 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/05/12 01:19:46.0543 1328 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/12 01:19:46.0590 1328 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/12 01:19:46.0621 1328 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/12 01:19:46.0637 1328 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/12 01:19:46.0668 1328 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/05/12 01:19:46.0699 1328 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/12 01:19:46.0730 1328 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/12 01:19:46.0762 1328 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/12 01:19:46.0793 1328 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/12 01:19:46.0840 1328 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/12 01:19:46.0886 1328 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/12 01:19:46.0933 1328 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/12 01:19:46.0980 1328 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/05/12 01:19:47.0042 1328 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/12 01:19:47.0074 1328 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/05/12 01:19:47.0120 1328 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/05/12 01:19:47.0152 1328 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/12 01:19:47.0183 1328 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/05/12 01:19:47.0214 1328 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/12 01:19:47.0276 1328 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
2011/05/12 01:19:47.0354 1328 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/05/12 01:19:47.0386 1328 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/05/12 01:19:47.0432 1328 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/05/12 01:19:47.0542 1328 driverhardwarev2x64 (3f9933fac064a84a293207f039860de7) C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys
2011/05/12 01:19:47.0588 1328 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/05/12 01:19:47.0651 1328 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/05/12 01:19:47.0713 1328 dvdfab (c5c75c883f18552930920a0b905646ff) C:\Windows\system32\drivers\dvdfab.sys
2011/05/12 01:19:47.0776 1328 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/12 01:19:47.0822 1328 eamonm (3ab77769efeb99eecbadcbf3d44b91e7) C:\Windows\system32\DRIVERS\eamonm.sys
2011/05/12 01:19:47.0916 1328 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/05/12 01:19:47.0978 1328 ehdrv (fdba3178662060496c6545666fc6bbe5) C:\Windows\system32\DRIVERS\ehdrv.sys
2011/05/12 01:19:48.0056 1328 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/12 01:19:48.0088 1328 epfwwfpr (3eddce232ebdb231c21175d772f2fe0a) C:\Windows\system32\DRIVERS\epfwwfpr.sys
2011/05/12 01:19:48.0123 1328 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/05/12 01:19:48.0163 1328 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/05/12 01:19:48.0193 1328 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/05/12 01:19:48.0223 1328 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/12 01:19:48.0273 1328 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/05/12 01:19:48.0293 1328 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/05/12 01:19:48.0323 1328 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/12 01:19:48.0373 1328 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/05/12 01:19:48.0413 1328 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/05/12 01:19:48.0443 1328 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/12 01:19:48.0533 1328 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/12 01:19:48.0563 1328 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/12 01:19:48.0653 1328 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/12 01:19:48.0703 1328 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/05/12 01:19:48.0753 1328 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/12 01:19:48.0783 1328 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/12 01:19:48.0813 1328 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/12 01:19:48.0833 1328 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/12 01:19:48.0883 1328 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/12 01:19:48.0953 1328 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/12 01:19:49.0023 1328 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/05/12 01:19:49.0073 1328 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/12 01:19:49.0113 1328 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/12 01:19:49.0153 1328 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/05/12 01:19:49.0193 1328 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/12 01:19:49.0293 1328 IntcAzAudAddService (bfbabcb231628a4551dbb10d0ea25d62) C:\Windows\system32\drivers\RTKVHD64.sys
2011/05/12 01:19:49.0343 1328 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/05/12 01:19:49.0383 1328 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/12 01:19:49.0423 1328 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/12 01:19:49.0463 1328 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/12 01:19:49.0493 1328 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/05/12 01:19:49.0523 1328 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/05/12 01:19:49.0563 1328 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/05/12 01:19:49.0593 1328 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/05/12 01:19:49.0633 1328 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/12 01:19:49.0663 1328 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/12 01:19:49.0713 1328 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/12 01:19:49.0753 1328 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/12 01:19:49.0783 1328 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/05/12 01:19:49.0873 1328 LHidFilt (ceb6e18dcfad5c72b81c7da1ac3c1cc1) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/05/12 01:19:49.0943 1328 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/12 01:19:49.0983 1328 LMouFilt (f9e48f18be4d2b365f138987b8e7885b) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/05/12 01:19:50.0013 1328 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/12 01:19:50.0043 1328 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/12 01:19:50.0063 1328 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/12 01:19:50.0093 1328 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/12 01:19:50.0129 1328 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/05/12 01:19:50.0176 1328 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/12 01:19:50.0207 1328 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/12 01:19:50.0254 1328 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/05/12 01:19:50.0269 1328 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/12 01:19:50.0316 1328 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/12 01:19:50.0347 1328 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/12 01:19:50.0378 1328 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/05/12 01:19:50.0425 1328 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/05/12 01:19:50.0456 1328 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/12 01:19:50.0534 1328 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/05/12 01:19:50.0566 1328 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/12 01:19:50.0597 1328 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/12 01:19:50.0644 1328 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/12 01:19:50.0675 1328 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/05/12 01:19:50.0706 1328 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/05/12 01:19:50.0768 1328 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/05/12 01:19:50.0800 1328 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/12 01:19:50.0831 1328 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/05/12 01:19:50.0878 1328 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/12 01:19:50.0909 1328 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/12 01:19:50.0924 1328 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/05/12 01:19:50.0987 1328 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/05/12 01:19:51.0018 1328 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/05/12 01:19:51.0049 1328 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/05/12 01:19:51.0080 1328 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/12 01:19:51.0096 1328 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/05/12 01:19:51.0158 1328 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/12 01:19:51.0236 1328 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/05/12 01:19:51.0330 1328 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/12 01:19:51.0361 1328 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/12 01:19:51.0424 1328 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/12 01:19:51.0470 1328 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/12 01:19:51.0502 1328 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/05/12 01:19:51.0533 1328 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/12 01:19:51.0626 1328 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/12 01:19:51.0704 1328 netr7364 (0461e245827ecf7c52cdd56df0d66fa9) C:\Windows\system32\DRIVERS\netr7364.sys
2011/05/12 01:19:51.0767 1328 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/12 01:19:51.0798 1328 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/05/12 01:19:51.0829 1328 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/12 01:19:51.0892 1328 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/05/12 01:19:51.0954 1328 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/05/12 01:19:52.0001 1328 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
2011/05/12 01:19:52.0297 1328 nvlddmkm (a963c2c276a97b088ded5d7a83be8052) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/05/12 01:19:52.0578 1328 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/05/12 01:19:52.0609 1328 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/05/12 01:19:52.0672 1328 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/05/12 01:19:52.0734 1328 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/05/12 01:19:52.0812 1328 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/05/12 01:19:52.0859 1328 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/05/12 01:19:52.0906 1328 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/05/12 01:19:52.0937 1328 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/05/12 01:19:52.0968 1328 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/12 01:19:52.0999 1328 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/05/12 01:19:53.0030 1328 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/05/12 01:19:53.0186 1328 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/12 01:19:53.0202 1328 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/05/12 01:19:53.0280 1328 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/12 01:19:53.0358 1328 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/12 01:19:53.0405 1328 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/12 01:19:53.0452 1328 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/12 01:19:53.0483 1328 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/12 01:19:53.0545 1328 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/12 01:19:53.0592 1328 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/12 01:19:53.0623 1328 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/12 01:19:53.0654 1328 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/12 01:19:53.0701 1328 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/12 01:19:53.0732 1328 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/12 01:19:53.0764 1328 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/12 01:19:53.0810 1328 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
2011/05/12 01:19:53.0842 1328 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/12 01:19:53.0873 1328 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/12 01:19:53.0935 1328 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/05/12 01:19:53.0966 1328 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/05/12 01:19:54.0013 1328 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/05/12 01:19:54.0076 1328 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/12 01:19:54.0138 1328 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/05/12 01:19:54.0169 1328 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
2011/05/12 01:19:54.0278 1328 SANDRA (5efbbfcc6adac121c8e2fe76641ed329) C:\Program Files\SiSoftware\SiSoftware Sandra Professionnel Personnel 2010.SP1d\WNt500x64\Sandra.sys
2011/05/12 01:19:54.0341 1328 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/05/12 01:19:54.0388 1328 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/12 01:19:54.0434 1328 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/12 01:19:54.0497 1328 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/12 01:19:54.0537 1328 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/05/12 01:19:54.0587 1328 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/12 01:19:54.0637 1328 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/05/12 01:19:54.0667 1328 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/12 01:19:54.0697 1328 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/12 01:19:54.0727 1328 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/12 01:19:54.0767 1328 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/12 01:19:54.0797 1328 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/12 01:19:54.0837 1328 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/05/12 01:19:54.0887 1328 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/05/12 01:19:54.0957 1328 sptd (4b3f898dc1378ced2f35d04e5b0ce0df) C:\Windows\System32\Drivers\sptd.sys
2011/05/12 01:19:54.0957 1328 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 4b3f898dc1378ced2f35d04e5b0ce0df
2011/05/12 01:19:54.0957 1328 sptd - detected LockedFile.Multi.Generic (1)
2011/05/12 01:19:55.0007 1328 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/05/12 01:19:55.0047 1328 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/12 01:19:55.0077 1328 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/12 01:19:55.0117 1328 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/12 01:19:55.0177 1328 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
2011/05/12 01:19:55.0227 1328 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
2011/05/12 01:19:55.0267 1328 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/05/12 01:19:55.0417 1328 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/05/12 01:19:55.0477 1328 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/12 01:19:55.0537 1328 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/12 01:19:55.0567 1328 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/05/12 01:19:55.0607 1328 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/05/12 01:19:55.0647 1328 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/12 01:19:55.0677 1328 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/05/12 01:19:55.0747 1328 TfFsMon (21ac1ffd8f59b0ebfbbb2c3467e9f2cf) C:\Windows\system32\drivers\TfFsMon.sys
2011/05/12 01:19:55.0777 1328 TfNetMon (b0ebe0ce99e4751cf7637a09fead7eda) C:\Windows\system32\drivers\TfNetMon.sys
2011/05/12 01:19:55.0817 1328 TfSysMon (d6e991dcdd91323d979878025f0ceaea) C:\Windows\system32\drivers\TfSysMon.sys
2011/05/12 01:19:55.0897 1328 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/12 01:19:55.0947 1328 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/05/12 01:19:56.0017 1328 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/12 01:19:56.0057 1328 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/12 01:19:56.0117 1328 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/12 01:19:56.0167 1328 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/12 01:19:56.0207 1328 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/05/12 01:19:56.0237 1328 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/12 01:19:56.0287 1328 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/05/12 01:19:56.0337 1328 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/12 01:19:56.0377 1328 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/05/12 01:19:56.0427 1328 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/12 01:19:56.0497 1328 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/12 01:19:56.0537 1328 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/12 01:19:56.0573 1328 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/12 01:19:56.0619 1328 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/12 01:19:56.0651 1328 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/12 01:19:56.0697 1328 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/12 01:19:56.0760 1328 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/12 01:19:56.0807 1328 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/12 01:19:56.0838 1328 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/05/12 01:19:56.0885 1328 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/05/12 01:19:56.0931 1328 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/05/12 01:19:56.0963 1328 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
2011/05/12 01:19:56.0994 1328 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
2011/05/12 01:19:57.0041 1328 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/05/12 01:19:57.0087 1328 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/05/12 01:19:57.0134 1328 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/05/12 01:19:57.0165 1328 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/12 01:19:57.0181 1328 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/05/12 01:19:57.0212 1328 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/05/12 01:19:57.0259 1328 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/12 01:19:57.0306 1328 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/12 01:19:57.0337 1328 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/12 01:19:57.0399 1328 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/05/12 01:19:57.0446 1328 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/12 01:19:57.0524 1328 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/12 01:19:57.0555 1328 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/05/12 01:19:57.0680 1328 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/12 01:19:57.0758 1328 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/12 01:19:57.0821 1328 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/05/12 01:19:57.0867 1328 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/12 01:19:57.0977 1328 {95808DC4-FA4A-4C74-92FE-5B863F82066B} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl
2011/05/12 01:19:58.0039 1328 ================================================================================
2011/05/12 01:19:58.0039 1328 Scan finished
2011/05/12 01:19:58.0039 1328 ================================================================================
2011/05/12 01:19:58.0055 4376 Detected object count: 1
2011/05/12 01:20:06.0142 4376 LockedFile.Multi.Generic(sptd) - User select action: Skip

oui exactement

voila

############################## | UsbFix 7.044 | [Deletion]

User: yannick (Administrator) # YANNICK-PC [HP-Pavilion KP219AA-ABF m9273.fr]
Updated 25/04/2011 by TeamXscript
Started at 01:58:49 | 12/05/2011
Website: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
CPU 2: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Microsoft Windows 7 Édition Intégrale (6.1.7601 64-Bit) # Service Pack 1
Internet Explorer 9.0.8112.16421

Windows Firewall: Enabled
RAM -> 4095 Mb
C:\ (%systemdrive%) -> Fixed drive # 244 Gb (148 Mb free - 60%) [] # NTFS
D:\ -> Fixed drive # 466 Gb (135 Mb free - 29%) [] # NTFS
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> CD-ROM
K:\ -> Fixed drive # 221 Gb (94 Mb free - 42%) [] # NTFS

################## | Files # Infected Folders |


Deleted ! C:\Users\yannick\AppData\Roaming\dll
Deleted ! C:\Users\yannick\AppData\Roaming\temp4876969.txt
Deleted ! C:\$RECYCLE.BIN\S-1-5-20
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-4232598072-1058645508-674976008-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-20
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-2217973571-2771636368-3193357204-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-2217973571-2771636368-3193357204-1003
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-4232598072-1058645508-674976008-1000
Deleted ! K:\$RECYCLE.BIN\S-1-5-21-4232598072-1058645508-674976008-1000

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[12/05/2011 - 02:03:19 | SHD ] C:\$Recycle.Bin
[22/02/2011 - 23:10:00 | SHD ] C:\Boot
[20/11/2010 - 14:40:07 | RASH | 383786] C:\bootmgr
[02/02/2011 - 03:46:46 | RASH | 8192] C:\BOOTSECT.BAK
[11/05/2011 - 00:18:59 | SHD ] C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.3082.txt
[07/11/2007 - 08:00:40 | N | 1110] C:\globdata.ini
[24/04/2011 - 00:24:44 | N | 13932208] C:\Google.exe
[11/05/2011 - 07:57:46 | ASH | 3220664320] C:\hiberfil.sys
[04/05/2011 - 03:53:14 | N | 100] C:\index.ini
[07/11/2007 - 08:44:20 | N | 855040] C:\install.exe
[07/11/2007 - 08:00:40 | N | 843] C:\install.ini
[07/11/2007 - 08:44:20 | N | 75280] C:\install.res.1028.dll
[07/11/2007 - 08:44:20 | N | 95248] C:\install.res.1031.dll
[07/11/2007 - 08:44:20 | N | 90128] C:\install.res.1033.dll
[07/11/2007 - 08:44:20 | N | 96272] C:\install.res.1036.dll
[07/11/2007 - 08:44:20 | N | 94224] C:\install.res.1040.dll
[07/11/2007 - 08:44:20 | N | 80400] C:\install.res.1041.dll
[07/11/2007 - 08:44:20 | N | 78864] C:\install.res.1042.dll
[07/11/2007 - 08:44:20 | N | 74768] C:\install.res.2052.dll
[07/11/2007 - 08:44:20 | N | 95248] C:\install.res.3082.dll
[21/09/2010 - 00:50:14 | D ] C:\Intel
[22/08/2010 - 17:31:24 | N | 177] C:\ITB.log
[02/12/2006 - 00:37:14 | N | 904704] C:\msdia80.dll
[29/10/2010 - 01:32:30 | RHD ] C:\MSOCache
[26/08/2010 - 18:49:00 | D ] C:\NVIDIA
[11/05/2011 - 07:57:49 | ASH | 4294221824] C:\pagefile.sys
[25/04/2011 - 00:45:38 | D ] C:\Program Files
[11/05/2011 - 16:37:02 | D ] C:\Program Files (x86)
[03/05/2011 - 13:15:24 | HD ] C:\ProgramData
[30/04/2011 - 23:29:10 | D ] C:\Qoobox
[01/02/2011 - 19:06:33 | SHD ] C:\Recovery
[11/05/2011 - 00:14:48 | SHD ] C:\System Volume Information
[09/05/2011 - 02:02:21 | D ] C:\UnrealTournament
[12/05/2011 - 02:03:21 | D ] C:\UsbFix
[12/05/2011 - 01:59:01 | A | 3936] C:\UsbFix.txt
[05/05/2011 - 13:37:46 | D ] C:\Users
[07/11/2007 - 08:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 08:50:40 | N | 1927956] C:\VC_RED.cab
[07/11/2007 - 08:53:12 | N | 242176] C:\VC_RED.MSI
[11/05/2011 - 00:22:21 | D ] C:\Windows
[12/05/2011 - 02:03:19 | SHD ] D:\$RECYCLE.BIN
[18/03/2011 - 16:29:30 | D ] D:\documents
[01/05/2011 - 20:24:31 | D ] D:\images
[11/05/2011 - 22:19:51 | D ] D:\incoming
[09/05/2011 - 02:08:21 | D ] D:\jeux
[10/05/2011 - 13:45:53 | D ] D:\Music
[07/05/2011 - 02:04:56 | D ] D:\programmes
[16/11/2010 - 02:38:58 | SHD ] D:\System Volume Information
[15/04/2011 - 13:24:43 | D ] D:\Videos
[10/11/2010 - 02:19:20 | N | 691] D:\Yannick - Raccourci.lnk
[12/05/2011 - 02:03:21 | SHD ] K:\$RECYCLE.BIN
[02/05/2011 - 13:49:00 | N | 528] K:\MediaID.bin
[02/05/2011 - 17:32:42 | SHD ] K:\System Volume Information
[02/05/2011 - 16:26:01 | D ] K:\WindowsImageBackup
[02/05/2011 - 13:49:33 | D ] K:\YANNICK-PC

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
D:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
K:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_YANNICK-PC.zip
http://www.teamxscript.org/Upload.php
Thank you for your contribution.

################## | E.O.F |

je me suis posé la question moi aussi mais je n'en sais rien.
j'ai eu google earth un moment, peut être que c'est ca?

y'a une icone speciale ou juste l'icone simple d'un exe ,?

je n'ai rien de tel sur mon bureau. rien non plus dans le menu demarrer. rien en tout cas qui correspond à google.exe

ca ne repond pas à ma question

ah pardon je vient de trouver le .exe de google earth dans C:

voila:

http://www.cijoint.fr/cjlink.php?file=cj201105/cijSiHNRXt.txt

après avoir scrupuleusement suivi toutes tes instructions, il s'est avéré impossible de faire fonctionner pre_scan.
après l'apparition de la fenêtre me disant qu'un proxy à été détecté, une deuxième s'ouvre et me dit que "g3n h@ckm@n à cessé de fonctionner", il m'est alors impossible de cliquer rapidement sur pre_scan puisque tout les logos de mon bureau ont (à ce moment là) disparu, et je dois redémarrer ma cession ensuite.
j'ai renommé pre_scan en winlogon, j'ai aussi changer l'extension en .com et en .scr (sous les noms "pre_scan" et "winlogon") mais rien à faire, à chaques tentatives, cette fenêtre me disant que "g3n h@ckm@n à cessé de fonctionner" apparait.

j'ai donc effectué un deuxième scan en ayant bel et bien désactiver windows defender:

ComboFix 11-05-11.04 - yannick 12/05/2011 21:41:09.2.4 - x64
Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.33.1033.18.4095.3003 [GMT 2:00]
Lancé depuis: c:\users\yannick\Desktop\yannick.exe
AV: Emsisoft Anti-Malware *Disabled/Updated* {0ADC9F7D-20C1-240F-01E2-43466EBA893A}
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: Emsisoft Anti-Malware *Disabled/Updated* {B1BD7E99-06FB-2B81-3B52-7834153DC387}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-12 au 2011-05-12 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-12 19:56 . 2011-05-12 19:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-12 15:17 . 2011-05-12 19:26 -------- d-----w- C:\yannick
2011-05-12 11:18 . 2011-05-12 11:18 -------- d-----w- c:\users\yannick\AppData\Local\{9139154A-FDF5-4E73-A3B2-9DFC096EA4F0}
2011-05-12 09:21 . 2011-05-12 09:21 -------- d-----w- C:\Kill'em
2011-05-12 09:06 . 2011-05-12 09:06 -------- d-----w- c:\program files (x86)\File Extension Changer
2011-05-12 00:54 . 2011-05-12 00:54 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-05-12 00:40 . 2011-05-12 00:54 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-05-11 23:56 . 2011-05-12 00:03 -------- d-----w- C:\UsbFix
2011-05-11 22:25 . 2011-05-11 22:25 -------- d-----w- c:\users\yannick\AppData\Local\{403378D5-E483-4DB0-8AA5-9B6CFFCBA4F4}
2011-05-11 14:37 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-11 14:37 . 2011-05-11 14:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-11 10:24 . 2011-05-11 10:25 -------- d-----w- c:\users\yannick\AppData\Local\{7503200D-3EA4-4D08-949F-CFD295ED352B}
2011-05-10 22:23 . 2011-05-10 22:24 -------- d-----w- c:\users\yannick\AppData\Local\{9DAED211-F5FF-41A9-816B-89A69003479F}
2011-05-10 22:13 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-10 22:13 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-10 22:12 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-10 22:12 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-10 22:12 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-10 20:15 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-10 20:15 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-10 20:15 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-10 20:15 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-10 20:15 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-10 20:15 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-10 10:21 . 2011-05-10 10:21 -------- d-----w- c:\users\yannick\AppData\Local\{3244256B-1CE4-4313-B45E-2979068DDC86}
2011-05-10 06:36 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{65E35226-36EE-4D91-9312-C838160594C7}\mpengine.dll
2011-05-09 22:20 . 2011-05-09 22:21 -------- d-----w- c:\users\yannick\AppData\Local\{5D30ABB8-F05D-468B-8916-85EE86829F96}
2011-05-09 10:20 . 2011-05-09 10:20 -------- d-----w- c:\users\yannick\AppData\Local\{B6746E93-D34C-4DC7-9319-B4512BEFA767}
2011-05-08 23:48 . 2011-05-09 00:02 -------- d-----w- C:\UnrealTournament
2011-05-08 22:19 . 2011-05-08 22:19 -------- d-----w- c:\users\yannick\AppData\Local\{59049912-73B5-4365-A0C8-014CB2C0DF14}
2011-05-08 10:19 . 2011-05-08 10:19 -------- d-----w- c:\users\yannick\AppData\Local\{28C4179A-A120-4C07-A886-E02D91C0363B}
2011-05-07 21:53 . 2011-05-07 21:53 -------- d-----w- c:\users\yannick\AppData\Local\{C7418C1B-F9B0-4BAF-A132-8AA5E8C6E5C4}
2011-05-07 09:52 . 2011-05-07 09:52 -------- d-----w- c:\users\yannick\AppData\Local\{85C242FD-264F-4B5D-8C33-21FF9C255D09}
2011-05-06 21:51 . 2011-05-06 21:52 -------- d-----w- c:\users\yannick\AppData\Local\{282336CA-3837-4B3B-8646-0B89349DB2DF}
2011-05-06 09:51 . 2011-05-06 09:51 -------- d-----w- c:\users\yannick\AppData\Local\{15096215-0F67-4034-9841-04B9BE7FD8AD}
2011-05-05 21:50 . 2011-05-05 21:50 -------- d-----w- c:\users\yannick\AppData\Local\{4FD62717-511E-4D02-A1F6-E615815ABA2C}
2011-05-05 18:21 . 2011-05-05 18:21 -------- d-----w- c:\users\yannick\AppData\Local\Zattoo
2011-05-05 18:21 . 2011-05-05 18:25 -------- d-----w- c:\program files (x86)\Zattoo4
2011-05-05 09:50 . 2011-05-05 09:50 -------- d-----w- c:\users\yannick\AppData\Local\{00E861DC-BC08-488E-AFAB-16F743FE3BAF}
2011-05-04 23:58 . 2011-05-04 23:59 -------- d-----w- c:\users\yannick\AppData\Roaming\Offline Explorer
2011-05-04 23:56 . 2011-05-05 00:01 -------- d-----w- c:\program files (x86)\Offline Explorer Enterprise
2011-05-04 21:49 . 2011-05-04 21:49 -------- d-----w- c:\users\yannick\AppData\Local\{D31116AC-2B54-465D-B1C5-ACFA4A101319}
2011-05-04 09:48 . 2011-05-04 09:49 -------- d-----w- c:\users\yannick\AppData\Local\{4BD66317-8484-4D87-B88C-CEEA3B3CBBA9}
2011-05-03 21:48 . 2011-05-03 21:48 -------- d-----w- c:\users\yannick\AppData\Local\{C24FE7F9-1699-4720-9ECC-F1AAEE3AFA29}
2011-05-03 11:15 . 2010-01-14 14:08 59880 ----a-w- c:\windows\system32\drivers\TfSysMon.sys
2011-05-03 11:15 . 2010-01-14 14:08 41888 ----a-w- c:\windows\system32\drivers\TfNetMon.sys
2011-05-03 11:15 . 2010-01-14 14:08 65072 ----a-w- c:\windows\system32\drivers\TfFsMon.sys
2011-05-03 11:15 . 2011-05-03 11:15 -------- d-----w- c:\program files (x86)\ThreatFire
2011-05-03 11:15 . 2011-05-03 11:15 -------- d-----w- c:\programdata\PC Tools
2011-05-03 09:47 . 2011-05-03 09:47 -------- d-----w- c:\users\yannick\AppData\Local\{3792A250-0EB3-4524-B530-A62573877137}
2011-05-02 23:03 . 2011-05-02 23:03 -------- d-----w- c:\users\yannick\AppData\Roaming\OpenDNS Updater
2011-05-02 23:02 . 2011-05-02 23:03 -------- d-----w- c:\program files (x86)\OpenDNS Updater
2011-05-02 21:46 . 2011-05-02 21:47 -------- d-----w- c:\users\yannick\AppData\Local\{DFEA948B-9D30-4C2C-AA82-C0AAAC9E9C44}
2011-05-02 08:17 . 2011-05-02 08:17 -------- d-----w- c:\users\yannick\AppData\Local\{D1972559-17DE-4353-8C11-43D0BCBFB0B7}
2011-05-01 20:16 . 2011-05-01 20:17 -------- d-----w- c:\users\yannick\AppData\Local\{4BC951E0-A8E1-4421-8CE6-905598D0E6CF}
2011-05-01 14:38 . 2011-05-12 19:36 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2011-05-01 11:48 . 2011-05-01 11:48 0 ----a-w- c:\programdata\xmlF126.tmp
2011-05-01 11:48 . 2011-05-01 11:48 0 ----a-w- c:\programdata\xmlCC57.tmp
2011-05-01 08:16 . 2011-05-01 08:16 -------- d-----w- c:\users\yannick\AppData\Local\{FAEB09C6-0D4D-43D3-905B-1D4EA20A87D6}
2011-04-30 22:50 . 2011-04-30 22:50 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-30 18:36 . 2011-04-30 18:37 -------- d-----w- c:\users\yannick\AppData\Local\{0D277D12-DDB5-4B90-93DB-1C069BDD943C}
2011-04-30 18:28 . 2011-04-30 22:50 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-04-30 18:18 . 2009-05-19 15:39 3072 ------w- c:\windows\SysWow64\BrDctF2S.dll
2011-04-30 18:18 . 2007-12-13 20:16 73728 ------w- c:\windows\SysWow64\BrDctF2.dll
2011-04-30 18:18 . 2007-12-13 20:16 5120 ------w- c:\windows\SysWow64\BrDctF2L.dll
2011-04-30 18:18 . 2006-12-28 11:39 176128 ------w- c:\windows\SysWow64\BroSNMP.dll
2011-04-30 18:17 . 2008-06-17 13:33 167936 ------w- c:\windows\SysWow64\NSSearch.dll
2011-04-30 18:17 . 2011-04-30 18:17 -------- d-----w- c:\users\yannick\AppData\Roaming\InstallShield
2011-04-30 14:27 . 2011-04-30 17:59 -------- dc----w- c:\windows\system32\DRVSTORE
2011-04-30 14:27 . 2011-04-30 14:27 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-04-30 14:23 . 2011-04-30 14:23 -------- d-----w- c:\users\yannick\AppData\Local\Sunbelt Software
2011-04-30 14:22 . 2011-04-30 17:59 -------- d-----w- c:\programdata\Lavasoft
2011-04-30 06:36 . 2011-04-30 06:36 -------- d-----w- c:\users\yannick\AppData\Local\{145F2AAB-9881-48A9-BE86-ACD962C15608}
2011-04-29 18:35 . 2011-04-29 18:35 -------- d-----w- c:\users\yannick\AppData\Local\{07B0D91D-8CE9-456B-BD82-511E31BAADD3}
2011-04-29 06:34 . 2011-04-29 06:35 -------- d-----w- c:\users\yannick\AppData\Local\{12DF4916-8207-4CC5-9384-0CE264C1E4CA}
2011-04-28 18:34 . 2011-04-28 18:34 -------- d-----w- c:\users\yannick\AppData\Local\{F6C2BB08-3AC0-4F81-95AF-F298CFDF0AEF}
2011-04-28 06:33 . 2011-04-28 06:33 -------- d-----w- c:\users\yannick\AppData\Local\{847C7A71-FAB4-4507-A12D-D5D979817720}
2011-04-27 23:02 . 2005-03-11 22:07 87040 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-04-27 23:02 . 1998-06-23 22:00 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2011-04-27 23:02 . 2011-04-27 23:03 -------- d-----w- c:\program files (x86)\PDFCreator
2011-04-27 23:02 . 1998-07-12 23:08 141312 ----a-w- c:\windows\SysWow64\MSCMCFR.DLL
2011-04-27 23:02 . 1998-07-05 22:00 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
2011-04-27 18:33 . 2011-04-27 18:33 -------- d-----w- c:\users\yannick\AppData\Local\{1AEABE3E-7393-4B59-99D3-DF44E7E322AE}
2011-04-27 06:28 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 06:28 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-27 06:28 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-04-27 06:28 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-27 06:28 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2011-04-27 06:28 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-04-27 06:28 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-04-27 06:28 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2011-04-27 06:27 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2011-04-27 06:27 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-04-27 06:27 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-04-27 06:27 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-04-27 06:27 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-04-27 06:27 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-04-27 06:27 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-04-27 06:27 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-04-27 06:27 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-04-26 21:54 . 2011-04-26 21:54 -------- d-----w- c:\users\yannick\AppData\Local\{05CA20F2-5E34-4FB5-8AA5-42CE6029170F}
2011-04-26 09:54 . 2011-04-26 09:54 -------- d-----w- c:\users\yannick\AppData\Local\{C0BB52DB-DE4C-4951-8293-D02407A75F8D}
2011-04-26 01:08 . 2011-04-26 01:08 -------- d-----w- c:\users\yannick\AppData\Roaming\skypePM
2011-04-26 01:08 . 2011-04-26 01:08 -------- d-----w- c:\programdata\Skype Extras
2011-04-26 01:07 . 2011-04-26 01:09 -------- d-----w- c:\users\yannick\AppData\Roaming\Skype
2011-04-26 01:07 . 2011-04-26 01:07 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-04-26 01:07 . 2011-05-01 19:15 -------- d-----r- c:\program files (x86)\Skype
2011-04-26 01:07 . 2011-04-26 01:07 -------- d-----w- c:\programdata\Skype
2011-04-25 21:53 . 2011-04-25 21:53 -------- d-----w- c:\users\yannick\AppData\Local\{0F4AE62B-A9C0-4D0E-BBBC-604BF65B73E1}
2011-04-25 09:52 . 2011-04-25 09:53 -------- d-----w- c:\users\yannick\AppData\Local\{1A29B142-BBD0-4504-B86F-DE4F750704C0}
2011-04-24 23:08 . 2011-04-24 23:15 -------- d-----w- c:\windows\SysWow64\quicktime
2011-04-24 22:45 . 2011-04-24 22:48 -------- d-----w- c:\users\yannick\AppData\Roaming\DivX
2011-04-24 22:45 . 2011-04-24 22:45 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-04-24 22:45 . 2011-04-24 23:16 -------- d-----w- c:\program files\DivX
2011-04-24 22:42 . 2011-04-24 23:16 -------- d-----w- c:\program files (x86)\DivX
2011-04-24 22:41 . 2011-04-24 23:16 -------- d-----w- c:\programdata\DivX
2011-04-24 21:52 . 2011-04-24 21:52 -------- d-----w- c:\users\yannick\AppData\Local\{92EAEB2E-893B-424B-BBFA-1E4F6345DA6F}
2011-04-24 09:51 . 2011-04-24 09:51 -------- d-----w- c:\users\yannick\AppData\Local\{6058B1D8-4A85-41C1-BB32-D4D1B3924366}
2011-04-23 21:50 . 2011-04-23 21:51 -------- d-----w- c:\users\yannick\AppData\Local\{6B124F2B-687D-4C4F-83EC-D781413047E9}
2011-04-23 10:50 . 2011-04-30 18:18 -------- d-----w- c:\program files (x86)\Brother
2011-04-23 09:50 . 2011-04-23 09:50 -------- d-----w- c:\users\yannick\AppData\Local\{7C0A5094-9C19-459C-91D5-4FC969440877}
2011-04-23 01:17 . 2011-04-23 01:17 -------- d-----w- c:\programdata\Solidshield
2011-04-22 21:49 . 2011-04-22 21:49 -------- d-----w- c:\users\yannick\AppData\Local\{78E68C18-5CF1-4B65-98EA-031179724E18}
2011-04-22 09:49 . 2011-04-22 09:49 -------- d-----w- c:\users\yannick\AppData\Local\{B27F5020-D8EB-4668-9814-C6D4E701B1A2}
2011-04-21 22:07 . 2011-04-21 22:07 0 ----a-w- c:\programdata\xmlE199.tmp
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-12 00:03 . 2011-05-12 00:03 14858 ----a-w- C:\UsbFix_Upload_Me_YANNICK-PC.zip
2011-04-21 19:35 . 2011-02-03 19:56 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-04-21 06:33 . 2011-03-21 11:03 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-04-21 06:32 . 2011-03-21 10:43 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-04-11 19:17 . 2011-04-11 19:17 2724120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-04-11 19:16 . 2011-04-11 19:16 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-04-11 19:16 . 2011-04-11 19:16 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-04-08 05:14 . 2011-02-23 06:28 8411752 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-04-08 05:14 . 2011-02-23 06:28 6299752 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-04-08 05:14 . 2011-02-23 06:28 10071656 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-04-08 05:14 . 2010-07-10 04:38 2273896 ----a-w- c:\windows\system32\nvapi64.dll
2011-04-07 21:19 . 2011-04-07 21:19 2582120 ----a-w- c:\windows\system32\nvsvcr.dll
2011-04-07 21:19 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 21:19 . 2011-04-07 21:19 1012328 ----a-w- c:\windows\system32\nvvsvc.exe
2011-04-07 21:19 . 2011-04-07 21:19 797288 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-04-07 21:19 . 2011-04-07 21:19 6338152 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 21:18 . 2011-04-07 21:18 3041384 ----a-w- c:\windows\system32\nvsvc64.dll
2011-03-21 10:43 . 2011-03-21 10:43 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-03-14 22:04 . 2011-03-14 22:04 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-14 22:04 . 2011-03-14 22:04 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-03-14 22:04 . 2011-03-14 22:04 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-03-09 06:04 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-04 06:19 . 2011-04-27 06:28 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-04-27 06:28 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-02-23 06:28 . 2011-02-23 06:28 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
2011-02-23 06:28 . 2011-02-23 06:28 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2011-02-22 20:50 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-02-22 20:50 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-19 12:05 . 2011-03-09 06:07 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 12:04 . 2011-03-09 06:07 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 12:04 . 2011-03-09 06:07 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:30 . 2011-03-09 06:07 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 06:30 . 2011-03-09 06:07 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-12_18.36.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-02 12:06 . 2011-05-12 19:25 384622 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"a-squared"="c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2guard.exe" [2011-03-10 3438992]
"ThreatFire"="c:\program files (x86)\ThreatFire\TFTray.exe" [2010-01-14 378128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"= 0
"NoActiveDesktopChanges"= 0
"ForceActiveDesktopOn"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
SetupExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 136176]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 136176]
R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-04-12 311744]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Professionnel Personnel 2010.SP1d\RpcAgentSrv.exe [2009-08-10 93336]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub; [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
S1 a2injectiondriver;a2injectiondriver;c:\program files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2010-09-05 48216]
S1 a2util;a-squared Malware-IDS utility driver;c:\program files (x86)\Emsisoft Anti-Malware\a2util64.sys [2010-05-05 14720]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [2011-03-29 2860800]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-04-07 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 ThreatFire;ThreatFire;c:\program files (x86)\ThreatFire\TFService.exe service [x]
S3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2011-02-20 85800]
S3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-12 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-04-15 15:24]
.
2011-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 19:45]
.
2011-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 19:45]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2839840]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\SysWOW64\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: {9A5C295B-5CAA-46A1-8439-74960B6D020D} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\yannick\AppData\Roaming\Mozilla\Firefox\Profiles\4sptc414.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.ftp - localhost
FF - prefs.js: network.proxy.ftp_port - 8118
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 8118
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 8118
FF - prefs.js: network.proxy.type - 0
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ThreatFire]
"AlternateImagePath"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-05-12 22:05:42
ComboFix-quarantined-files.txt 2011-05-12 20:05
ComboFix2.txt 2011-05-12 18:49
.
Avant-CF: 158 480 912 384 octets libres
Après-CF: 158 168 301 568 octets libres
.
- - End Of File - - C10DB5A0A7081EA70DFE4BC2D5163108

ComboFix 11-05-11.04 - yannick 12/05/2011 23:26:37.3.4 - x64
Microsoft Windows 7 Édition Intégrale 6.1.7601.1.1252.33.1033.18.4095.3061 [GMT 2:00]
Lancé depuis: c:\users\yannick\Desktop\yannick.exe
Commutateurs utilisés :: c:\users\yannick\Desktop\CFScript.txt
AV: Emsisoft Anti-Malware *Disabled/Updated* {0ADC9F7D-20C1-240F-01E2-43466EBA893A}
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: Emsisoft Anti-Malware *Disabled/Updated* {B1BD7E99-06FB-2B81-3B52-7834153DC387}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
FILE ::
"c:\programdata\xmlCC57.tmp"
"c:\programdata\xmlDBCE.tmp"
"c:\programdata\xmlE199.tmp"
"c:\programdata\xmlF126.tmp"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xmlCC57.tmp
c:\programdata\xmlDBCE.tmp
c:\programdata\xmlE199.tmp
c:\programdata\xmlF126.tmp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-12 au 2011-05-12 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-12 21:42 . 2011-05-12 21:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-12 15:17 . 2011-05-12 19:26 -------- d-----w- C:\yannick
2011-05-12 11:18 . 2011-05-12 11:18 -------- d-----w- c:\users\yannick\AppData\Local\{9139154A-FDF5-4E73-A3B2-9DFC096EA4F0}
2011-05-12 09:21 . 2011-05-12 09:21 -------- d-----w- C:\Kill'em
2011-05-12 09:06 . 2011-05-12 09:06 -------- d-----w- c:\program files (x86)\File Extension Changer
2011-05-12 00:54 . 2011-05-12 00:54 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-05-12 00:40 . 2011-05-12 00:54 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-05-11 23:56 . 2011-05-12 00:03 -------- d-----w- C:\UsbFix
2011-05-11 22:25 . 2011-05-11 22:25 -------- d-----w- c:\users\yannick\AppData\Local\{403378D5-E483-4DB0-8AA5-9B6CFFCBA4F4}
2011-05-11 14:37 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-11 14:37 . 2011-05-11 14:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-11 10:24 . 2011-05-11 10:25 -------- d-----w- c:\users\yannick\AppData\Local\{7503200D-3EA4-4D08-949F-CFD295ED352B}
2011-05-10 22:23 . 2011-05-10 22:24 -------- d-----w- c:\users\yannick\AppData\Local\{9DAED211-F5FF-41A9-816B-89A69003479F}
2011-05-10 22:13 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-10 22:13 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-10 22:12 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-10 22:12 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-10 22:12 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-10 20:15 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-10 20:15 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-10 20:15 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-10 20:15 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-10 20:15 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-10 20:15 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-10 10:21 . 2011-05-10 10:21 -------- d-----w- c:\users\yannick\AppData\Local\{3244256B-1CE4-4313-B45E-2979068DDC86}
2011-05-10 06:36 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{65E35226-36EE-4D91-9312-C838160594C7}\mpengine.dll
2011-05-09 22:20 . 2011-05-09 22:21 -------- d-----w- c:\users\yannick\AppData\Local\{5D30ABB8-F05D-468B-8916-85EE86829F96}
2011-05-09 10:20 . 2011-05-09 10:20 -------- d-----w- c:\users\yannick\AppData\Local\{B6746E93-D34C-4DC7-9319-B4512BEFA767}
2011-05-08 23:48 . 2011-05-09 00:02 -------- d-----w- C:\UnrealTournament
2011-05-08 22:19 . 2011-05-08 22:19 -------- d-----w- c:\users\yannick\AppData\Local\{59049912-73B5-4365-A0C8-014CB2C0DF14}
2011-05-08 10:19 . 2011-05-08 10:19 -------- d-----w- c:\users\yannick\AppData\Local\{28C4179A-A120-4C07-A886-E02D91C0363B}
2011-05-07 21:53 . 2011-05-07 21:53 -------- d-----w- c:\users\yannick\AppData\Local\{C7418C1B-F9B0-4BAF-A132-8AA5E8C6E5C4}
2011-05-07 09:52 . 2011-05-07 09:52 -------- d-----w- c:\users\yannick\AppData\Local\{85C242FD-264F-4B5D-8C33-21FF9C255D09}
2011-05-06 21:51 . 2011-05-06 21:52 -------- d-----w- c:\users\yannick\AppData\Local\{282336CA-3837-4B3B-8646-0B89349DB2DF}
2011-05-06 09:51 . 2011-05-06 09:51 -------- d-----w- c:\users\yannick\AppData\Local\{15096215-0F67-4034-9841-04B9BE7FD8AD}
2011-05-05 21:50 . 2011-05-05 21:50 -------- d-----w- c:\users\yannick\AppData\Local\{4FD62717-511E-4D02-A1F6-E615815ABA2C}
2011-05-05 18:21 . 2011-05-05 18:21 -------- d-----w- c:\users\yannick\AppData\Local\Zattoo
2011-05-05 18:21 . 2011-05-05 18:25 -------- d-----w- c:\program files (x86)\Zattoo4
2011-05-05 09:50 . 2011-05-05 09:50 -------- d-----w- c:\users\yannick\AppData\Local\{00E861DC-BC08-488E-AFAB-16F743FE3BAF}
2011-05-04 23:58 . 2011-05-04 23:59 -------- d-----w- c:\users\yannick\AppData\Roaming\Offline Explorer
2011-05-04 23:56 . 2011-05-05 00:01 -------- d-----w- c:\program files (x86)\Offline Explorer Enterprise
2011-05-04 21:49 . 2011-05-04 21:49 -------- d-----w- c:\users\yannick\AppData\Local\{D31116AC-2B54-465D-B1C5-ACFA4A101319}
2011-05-04 09:48 . 2011-05-04 09:49 -------- d-----w- c:\users\yannick\AppData\Local\{4BD66317-8484-4D87-B88C-CEEA3B3CBBA9}
2011-05-03 21:48 . 2011-05-03 21:48 -------- d-----w- c:\users\yannick\AppData\Local\{C24FE7F9-1699-4720-9ECC-F1AAEE3AFA29}
2011-05-03 11:15 . 2010-01-14 14:08 59880 ----a-w- c:\windows\system32\drivers\TfSysMon.sys
2011-05-03 11:15 . 2010-01-14 14:08 41888 ----a-w- c:\windows\system32\drivers\TfNetMon.sys
2011-05-03 11:15 . 2010-01-14 14:08 65072 ----a-w- c:\windows\system32\drivers\TfFsMon.sys
2011-05-03 11:15 . 2011-05-03 11:15 -------- d-----w- c:\program files (x86)\ThreatFire
2011-05-03 11:15 . 2011-05-03 11:15 -------- d-----w- c:\programdata\PC Tools
2011-05-03 09:47 . 2011-05-03 09:47 -------- d-----w- c:\users\yannick\AppData\Local\{3792A250-0EB3-4524-B530-A62573877137}
2011-05-02 23:03 . 2011-05-02 23:03 -------- d-----w- c:\users\yannick\AppData\Roaming\OpenDNS Updater
2011-05-02 23:02 . 2011-05-02 23:03 -------- d-----w- c:\program files (x86)\OpenDNS Updater
2011-05-02 21:46 . 2011-05-02 21:47 -------- d-----w- c:\users\yannick\AppData\Local\{DFEA948B-9D30-4C2C-AA82-C0AAAC9E9C44}
2011-05-02 08:17 . 2011-05-02 08:17 -------- d-----w- c:\users\yannick\AppData\Local\{D1972559-17DE-4353-8C11-43D0BCBFB0B7}
2011-05-01 20:16 . 2011-05-01 20:17 -------- d-----w- c:\users\yannick\AppData\Local\{4BC951E0-A8E1-4421-8CE6-905598D0E6CF}
2011-05-01 14:38 . 2011-05-12 19:36 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2011-05-01 08:16 . 2011-05-01 08:16 -------- d-----w- c:\users\yannick\AppData\Local\{FAEB09C6-0D4D-43D3-905B-1D4EA20A87D6}
2011-04-30 22:50 . 2011-04-30 22:50 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-30 18:36 . 2011-04-30 18:37 -------- d-----w- c:\users\yannick\AppData\Local\{0D277D12-DDB5-4B90-93DB-1C069BDD943C}
2011-04-30 18:28 . 2011-04-30 22:50 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-04-30 18:18 . 2009-05-19 15:39 3072 ------w- c:\windows\SysWow64\BrDctF2S.dll
2011-04-30 18:18 . 2007-12-13 20:16 73728 ------w- c:\windows\SysWow64\BrDctF2.dll
2011-04-30 18:18 . 2007-12-13 20:16 5120 ------w- c:\windows\SysWow64\BrDctF2L.dll
2011-04-30 18:18 . 2006-12-28 11:39 176128 ------w- c:\windows\SysWow64\BroSNMP.dll
2011-04-30 18:17 . 2008-06-17 13:33 167936 ------w- c:\windows\SysWow64\NSSearch.dll
2011-04-30 18:17 . 2011-04-30 18:17 -------- d-----w- c:\users\yannick\AppData\Roaming\InstallShield
2011-04-30 14:27 . 2011-04-30 17:59 -------- dc----w- c:\windows\system32\DRVSTORE
2011-04-30 14:27 . 2011-04-30 14:27 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-04-30 14:23 . 2011-04-30 14:23 -------- d-----w- c:\users\yannick\AppData\Local\Sunbelt Software
2011-04-30 14:22 . 2011-04-30 17:59 -------- d-----w- c:\programdata\Lavasoft
2011-04-30 06:36 . 2011-04-30 06:36 -------- d-----w- c:\users\yannick\AppData\Local\{145F2AAB-9881-48A9-BE86-ACD962C15608}
2011-04-29 18:35 . 2011-04-29 18:35 -------- d-----w- c:\users\yannick\AppData\Local\{07B0D91D-8CE9-456B-BD82-511E31BAADD3}
2011-04-29 06:34 . 2011-04-29 06:35 -------- d-----w- c:\users\yannick\AppData\Local\{12DF4916-8207-4CC5-9384-0CE264C1E4CA}
2011-04-28 18:34 . 2011-04-28 18:34 -------- d-----w- c:\users\yannick\AppData\Local\{F6C2BB08-3AC0-4F81-95AF-F298CFDF0AEF}
2011-04-28 06:33 . 2011-04-28 06:33 -------- d-----w- c:\users\yannick\AppData\Local\{847C7A71-FAB4-4507-A12D-D5D979817720}
2011-04-27 23:02 . 2005-03-11 22:07 87040 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-04-27 23:02 . 1998-06-23 22:00 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2011-04-27 23:02 . 2011-04-27 23:03 -------- d-----w- c:\program files (x86)\PDFCreator
2011-04-27 23:02 . 1998-07-12 23:08 141312 ----a-w- c:\windows\SysWow64\MSCMCFR.DLL
2011-04-27 23:02 . 1998-07-05 22:00 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
2011-04-27 18:33 . 2011-04-27 18:33 -------- d-----w- c:\users\yannick\AppData\Local\{1AEABE3E-7393-4B59-99D3-DF44E7E322AE}
2011-04-27 06:28 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 06:28 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-27 06:28 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-04-27 06:28 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-27 06:28 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2011-04-27 06:28 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-04-27 06:28 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-04-27 06:28 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2011-04-27 06:27 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2011-04-27 06:27 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-04-27 06:27 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-04-27 06:27 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-04-27 06:27 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-04-27 06:27 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-04-27 06:27 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-04-27 06:27 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-04-27 06:27 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-04-26 21:54 . 2011-04-26 21:54 -------- d-----w- c:\users\yannick\AppData\Local\{05CA20F2-5E34-4FB5-8AA5-42CE6029170F}
2011-04-26 09:54 . 2011-04-26 09:54 -------- d-----w- c:\users\yannick\AppData\Local\{C0BB52DB-DE4C-4951-8293-D02407A75F8D}
2011-04-26 01:08 . 2011-04-26 01:08 -------- d-----w- c:\users\yannick\AppData\Roaming\skypePM
2011-04-26 01:08 . 2011-04-26 01:08 -------- d-----w- c:\programdata\Skype Extras
2011-04-26 01:07 . 2011-04-26 01:09 -------- d-----w- c:\users\yannick\AppData\Roaming\Skype
2011-04-26 01:07 . 2011-04-26 01:07 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-04-26 01:07 . 2011-05-01 19:15 -------- d-----r- c:\program files (x86)\Skype
2011-04-26 01:07 . 2011-04-26 01:07 -------- d-----w- c:\programdata\Skype
2011-04-25 21:53 . 2011-04-25 21:53 -------- d-----w- c:\users\yannick\AppData\Local\{0F4AE62B-A9C0-4D0E-BBBC-604BF65B73E1}
2011-04-25 09:52 . 2011-04-25 09:53 -------- d-----w- c:\users\yannick\AppData\Local\{1A29B142-BBD0-4504-B86F-DE4F750704C0}
2011-04-24 23:08 . 2011-04-24 23:15 -------- d-----w- c:\windows\SysWow64\quicktime
2011-04-24 22:45 . 2011-04-24 22:48 -------- d-----w- c:\users\yannick\AppData\Roaming\DivX
2011-04-24 22:45 . 2011-04-24 22:45 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-04-24 22:45 . 2011-04-24 23:16 -------- d-----w- c:\program files\DivX
2011-04-24 22:42 . 2011-04-24 23:16 -------- d-----w- c:\program files (x86)\DivX
2011-04-24 22:41 . 2011-04-24 23:16 -------- d-----w- c:\programdata\DivX
2011-04-24 21:52 . 2011-04-24 21:52 -------- d-----w- c:\users\yannick\AppData\Local\{92EAEB2E-893B-424B-BBFA-1E4F6345DA6F}
2011-04-24 09:51 . 2011-04-24 09:51 -------- d-----w- c:\users\yannick\AppData\Local\{6058B1D8-4A85-41C1-BB32-D4D1B3924366}
2011-04-23 21:50 . 2011-04-23 21:51 -------- d-----w- c:\users\yannick\AppData\Local\{6B124F2B-687D-4C4F-83EC-D781413047E9}
2011-04-23 10:50 . 2011-04-30 18:18 -------- d-----w- c:\program files (x86)\Brother
2011-04-23 09:50 . 2011-04-23 09:50 -------- d-----w- c:\users\yannick\AppData\Local\{7C0A5094-9C19-459C-91D5-4FC969440877}
2011-04-23 01:17 . 2011-04-23 01:17 -------- d-----w- c:\programdata\Solidshield
2011-04-22 21:49 . 2011-04-22 21:49 -------- d-----w- c:\users\yannick\AppData\Local\{78E68C18-5CF1-4B65-98EA-031179724E18}
2011-04-22 09:49 . 2011-04-22 09:49 -------- d-----w- c:\users\yannick\AppData\Local\{B27F5020-D8EB-4668-9814-C6D4E701B1A2}
2011-04-21 21:48 . 2011-04-21 21:48 -------- d-----w- c:\users\yannick\AppData\Local\{33604A69-A37D-467D-AFB3-7482AEDA3B56}
2011-04-21 20:59 . 2011-04-21 20:59 0 ----a-w- c:\programdata\xml3B3E.tmp
2011-04-21 20:59 . 2011-04-21 20:59 0 ----a-w- c:\programdata\xml361E.tmp
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-12 00:03 . 2011-05-12 00:03 14858 ----a-w- C:\UsbFix_Upload_Me_YANNICK-PC.zip
2011-04-21 19:35 . 2011-02-03 19:56 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-04-21 06:33 . 2011-03-21 11:03 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-04-21 06:32 . 2011-03-21 10:43 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-04-11 19:17 . 2011-04-11 19:17 2724120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-04-11 19:16 . 2011-04-11 19:16 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-04-11 19:16 . 2011-04-11 19:16 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-04-08 05:14 . 2011-02-23 06:28 8411752 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-04-08 05:14 . 2011-02-23 06:28 6299752 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-04-08 05:14 . 2011-02-23 06:28 10071656 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-04-08 05:14 . 2010-07-10 04:38 2273896 ----a-w- c:\windows\system32\nvapi64.dll
2011-04-07 21:19 . 2011-04-07 21:19 2582120 ----a-w- c:\windows\system32\nvsvcr.dll
2011-04-07 21:19 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 21:19 . 2011-04-07 21:19 1012328 ----a-w- c:\windows\system32\nvvsvc.exe
2011-04-07 21:19 . 2011-04-07 21:19 797288 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-04-07 21:19 . 2011-04-07 21:19 6338152 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 21:18 . 2011-04-07 21:18 3041384 ----a-w- c:\windows\system32\nvsvc64.dll
2011-03-21 10:43 . 2011-03-21 10:43 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-03-14 22:04 . 2011-03-14 22:04 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-14 22:04 . 2011-03-14 22:04 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-03-14 22:04 . 2011-03-14 22:04 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-03-09 06:04 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-04 06:19 . 2011-04-27 06:28 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-04-27 06:28 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-02-23 06:28 . 2011-02-23 06:28 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
2011-02-23 06:28 . 2011-02-23 06:28 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2011-02-22 20:50 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-02-22 20:50 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-19 12:05 . 2011-03-09 06:07 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 12:04 . 2011-03-09 06:07 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 12:04 . 2011-03-09 06:07 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:30 . 2011-03-09 06:07 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 06:30 . 2011-03-09 06:07 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-12_18.36.55 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-02-13 22:52 . 2011-05-12 18:35 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-02-13 22:52 . 2011-05-12 21:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2011-05-12 18:35 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-05-12 21:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-05-12 21:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-05-12 18:35 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-05-12 18:35 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-05-12 21:44 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-01 19:01 . 2011-05-12 21:45 69878 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-05-12 21:45 34072 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-05-12 18:37 34072 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-01 17:45 . 2011-05-12 21:45 12574 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4232598072-1058645508-674976008-1000_UserData.bin
- 2011-05-12 18:35 . 2011-05-12 18:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-12 21:43 . 2011-05-12 21:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-05-12 18:35 . 2011-05-12 18:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-05-12 21:43 . 2011-05-12 21:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-02-02 12:06 . 2011-05-12 20:49 384816 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2009-07-14 05:01 . 2011-05-12 18:34 430124 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-05-12 21:43 430124 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-02 02:13 . 2011-05-12 21:43 22749181 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4232598072-1058645508-674976008-1000-8192.dat
- 2011-02-02 02:13 . 2011-05-12 18:34 22749181 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4232598072-1058645508-674976008-1000-8192.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"a-squared"="c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2guard.exe" [2011-03-10 3438992]
"ThreatFire"="c:\program files (x86)\ThreatFire\TFTray.exe" [2010-01-14 378128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"= 0
"NoActiveDesktopChanges"= 0
"ForceActiveDesktopOn"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
SetupExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 136176]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 136176]
R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-04-12 311744]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Professionnel Personnel 2010.SP1d\RpcAgentSrv.exe [2009-08-10 93336]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub; [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
S1 a2injectiondriver;a2injectiondriver;c:\program files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2010-09-05 48216]
S1 a2util;a-squared Malware-IDS utility driver;c:\program files (x86)\Emsisoft Anti-Malware\a2util64.sys [2010-05-05 14720]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [2011-03-29 2860800]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-04-07 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 ThreatFire;ThreatFire;c:\program files (x86)\ThreatFire\TFService.exe service [x]
S3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2011-02-20 85800]
S3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-12 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-04-15 15:24]
.
2011-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 19:45]
.
2011-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 19:45]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2839840]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\SysWOW64\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: {9A5C295B-5CAA-46A1-8439-74960B6D020D} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\yannick\AppData\Roaming\Mozilla\Firefox\Profiles\4sptc414.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.ftp - localhost
FF - prefs.js: network.proxy.ftp_port - 8118
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 8118
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 8118
FF - prefs.js: network.proxy.type - 0
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ThreatFire]
"AlternateImagePath"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD\000.fcl"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\ThreatFire\TFService.exe
c:\program files (x86)\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Heure de fin: 2011-05-12 23:56:50 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-05-12 21:56
ComboFix2.txt 2011-05-12 20:05
ComboFix3.txt 2011-05-12 18:49
.
Avant-CF: 163 898 130 432 octets libres
Après-CF: 163 685 199 872 octets libres
.
- - End Of File - - 465EBD95DBF4963B079731D2B2CF3760

pareil que tout à l'heure; rien à faire, ni en .exe, .com, .scr, ni en le renommant winlogon et en changeant les extensions

GMER 1.0.15.15627 - http://www.gmer.net
Rootkit scan 2011-05-13 00:49:29
Windows 6.1.7601 Service Pack 1
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x01 0x4E 0xE9 0x72 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x24 0x9F 0x0C 0x3A ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x71 0x8A 0x0D 0xBD ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x11 0x24 0x21 0xC3 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x11 0x24 0x21 0xC3 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x01 0x4E 0xE9 0x72 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x24 0x9F 0x0C 0x3A ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x71 0x8A 0x0D 0xBD ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x11 0x24 0x21 0xC3 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x11 0x24 0x21 0xC3 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@e2e25e6dec4c60cd2d0e875b102d6d25\r\n 0x3C 0x2B 0x1A 0xC9 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@d45f472b218c6cb099061f3dae768813\r\n 0x87 0xB4 0x8C 0x4F ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@58cc430ee5748f0ae58177880c20d518\r\n 0xE7 0xE0 0x85 0xD5 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@9b59baf14fdb26fa43d7814e48c153c5\r\n 0x0B 0xCC 0xE2 0x8E ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@839cc7d9b6189b86fdfcbbaee38ff2e2\r\n 0x89 0x72 0x06 0x45 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@b09797748d0a4d1c68c117395abb88e3\r\n 0x9B 0x6D 0x95 0xD2 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@6bd0166fa0659a84ed178e3a26da50bd\r\n 0xC3 0xF5 0x28 0xDC ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@0401edd79a52789819f3f518a7ff015b\r\n 0xA9 0xE1 0x6F 0x53 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@5747a57c90ed4391507af4d1da6958d2\r\n 0xB8 0x29 0x46 0x0D ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@055e980cf119ad7759ddd568fd1940d1\r\n 0xA1 0xBD 0x84 0xB6 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@9982f70d70444ffd22ce44b4a583f909\r\n 0xFB 0x8E 0xCD 0x76 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@b462d940d024499c3f1d2f8e81959659\r\n 0x5C 0x9A 0x83 0x17 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@f44c7a2928f053ec7850b52b718b9c5e\r\n 0xD3 0x11 0xFB 0x8E ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@470f656f838fb858f9954c6fb312467c\r\n 0x0F 0x48 0xD6 0x39 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@37bafca503169ebbce2237e4f9709544\r\n 0xEB 0x67 0x3A 0xE2 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@a9680a9b212c56ba39a30595d5cb78b4\r\n 0xFA 0xBA 0xD1 0xBD ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@eca006660f2ea3e0d0174cd0e02ecc9e\r\n 0x5C 0x8F 0xC2 0xF5 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@e12ed859510444e4538744e60dca87fe\r\n 0x99 0xA4 0x5A 0xFB ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@3b574445c48cf19f9f10bc08a80f45ab\r\n 0xD4 0xF0 0xB7 0x29 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@2dc95dbc36a32543e6e59d5f8bb3c2d5\r\n 0xDF 0xB1 0xD9 0xD6 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@7533e404d6ded7fa592930a17f4f6e08\r\n 0x87 0xB4 0x8C 0x4F ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@267121d13f1ec45b05211ff3a6bf228f\r\n 0xF9 0xC5 0x92 0x5F ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@8687064c1cd380ddc6e32339af96eb13\r\n 0x78 0x61 0xF5 0x33 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@7ac2d74436da3a6327f86b09570df408\r\n 0x31 0x80 0x7A 0x1F ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@db2997cfe42e17aa35b0faad8f7cacaf\r\n 0x45 0x39 0x83 0x22 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@d37b61f7320b87f50a69d8f464718302\r\n 0x92 0x6A 0xED 0xDA ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@cb2ae97747d01f133a811a9f096c844f\r\n 0x5A 0xD1 0x48 0xC0 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@6015ac7e2e00084f609e9b18aaf6960b\r\n 0x57 0x1E 0x90 0xAC ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@8762da002fcb1af401a6a2c9bce6a4ef\r\n 0x79 0x40 0xB2 0x8E ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@459f6bf78db1b92bb26bdb6b5c3b86e1\r\n 0xEA 0x7D 0xBC 0x25 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@f856c5302a133dd4dc8620c377f8e84e\r\n 0x30 0x8B 0x3B 0x01 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@c3338e966c55874a1fbfe7844c8041ee\r\n 0xE7 0xE0 0x85 0x15 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@c0ffbda4beb9b482199e57430477fc07\r\n 0x27 0x9E 0x15 0x0D ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@7d600de2dea576cefc1444d7a1314373\r\n 0x62 0xDF 0xB1 0x59 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@248de9c40abdcecc78e3db97c9f7a81f\r\n 0xFC 0x6D 0x8A 0x91 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@96577bf3a20a9095f8dc21adc67e76e9\r\n 0x77 0x8D 0xF9 0xBA ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@378436c7b6ea200ab002e8b05a5770dd\r\n 0xB2 0xD9 0x56 0xA9 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@67d67d72491baa7209acc9c6320be487\r\n 0xE7 0xD5 0xC4 0x73 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@dbd09d0446955ef25205c03c98deed6b\r\n 0xA2 0xA7 0x02 0x33 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@7cf8c75c95a6d2ba2d1afc1b83e6acbb\r\n 0x09 0xED 0x25 0xF4 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@1a763aae9ce198900e63a2f6a5bf1b75\r\n 0x74 0xDA 0x40 0xA7 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@28605074b7e5018322661d5e6d82f3bd\r\n 0xFB 0x99 0x8E 0x98 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@a984d024256d71eedb1f770e4aa7c529\r\n 0xDA 0x40 0xA7 0x4D ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@baf0c30f57095d180c265d21252b70ae\r\n 0x8D 0x04 0x7C 0xB3 ...
Reg HKCU\Software\Microsoft\Windows Live\Companion\nikopol57@live.fr@a1091ad63ce6807499a2f31f506b6605\r\n 0x5A 0xC6 0x87 0x1E ...

---- EOF - GMER 1.0.15 ----

############################## | UsbFix 7.044 | [Deletion]

User: yannick (Administrator) # YANNICK-PC [HP-Pavilion KP219AA-ABF m9273.fr]
Updated 25/04/2011 by TeamXscript
Started at 01:07:47 | 13/05/2011
Website: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
CPU 2: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Microsoft Windows 7 Édition Intégrale (6.1.7601 64-Bit) # Service Pack 1
Internet Explorer 9.0.8112.16421

RAM -> 4095 Mb
C:\ (%systemdrive%) -> Fixed drive # 244 Gb (152 Mb free - 62%) [] # NTFS
D:\ -> Fixed drive # 466 Gb (135 Mb free - 29%) [] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
I:\ -> CD-ROM
J:\ -> CD-ROM
K:\ -> Fixed drive # 221 Gb (94 Mb free - 42%) [] # NTFS

################## | Files # Infected Folders |


Deleted ! C:\$RECYCLE.BIN\S-1-5-21-4232598072-1058645508-674976008-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-4232598072-1058645508-674976008-1000
Deleted ! K:\$RECYCLE.BIN\S-1-5-21-4232598072-1058645508-674976008-1000

################## | Registry |

Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Listing |

[13/05/2011 - 01:09:48 | D ] C:\$RECYCLE.BIN
[12/05/2011 - 02:03:47 | RAD ] C:\Autorun.inf
[22/02/2011 - 23:10:00 | D ] C:\Boot
[20/11/2010 - 14:40:07 | RASH | 383786] C:\bootmgr
[02/02/2011 - 03:46:46 | RASH | 8192] C:\BOOTSECT.BAK
[12/05/2011 - 23:56:57 | N | 28123] C:\ComboFix.txt
[11/05/2011 - 00:18:59 | D ] C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.3082.txt
[07/11/2007 - 08:00:40 | N | 1110] C:\globdata.ini
[13/05/2011 - 01:02:14 | ASH | 3220664320] C:\hiberfil.sys
[04/05/2011 - 03:53:14 | N | 100] C:\index.ini
[07/11/2007 - 08:00:40 | N | 843] C:\install.ini
[07/11/2007 - 08:44:20 | N | 75280] C:\install.res.1028.dll
[07/11/2007 - 08:44:20 | N | 95248] C:\install.res.1031.dll
[07/11/2007 - 08:44:20 | N | 90128] C:\install.res.1033.dll
[07/11/2007 - 08:44:20 | N | 96272] C:\install.res.1036.dll
[07/11/2007 - 08:44:20 | N | 94224] C:\install.res.1040.dll
[07/11/2007 - 08:44:20 | N | 80400] C:\install.res.1041.dll
[07/11/2007 - 08:44:20 | N | 78864] C:\install.res.1042.dll
[07/11/2007 - 08:44:20 | N | 74768] C:\install.res.2052.dll
[07/11/2007 - 08:44:20 | N | 95248] C:\install.res.3082.dll
[21/09/2010 - 00:50:14 | D ] C:\Intel
[22/08/2010 - 17:31:24 | N | 177] C:\ITB.log
[13/05/2011 - 00:23:12 | D ] C:\Kill'em
[02/12/2006 - 00:37:14 | N | 904704] C:\msdia80.dll
[29/10/2010 - 01:32:30 | RD ] C:\MSOCache
[26/08/2010 - 18:49:00 | D ] C:\NVIDIA
[13/05/2011 - 01:02:16 | ASH | 4294221824] C:\pagefile.sys
[12/05/2011 - 02:54:31 | N | 512] C:\PhysicalDisk0_MBR.bin
[13/05/2011 - 00:23:12 | N | 7677] C:\Pre_Scan.txt
[25/04/2011 - 00:45:38 | D ] C:\Program Files
[12/05/2011 - 11:06:59 | D ] C:\Program Files (x86)
[12/05/2011 - 23:41:55 | D ] C:\ProgramData
[12/05/2011 - 23:57:17 | D ] C:\Qoobox
[01/02/2011 - 19:06:33 | D ] C:\Recovery
[12/05/2011 - 23:22:40 | SHD ] C:\System Volume Information
[12/05/2011 - 11:09:01 | N | 100] C:\txt
[09/05/2011 - 02:02:21 | D ] C:\UnrealTournament
[13/05/2011 - 01:09:49 | D ] C:\UsbFix
[13/05/2011 - 01:07:49 | A | 892] C:\UsbFix.txt
[12/05/2011 - 02:03:47 | N | 14858] C:\UsbFix_Upload_Me_YANNICK-PC.zip
[05/05/2011 - 13:37:46 | D ] C:\Users
[07/11/2007 - 08:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 08:50:40 | N | 1927956] C:\VC_RED.cab
[07/11/2007 - 08:53:12 | N | 242176] C:\VC_RED.MSI
[12/05/2011 - 23:57:05 | D ] C:\Windows
[12/05/2011 - 21:26:13 | D ] C:\yannick
[13/05/2011 - 01:09:48 | D ] D:\$RECYCLE.BIN
[12/05/2011 - 02:03:47 | RAD ] D:\Autorun.inf
[18/03/2011 - 16:29:30 | D ] D:\documents
[01/05/2011 - 20:24:31 | D ] D:\images
[11/05/2011 - 22:19:51 | D ] D:\incoming
[09/05/2011 - 02:08:21 | D ] D:\jeux
[10/05/2011 - 13:45:53 | D ] D:\Music
[07/05/2011 - 02:04:56 | D ] D:\programmes
[16/11/2010 - 02:38:58 | SHD ] D:\System Volume Information
[15/04/2011 - 13:24:43 | D ] D:\Videos
[10/11/2010 - 02:19:20 | N | 691] D:\Yannick - Raccourci.lnk
[13/05/2011 - 01:09:48 | D ] K:\$RECYCLE.BIN
[12/05/2011 - 02:03:47 | RAD ] K:\Autorun.inf
[02/05/2011 - 13:49:00 | N | 528] K:\MediaID.bin
[02/05/2011 - 17:32:42 | SHD ] K:\System Volume Information
[02/05/2011 - 16:26:01 | D ] K:\WindowsImageBackup
[02/05/2011 - 13:49:33 | D ] K:\YANNICK-PC

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
D:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
K:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_YANNICK-PC.zip
http://www.teamxscript.org/Upload.php
Thank you for your contribution.

################## | E.O.F |

je me permet de te poster le lien de mon topic précédent expliquant en détails mon problème, au cas ou tu ne l'aurait pas vu et en espérant que tu puisse y voir plus clair: https://forums.commentcamarche.net/forum/affich-22007205-lecteur-dvd-se-lance-tout-seul-virus2-com#p22072766
mis à part ça, pour l'instant mon pc ce comporte comme un charme.

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan 1.0.1.2 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤

Mis à jour le 12/05/2011 | 22.30 par g3n-h@ckm@n
Utilisateur : yannick (Administrateurs)
Ordinateur : YANNICK-PC

Système d'exploitation : Windows 7 Ultimate (64 bits)
Internet Explorer : 9.0.8112.16421
Mozilla Firefox : 4.0.1 (fr)

Scan : 00:23:08 | 13/05/2011

¤¤¤¤¤¤¤¤¤¤¤ Processus en cours

848 | C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe - SYSTEM - Normal - 612
1636 | C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe - SYSTEM - Normal - 612
1728 | C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - SYSTEM - Normal - 612
1776 | C:\Windows\SysWOW64\PnkBstrA.exe - SYSTEM - Normal - 612
1816 | c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe - SYSTEM - Normal - 612
1936 | C:\Program Files (x86)\ThreatFire\TFService.exe - SYSTEM - Normal - 612
5112 | C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - SYSTEM - Normal - 612
3832 | C:\Program Files (x86)\Nero\Update\NASvc.exe - SYSTEM - Normal - 612
3620 | C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe - UpdatusUser - Normal - 612
1676 | C:\Windows\sysWOW64\wbem\wmiprvse.exe - NETWORK SERVICE - Normal - 784
3060 | C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe - yannick - Normal - 784
4928 | C:\Users\yannick\Desktop\winlogon.scr - yannick - Normal - 2452
3324 | C:\Windows\SysWOW64\cmd.exe - yannick - Normal - 4928
1784 | C:\Kill'em\Pv.exe - yannick - Normal - 3324

¤¤¤¤¤¤¤¤¤¤ Winlogon

[HKLM | Winlogon] | Shell : Explorer.exe
[HKLM | Winlogon] | AutoRestartShell : 1
[HKLM | Winlogon] | userinit : C:\Windows\SysWOW64\userinit.exe,
[HKLM | Winlogon] | PowerDownAfterShutdown : 1
[HKLM | Winlogon] | System :

¤¤¤¤¤¤¤¤¤¤ Associations

[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : ComFile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe

¤

[Firefox | Command] | @ : "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
[Assoc | Applications] | @ : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s

¤¤¤¤¤¤¤¤¤¤ Divers

[HKCU | Desktop] | Wallpaper : C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
[HKLM | policies\Explorer] | NoDriveTypeAutoRun : 145
[HKLM | policies\Explorer] | NoActiveDesktop : 0
[HKLM | policies\Explorer] | NoActiveDesktopChanges : 0

¤¤¤¤¤¤¤¤¤¤ Services

[Ndisuio] | Start : 3
[lmhosts] | Start : 2 : Actif
[LanmanWorkstation] | Start : 2 : Actif
[LanmanServer] | Start : 2 : Actif
[agp440] | Start : 2 : Redémarré
[AudioEndpointBuilder] | Start : 2 : Actif
[Audiosrv] | Start : 2 : Actif
[BFE] | Start : 2 : Actif
[Bits] | Start : 2 : Actif
[CryptSvc] | Start : 2 : Actif
[EapHost] | Start : 2 : Actif
[Wlansvc] | Start : 2 : Actif
[SharedAccess] | Start : 2 : Redémarré
[windefend] | Start : 3 -> 2 : Redémarré
[wuauserv] | Start : 2 : Actif
[WerSvc] | Start : 2 : Actif
[wscsvc] | Start : 2 : Actif

¤¤¤¤¤¤¤¤¤¤ Internet Explorer

[HKCU | Main] | Start Page : https://www.google.com/?gws_rd=ssl
[HKCU | Main] | Local Page : C:\Windows\SysWOW64\blank.htm
[HKCU | Main] | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

[HKLM | Main] | Start Page : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Local Page : C:\Windows\SysWOW64\blank.htm
[HKLM | Main] | Default_Search_URL : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main] | Default_Page_URL : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Search Page : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

¤¤¤¤¤¤¤¤¤¤ Processus

C:\Windows\explorer.exe -> Processus stoppé
C:\Windows\explorer.exe -> Processus stoppé
C:\Windows\explorer.exe -> Processus stoppé
C:\Windows\explorer.exe -> Processus stoppé

¤¤¤¤¤¤¤¤¤¤ Traitement Fichiers | Dossiers | Registre

Mise en quarantaine : C:\Windows\Temp\Cab3754.tmp
Mise en quarantaine : C:\Windows\Temp\Tar3765.tmp

¤¤¤¤¤¤¤¤¤¤ IFEO


¤¤¤¤¤¤¤¤¤¤ Mountpoints2


¤¤¤¤¤¤¤¤¤¤ Listing %AppData%

C:\Users\yannick\AppData\Roaming\Acronis
C:\Users\yannick\AppData\Roaming\Adobe
C:\Users\yannick\AppData\Roaming\Ashampoo
C:\Users\yannick\AppData\Roaming\Brother
C:\Users\yannick\AppData\Roaming\Corel
C:\Users\yannick\AppData\Roaming\CyberLink
C:\Users\yannick\AppData\Roaming\DAEMON Tools Lite
C:\Users\yannick\AppData\Roaming\DivX
C:\Users\yannick\AppData\Roaming\GlarySoft
C:\Users\yannick\AppData\Roaming\Google
C:\Users\yannick\AppData\Roaming\Identities
C:\Users\yannick\AppData\Roaming\InstallShield
C:\Users\yannick\AppData\Roaming\JLC's Software
C:\Users\yannick\AppData\Roaming\Leadertech
C:\Users\yannick\AppData\Roaming\Logishrd
C:\Users\yannick\AppData\Roaming\Logitech
C:\Users\yannick\AppData\Roaming\Macromedia
C:\Users\yannick\AppData\Roaming\Malwarebytes
C:\Users\yannick\AppData\Roaming\Media Center Programs
C:\Users\yannick\AppData\Roaming\Microsoft
C:\Users\yannick\AppData\Roaming\Mozilla
C:\Users\yannick\AppData\Roaming\Musicmatch
C:\Users\yannick\AppData\Roaming\Nero
C:\Users\yannick\AppData\Roaming\Offline Explorer
C:\Users\yannick\AppData\Roaming\OpenDNS Updater
C:\Users\yannick\AppData\Roaming\Skype
C:\Users\yannick\AppData\Roaming\skypePM
C:\Users\yannick\AppData\Roaming\Stardock
C:\Users\yannick\AppData\Roaming\Stellarium
C:\Users\yannick\AppData\Roaming\Tor
C:\Users\yannick\AppData\Roaming\uTorrent
C:\Users\yannick\AppData\Roaming\Vidalia
C:\Users\yannick\AppData\Roaming\vlc

¤¤¤¤¤¤¤¤¤¤ Listing %CommonAppData%

C:\ProgramData\Adobe
C:\ProgramData\Application Data
C:\ProgramData\ashampoo
C:\ProgramData\Brother
C:\ProgramData\Corel
C:\ProgramData\CyberLink
C:\ProgramData\DAEMON Tools Lite
C:\ProgramData\Desktop
C:\ProgramData\DivX
C:\ProgramData\Documents
C:\ProgramData\EA Core
C:\ProgramData\Electronic Arts
C:\ProgramData\eMule
C:\ProgramData\ESET
C:\ProgramData\ezsidmv.dat
C:\ProgramData\Favorites
C:\ProgramData\Google
C:\ProgramData\Lavasoft
C:\ProgramData\LightScribe
C:\ProgramData\Logishrd
C:\ProgramData\ma-config.com
C:\ProgramData\Malwarebytes
C:\ProgramData\Microsoft
C:\ProgramData\Microsoft Help
C:\ProgramData\Nero
C:\ProgramData\NVIDIA
C:\ProgramData\NVIDIA Corporation
C:\ProgramData\PC Tools
C:\ProgramData\Protexis
C:\ProgramData\sandra.mda
C:\ProgramData\Skype
C:\ProgramData\Skype Extras
C:\ProgramData\Solidshield
C:\ProgramData\Start Menu
C:\ProgramData\Sun
C:\ProgramData\Templates
C:\ProgramData\WorldWindData
C:\ProgramData\xml208A.tmp
C:\ProgramData\xml3331.tmp
C:\ProgramData\xml361E.tmp
C:\ProgramData\xml3B3E.tmp
C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}

tu peux supprimer ca ?

C:\ProgramData\xml208A.tmp
C:\ProgramData\xml3331.tmp
C:\ProgramData\xml361E.tmp
C:\ProgramData\xml3B3E.tmp

oui, c'est fait