> Tous les forums > Forum Sécurité
 Probleme avec virus d-xdiag10cd.exe ou d-xdiag10bc
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
pilotebien
  Posté le 09/05/2010 @ 14:56 
Aller en bas de la page 
Petit astucien

Bonjour,

J'ai quelques osucis avec ces applis : d-xdiag10cd.exe et d-xdiag10bc.exe .

J'ai lancé plusieursfois mon antivirus Bitdefender 10 qui n'a rien trouvé et lancé Fsecure en ligne rien non plus.

Le souci c'est que ces 2 applis une fois fermés "difficilement dans le gestionnaire de taches ) car elles apparaissaint et disparaissaient dans la foulée mon processeur tourne a vitesse normale en fonctiond es applis lancé et de la demande. Sinon il tournait bloqué a 100%.

Voila mon rapport RSIT:

Logfile of random's system information tool 1.07 (written by random/random)
Run by LEDIER at 2010-05-09 14:35:56
Microsoft Windows 7 Édition Familiale Premium Service Pack 2
System drive C: has 31 GB (39%) free of 78 GB
Total RAM: 3582 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:38:47, on 09/05/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Star Downloader\stardown.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
F:\ATI Tray Tools\atitray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
F:\Bill2's Process Manager\ProcessManager.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\DAEMON Tools Pro\DTAgent.exe
C:\Users\LEDIER\Program Files\DNA\btdna.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Users\LEDIER\AppData\Roaming\Maxthon2\Maxthon.exe
C:\Users\LEDIER\Desktop\RSIT.exe
C:\Program Files\trend micro\LEDIER.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: iGraal Module - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: iGraal Toolbar - {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - C:\Program Files\iGraal\Toolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [d-x10cd] C:\Users\LEDIER\AppData\Roaming\dx10acd\d-xdiag10cd.exe
O4 - HKLM\..\Run: [dx] C:\Users\LEDIER\AppData\Roaming\dx\d-xcd.exe
O4 - HKLM\..\Run: [d-x10bc] C:\Users\LEDIER\AppData\Roaming\dx10bac\d-xdiag10bc.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Program Files\ASUS\AI Booster\OverClk.exe"
O4 - HKCU\..\Run: [Star Downloader Free] C:\Program Files\Star Downloader\stardown.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AtiTrayTools] "F:\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ProcessManager] F:\Bill2's Process Manager\ProcessManager.exe -minimized
O4 - HKCU\..\Run: [Windows Java Runtime] "C:\Users\LEDIER\java.jar"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\LEDIER\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: iGraal - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - C:\Program Files\iGraal\Button.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - F:\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - F:\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Détection de dispositifs) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_1_0_1.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{84617AAC-8B86-448C-9C66-BF89F84DD046}: NameServer = 89.2.0.1,89.2.0.2
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate1ca6b46d36c66e0) (gupdate1ca6b46d36c66e0) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: BitDefender Threat Scanner (scan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI8179.tmp
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: TomTomHOMEService - TomTom - F:\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 28039 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-784295801-2750337316-878779667-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-784295801-2750337316-878779667-1000UA.job
C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF3C5900-BEC0-470E-AEE8-CE277C60667C}]
iGraal Module - C:\Program Files\iGraal\BHO.dll [2009-06-11 61728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFEF0-5B30-21D4-945D-000000000000}]
C:\PROGRA~1\STARDO~1\SDIEInt.dll [2006-02-26 135680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll [2009-11-17 128832]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
{D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - iGraal Toolbar - C:\Program Files\iGraal\Toolbar.dll [2009-06-11 92960]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe [2009-11-17 71152]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe [2010-04-01 1123360]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-26 2524416]
"Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2010-02-18 357448]
"Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2010-02-18 1573448]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2010-02-18 3203144]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-01-27 1312848]
"d-x10cd"=C:\Users\LEDIER\AppData\Roaming\dx10acd\d-xdiag10cd.exe [2010-04-13 224768]
"dx"=C:\Users\LEDIER\AppData\Roaming\dx\d-xcd.exe [2010-04-22 224768]
"d-x10bc"=C:\Users\LEDIER\AppData\Roaming\dx10bac\d-xdiag10bc.exe [2010-04-28 218624]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-06 102400]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]
"Launch Ai Booster"=C:\Program Files\ASUS\AI Booster\OverClk.exe [2006-12-08 3714048]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Star Downloader Free"=C:\Program Files\Star Downloader\stardown.exe [2006-02-25 1785344]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-04-24 321328]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2009-08-16 955392]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"AtiTrayTools"=F:\ATI Tray Tools\atitray.exe [2009-11-18 657920]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2008-10-24 206112]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ProcessManager"=F:\Bill2's Process Manager\ProcessManager.exe [2010-04-06 2056192]
"Windows Java Runtime"=C:\Users\LEDIER\java.jar [2010-05-01 18161]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2010-04-15 427328]
"BitTorrent DNA"=C:\Users\LEDIER\Program Files\DNA\btdna.exe [2010-05-08 323392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FSFDTCP]
F:\FSFDT\Control Panel\FSFDTCP.exe [2007-05-08 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OSSelectorReinstall]
C:\Program Files\Common Files\Acronis\Partition Suite\oss_reinstall.exe [2006-05-31 1281425]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2009-07-08 236016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
F:\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

C:\Users\LEDIER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-01-29 64592]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\LEDIER\AppData\Local\Temp\8403.exe"="C:\Users\LEDIER\AppData\Local\Temp\8403.exe:*:Enabled:Windows Messanger"
"C:\Users\LEDIER\AppData\Roaming\winlogon.exe"="C:\Users\LEDIER\AppData\Roaming\winlogon.exe:*:Enabled:Windows Messanger"
"Microsoft Windows Hosting Service Login"="C:\Users\LEDIER\AppData\Roaming\winlogon.exe"
"C:\Users\LEDIER\AppData\Local\Temp\wow.exe"="C:\Users\LEDIER\AppData\Local\Temp\wow.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0bea77d7-cf59-11de-b089-806e6f6e6963}]
shell\AutoRun\command - I:\Install.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-05-09 14:34:14 ----D---- C:\rsit
2010-05-09 14:34:14 ----D---- C:\Program Files\trend micro
2010-05-08 13:43:38 ----D---- C:\Users\LEDIER\AppData\Roaming\DNA
2010-05-08 11:32:31 ----D---- C:\Program Files\DAEMON Tools Pro
2010-05-08 11:31:53 ----D---- C:\Users\LEDIER\AppData\Roaming\DAEMON Tools Pro
2010-05-08 11:31:53 ----D---- C:\ProgramData\DAEMON Tools Pro
2010-05-06 18:46:45 ----A---- C:\Users\LEDIER\AppData\Roaming\cystcache.exe
2010-05-04 18:04:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-02 14:27:39 ----D---- C:\Program Files\AxBx
2010-05-01 23:08:18 ----A---- C:\Windows\system32\launchhh.bat
2010-05-01 23:06:43 ----A---- C:\Windows\system32\launchhh.vbs
2010-05-01 23:01:24 ----A---- C:\Windows\ex.txt
2010-05-01 22:40:52 ----D---- C:\Program Files\Skyline
2010-05-01 16:55:22 ----A---- C:\Windows\system32\launch.bat
2010-05-01 16:55:16 ----A---- C:\Windows\system32\net.vbs
2010-05-01 16:53:51 ----A---- C:\Windows\system32\svchost001.exe
2010-04-30 19:29:43 ----D---- C:\Windows\Minidump
2010-04-30 14:04:04 ----D---- C:\ProgramData\ATI
2010-04-29 21:14:43 ----D---- C:\Program Files\SpeedFan
2010-04-28 18:04:23 ----A---- C:\Windows\system32\shell32.dll
2010-04-28 18:04:22 ----A---- C:\Windows\system32\lsasrv.dll
2010-04-28 02:38:33 ----RSHD---- C:\Users\LEDIER\AppData\Roaming\dx10bac
2010-04-27 23:44:45 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2010-04-27 23:44:36 ----A---- C:\Windows\system32\FsUsbExService.Exe
2010-04-27 23:28:38 ----D---- C:\Program Files\MarkAny
2010-04-27 23:28:28 ----D---- C:\Program Files\PC Connectivity Solution
2010-04-26 23:42:48 ----D---- C:\ProgramData\Skyline
2010-04-26 22:26:55 ----D---- C:\Program Files\CPUID
2010-04-25 20:58:52 ----SHD---- C:\Windows\system32\%APPDATA%
2010-04-24 19:09:12 ----D---- C:\Windows\system32\Wat
2010-04-24 17:55:39 ----D---- C:\ProgramData\PC SOFT
2010-04-24 17:55:39 ----D---- C:\ProgramData\AquaDiscovery
2010-04-24 17:55:11 ----D---- C:\Program Files\Common Files\PC SOFT
2010-04-17 22:47:50 ----D---- C:\Program Files\ESET
2010-04-16 22:26:30 ----A---- C:\Windows\system32\xfcodec.dll
2010-04-14 21:42:02 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-04-14 21:42:02 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-04-14 15:03:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-14 15:03:44 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-14 15:03:39 ----A---- C:\Windows\system32\vbscript.dll
2010-04-14 14:51:39 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 14:51:32 ----A---- C:\Windows\system32\cabview.dll
2010-04-13 03:02:27 ----RSHD---- C:\Users\LEDIER\AppData\Roaming\dx10acd
2010-04-12 16:19:43 ----RSHD---- C:\Users\LEDIER\AppData\Roaming\dx10c
2010-04-11 17:20:23 ----D---- C:\Users\LEDIER\AppData\Roaming\ANUMAN interactive
2010-04-11 17:00:30 ----A---- C:\Users\LEDIER\AppData\Roaming\s4.vbs
2010-04-11 17:00:25 ----A---- C:\Users\LEDIER\AppData\Roaming\nt.bat
2010-04-11 17:00:16 ----RSHD---- C:\Users\LEDIER\AppData\Roaming\dx

======List of files/folders modified in the last 1 months======

2010-05-09 14:38:43 ----D---- C:\Users\LEDIER\AppData\Roaming\uTorrent
2010-05-09 14:37:15 ----D---- C:\Windows\Temp
2010-05-09 14:36:45 ----D---- C:\Windows\system32\config
2010-05-09 14:34:56 ----D---- C:\Windows\Prefetch
2010-05-09 14:34:14 ----D---- C:\Program Files
2010-05-09 14:31:17 ----D---- C:\Users\LEDIER\AppData\Roaming\MxBoost
2010-05-09 13:54:01 ----D---- C:\Windows\System32
2010-05-09 11:45:16 ----SHD---- C:\Windows\Installer
2010-05-09 11:34:53 ----SHD---- C:\System Volume Information
2010-05-08 22:04:51 ----D---- C:\Windows\inf
2010-05-08 22:04:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-08 13:56:54 ----D---- C:\Windows
2010-05-08 13:53:29 ----D---- C:\Windows\system32\Tasks
2010-05-08 13:53:21 ----D---- C:\Windows\system32\drivers
2010-05-08 13:52:18 ----D---- C:\Program Files\ASUS
2010-05-08 13:52:17 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-08 13:40:56 ----D---- C:\Users\LEDIER\AppData\Roaming\Download Manager
2010-05-08 11:42:13 ----D---- C:\Program Files\DAEMON Tools
2010-05-08 11:31:53 ----HD---- C:\ProgramData
2010-05-07 22:57:28 ----D---- C:\Windows\Downloaded Program Files
2010-05-07 22:57:10 ----D---- C:\Program Files\ma-config.com
2010-05-07 22:57:08 ----D---- C:\ProgramData\ma-config.com
2010-05-07 14:08:50 ----D---- C:\Users\LEDIER\AppData\Roaming\vlc
2010-05-05 20:58:11 ----D---- C:\Windows\Sun
2010-05-05 20:45:19 ----A---- C:\bdlog.txt
2010-05-04 19:10:00 ----D---- C:\Windows\Logs
2010-05-03 16:39:25 ----D---- C:\Windows\system32\oodag
2010-05-02 09:23:32 ----SHD---- C:\Boot
2010-04-30 14:07:05 ----D---- C:\Program Files\ATI
2010-04-30 14:01:08 ----D---- C:\Windows\system32\catroot
2010-04-30 13:59:51 ----RSD---- C:\Windows\assembly
2010-04-30 13:59:19 ----D---- C:\Program Files\ATI Technologies
2010-04-30 13:56:32 ----D---- C:\Windows\system32\DriverStore
2010-04-29 08:44:13 ----D---- C:\Windows\system32\catroot2
2010-04-29 08:26:53 ----D---- C:\ProgramData\AlawarWrapper
2010-04-29 03:28:56 ----D---- C:\ProgramData\Xfire
2010-04-28 18:42:33 ----D---- C:\Windows\winsxs
2010-04-28 18:31:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-04-28 18:31:18 ----D---- C:\Program Files\Common Files\AntiVirus
2010-04-28 18:26:44 ----HD---- C:\_Backup
2010-04-28 06:15:06 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2010-04-27 23:44:17 ----D---- C:\Users\LEDIER\AppData\Roaming\Samsung
2010-04-27 23:27:07 ----D---- C:\Program Files\Samsung
2010-04-27 23:00:06 ----D---- C:\Program Files\Common Files\Adobe
2010-04-27 03:54:40 ----D---- C:\temp
2010-04-26 18:54:38 ----D---- C:\Program Files\PowerArchiver
2010-04-25 20:37:59 ----D---- C:\Program Files\Avanquest update
2010-04-25 11:14:19 ----D---- C:\Program Files\Shareaza
2010-04-25 11:14:17 ----D---- C:\Users\LEDIER\AppData\Roaming\Shareaza
2010-04-25 11:10:04 ----D---- C:\ProgramData\BVRP Software
2010-04-25 11:04:11 ----D---- C:\ProgramData\Codemasters
2010-04-25 10:51:54 ----D---- C:\Windows\Tasks
2010-04-24 19:07:51 ----D---- C:\Windows\SoftwareDistribution
2010-04-24 17:55:11 ----D---- C:\Program Files\Common Files
2010-04-24 14:40:59 ----D---- C:\Program Files\uTorrent
2010-04-22 15:01:35 ----D---- C:\Program Files\K-Lite Codec Pack
2010-04-20 19:11:48 ----D---- C:\Program Files\Xfire
2010-04-20 00:43:23 ----D---- C:\Users\LEDIER\AppData\Roaming\Xfire
2010-04-17 23:42:37 ----D---- C:\Program Files\Unlocker
2010-04-17 23:31:45 ----D---- C:\Program Files\pdfforge Toolbar
2010-04-16 20:00:00 ----A---- C:\Windows\system32\ff_vfw.dll
2010-04-16 14:24:21 ----RD---- C:\Users
2010-04-16 13:08:14 ----D---- C:\ProgramData\WindSolutions
2010-04-15 10:33:47 ----D---- C:\Program Files\Common Files\Stardock
2010-04-14 19:41:29 ----D---- C:\Users\LEDIER\AppData\Roaming\Desktopicon
2010-04-14 18:05:56 ----D---- C:\ProgramData\Microsoft Help
2010-04-14 18:00:31 ----A---- C:\Windows\vbaddin.ini
2010-04-12 21:46:10 ----D---- C:\Users\LEDIER\AppData\Roaming\SolidDocuments
2010-04-10 12:16:07 ----D---- C:\Users\LEDIER\AppData\Roaming\WindSolutions

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 AsUpIO;AsUpIO; C:\Windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 atitray;atitray; \??\F:\ATI Tray Tools\atitray.sys [2009-10-24 19232]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; C:\Windows\system32\DRIVERS\BdfNdisf6.sys [2010-05-05 72784]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2010-05-05 79952]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-12-15 5632]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-11-22 281760]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys [2010-05-05 85128]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-11-22 25888]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-10-20 50704]
R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-07 5430272]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-07 157184]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
R3 BDFM;BDFM; C:\Windows\system32\DRIVERS\bdfm.sys [2010-02-10 153448]
R3 CompositeBus;Pilote de l’énumérateur de bus composite; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-11-10 35984]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-11-10 37392]
R3 lvpopflt;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopflt.sys [2007-05-11 1921184]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\DRIVERS\LVUSBSta.sys [2007-05-11 41888]
R3 LVUVC;Logitech QuickCam Pro 5000(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2007-05-11 3580832]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-04-29 20952]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-07-14 80640]
R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-07 5430272]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-14 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys [2009-12-15 55936]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2010-05-01 14336]
S3 drmkaud;Pilotes audio approuvés par Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2009-07-14 5120]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-14 3100160]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2009-08-26 14216]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2009-09-16 8456]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-14 26624]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]
S3 JL2005C;Dual Mode Camera; C:\Windows\System32\Drivers\jl2005c.sys [2008-07-09 68826]
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-14 8320]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-14 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2009-07-14 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]
S3 NVENETFD;Pilote du contrôleur de réseau NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2009-08-27 14720]
S3 PSSDK42;PSSDK42; \??\C:\Windows\system32\Drivers\pssdk42.sys [2010-03-27 38976]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2009-11-04 16456]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2009-11-04 11088]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
S3 RimUsb;Téléphone intelligent BlackBerry ; C:\Windows\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
S3 Tileproxy;Tileproxy; C:\Windows\system32\DRIVERS\tileproxy.sys [2008-03-09 31616]
S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2009-05-07 39808]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-07 172032]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2009-12-28 380928]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2010-01-28 308552]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-26 1488128]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-02-28 75064]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\Windows\Installer\MSI8179.tmp [2010-01-11 189696]
R2 TomTomHOMEService;TomTomHOMEService; F:\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-11-12 1021256]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe [2010-05-05 1615688]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate1ca6b46d36c66e0;Service Google Update (gupdate1ca6b46d36c66e0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-22 133104]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-07 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2009-07-08 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2009-07-08 170480]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Arrakis3;BitDefender Serveur Arrakis; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-11-17 183880]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-01-29 292944]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2010-05-01 271728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-07 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2009-07-08 1108464]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-11-12 435016]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-04-24 1343400]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-07-14 1202688]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 uvnc_service;uvnc_service; F:\UltraVNC\WinVNC.exe [2009-08-16 1589704]

-----------------EOF-----------------

Pas de souci relevé par MAM.

Merci de votre aide.

Publicité
pear
 Posté le 09/05/2010 à 18:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Bonjour,

Si vous êtes sous Vista:Désactiver L'UAC ,avant sont utilisation.
Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valider par OK ,
il sera demandé de redémarrer


Téléchargez AD-Remover( de Cyrildu17 / C_XX ) sur le bureau
Déconnectez-vous et fermez toutes les applications en cours
Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .
Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel
Cliquez sur "OUI"
Double cliquer sur l'icône Ad-remover sur le bureau
image
Au menu principal choisir l'optionScanner et Validez

Patientez pendant le travail de l'outil.
Poster le rapport qui apparait à la fin .
Il est sauvegardé aussi sous C:\Ad-report.log

Ensuite

Relancer Ad- remover , choisir l'option Nettoyer

Il y aura 2 rapports à poster après Scanner et Nettoyer

Pour désinstaller AD-Remover, lancez avec l'option D puis supprimer l'icône du bureau.

Prévention:
Désactiver l'autorun sur tous les lecteur (USB, CD, DVD, SATA, Firewire, etc.
Pour cela,sous Xp :
Copier/coller ,dans le bloc notes,ce qui suit ,(en vert)sans ligne blanche au début.mais une à la fin.
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion­\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion­\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"


Sous Vista/7
Copier/coller ce qui suiten vertdans le bloc notes,sans ligne blanche au début.mais une à la fin.
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers]
"DisableAutoplay"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"


Fichier ->Enregistrez sous..
Clic sur bureau à gauche
Dans type de fichier->Tous les fichiers
Dans Nom-> regis.reg.
Allez sur le bureau
Cliquez droit sur le fichier ->fusionner
Acceptez la modification du Régistre




Télécharger Usb Fix de C_XX & Chiquitine29, sur le bureau

Installez le.
Vous devez désactiver la protection en temps réel de votre Antivirus qui peut considérer certains composants de ce logiciel comme néfastes.
* Pour cela, faites un clic droit sur l'icône de l'antivirus en bas à droite à côté de l'horloge puis Disable Guard ou Shield ou Résident...
TéléchargerOpen-Config de Lopp Blanc
Si vous êtes sous Vista et 7, si l'UAC est activé il faut le lancer en mode "Administrateur".

image
en vert c'est bon, en rouge on peut déverrouiller.
Un clic sur le bouton "Déverrouiller la configuration" va permettre de corriger tous les points en rouge,


Si vous êtes Sous Vista:
Désactivez le contrôle des comptes utilisateurs (Vous le réactiverez par la suite):
http://www.zebulon.fr/astuces/220-desactiver-l-uac-dans-vista.html
- Démarrer puis panneau de configuration->"Comptes d'utilisateurs"
- Cliquer ensuite sur désactiver et valider.


Lancer l'installation avec les paramètres par défault
Brancher les périphériques externes (clé USB, disque dur externe, etc...) sans les ouvrir
Faire un Clic-droit sur le raccourci Usbfix sur le bureau et choisir "Exécuter en tant qu'administrateur".

Lancer l' option 1(Recherche)
le rapport UsbFix.txt est sauvegardé à la racine du disque .
Faites en un copier/coller dans le bloc notes pour le poster.

Ensuite,
Lancer l'option 2(Suppression)
Le bureau disparait et le pc redémarre
Patientez le temps du scan.
le rapport UsbFix.txt est sauvegardé à la racine du disque
Faites en un copier/coller dans le bloc notes pour le poster.


Vaccination
Pour vous éviter une infection ultérieure:
Lancer l' Option 3 (vaccination)



Pour Désinstaller
Double clic sur le raccourci UsbFix sur le bureau
Lancer l' option 5 ( Désinstaller ) ....

pilotebien
 Posté le 09/05/2010 à 21:14 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Mon rapport de Scan:

.
======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 07/05/10 à 16:50
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:26:07 le 09/05/2010 | Mode normal | Option: SCAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft® Windows 7™ HomePremium - X86
Nom du PC: LEDIER-PC (System manufacturer System Product Name)
Utilisateur actuel: LEDIER
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
Service: *Application Updater*
.
C:\Program Files\Application Updater
C:\Program Files\AskBarDis
C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com
C:\Program Files\pdfforge Toolbar
C:\Users\LEDIER\AppData\LocalLow\pdfforge
C:\Users\LEDIER\AppData\LocalLow\Search Settings
C:\Users\LEDIER\AppData\Roaming\DesktopIcon
.
HKCU\Software\AppDataLow\AskBarDis
HKCU\Software\AppDataLow\Software\pdfforge
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKCU\Software\Search Settings
HKLM\Software\Application Updater
HKLM\Software\Classes\AskIBar.PopSwatterBarButton
HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1
HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl
HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1
HKLM\Software\Classes\AskToolBar.SettingsPlugin
HKLM\Software\Classes\AskToolBar.SettingsPlugin.1
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
HKLM\Software\GamesBarSetup
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
HKLM\Software\pdfforge
HKLM\Software\Search Settings
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\Application Updater\ApplicationUpdater.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\FF\chrome.manifest
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\FF\install.rdf
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\SSFF\chrome.manifest
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\SSFF\chrome\locale\en-US\searchsettingsplugin.dtd
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\SSFF\components\SearchSettingsFF.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\SSFF\install.rdf
.
.
============== SCAN ADDITIONNEL ==============
.
* Mozilla FireFox Version 3.6.3 (fr) *
.
C:\Users\LEDIER\..\ba81hjwy.default\prefs.js - browser.search.selectedEngine: Wibeez
C:\Users\LEDIER\..\ba81hjwy.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr/
C:\Users\LEDIER\..\ba81hjwy.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3
C:\Users\LEDIER\..\ba81hjwy.default\prefs.js - keyword.URL: hxxp://www.wibeez.com/france?search&q=
.
.
* Internet Explorer Version 8.0.7600.16385 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: hxxp://www.facebook.com/home.php?ref=home
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Ad-Remover\Backup: 0 Fichier(s)
.
C:\Ad-Report-SCAN[1].txt - 6180 Octet(s)
.
Fin à: 19:39:18, 09/05/2010
.
============== E.O.F - SCAN[1] ==============

Mon rapport de Clean:

.
======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 07/05/10 à 16:50
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:45:50 le 09/05/2010 | Mode normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft® Windows 7™ HomePremium - X86
Nom du PC: LEDIER-PC (System manufacturer System Product Name)
Utilisateur actuel: LEDIER
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: *Application Updater*
.
C:\Program Files\Application Updater
C:\Program Files\AskBarDis
C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com
C:\Program Files\pdfforge Toolbar
C:\Users\LEDIER\AppData\LocalLow\pdfforge
C:\Users\LEDIER\AppData\LocalLow\Search Settings
C:\Users\LEDIER\AppData\Roaming\DesktopIcon

(!) -- Fichiers temporaires supprimés.
.
HKCU\Software\AppDataLow\AskBarDis
HKCU\Software\AppDataLow\Software\pdfforge
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKCU\Software\Search Settings
HKLM\Software\Application Updater
HKLM\Software\Classes\AskIBar.PopSwatterBarButton
HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1
HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl
HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1
HKLM\Software\Classes\AskToolBar.SettingsPlugin
HKLM\Software\Classes\AskToolBar.SettingsPlugin.1
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
HKLM\Software\GamesBarSetup
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
HKLM\Software\pdfforge
HKLM\Software\Search Settings
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\Application Updater\ApplicationUpdater.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\FF\chrome.manifest
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\FF\install.rdf
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\SSFF\chrome.manifest
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\SSFF\chrome\locale\en-US\searchsettingsplugin.dtd
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\SSFF\components\SearchSettingsFF.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files\pdfforge Toolbar\SSFF\install.rdf
.
.
============== SCAN ADDITIONNEL ==============
.
* Mozilla FireFox Version 3.6.3 (fr) *
.
C:\Users\LEDIER\..\ba81hjwy.default\prefs.js - browser.search.selectedEngine: Wibeez
C:\Users\LEDIER\..\ba81hjwy.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr/
C:\Users\LEDIER\..\ba81hjwy.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3
C:\Users\LEDIER\..\ba81hjwy.default\prefs.js - keyword.URL: hxxp://www.wibeez.com/france?search&q=
.
.
* Internet Explorer Version 8.0.7600.16385 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Ad-Remover\Quarantine: 89 Fichier(s)
C:\Ad-Remover\Backup: 15 Fichier(s)
.
C:\Ad-Report-CLEAN[1].txt - 6443 Octet(s)
C:\Ad-Report-SCAN[1].txt - 6304 Octet(s)
.
Fin à: 19:54:19, 09/05/2010
.
============== E.O.F - CLEAN[1] ==============

pilotebien
 Posté le 09/05/2010 à 22:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Mon rapport USBFIX


############################## | UsbFix V6.112 |

User : LEDIER (Administrateurs) # LEDIER-PC
Update on 09/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21:06:43 | 09/05/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 32-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Disabled

C:\ -> Disque fixe local # 76,32 Go (30,04 Go free) [SYSTEME] # NTFS
D:\ -> Disque fixe local # 205,08 Go (147,04 Go free) [TRAVAIL ] # NTFS
E:\ -> Disque fixe local # 189,91 Go (92,33 Go free) [JEUX] # NTFS
F:\ -> Disque fixe local # 391,09 Go (377,85 Go free) [PROGRAMMES] # NTFS
G:\ -> Disque fixe local # 698,63 Go (528,23 Go free) [INTERNET] # NTFS
H:\ -> Disque fixe local # 390,62 Go (239,13 Go free) [SURCOUF] # NTFS
I:\ -> Disque CD-ROM
J:\ -> Disque CD-ROM # 1,24 Go (0 Mo free) [BF2XPACK DVD] # UDF
K:\ -> Disque fixe local # 308,01 Go (135,16 Go free) [DATACENTER] # NTFS
L:\ -> Disque fixe local # 698,63 Go (470,95 Go free) [MULTIMEDIA] # NTFS
M:\ -> Disque amovible
N:\ -> Disque CD-ROM
O:\ -> Disque CD-ROM
P:\ -> Disque amovible # 7,42 Go (1000,5 Mo free) [IPOD] # FAT32
Q:\ -> Disque amovible # 7,48 Go (5,58 Go free) [CLE NICOLAS] # FAT32

################## | Elements infectieux |

D:\autorun.inf
E:\autorun.inf
F:\autorun.inf
G:\autorun.inf
H:\autorun.inf
J:\autorun.inf
J:\autorun.exe
K:\autorun.inf
K:\Ntldr.exe
L:\autorun.inf
L:\Ntldr.exe
P:\autorun.inf
P:\autorun.exe
Q:\autorun.inf -> fichier appelé : "Q:\Updates\Drivers\System.exe" ( Présent ! )
Q:\autorun.inf
Q:\autorun.exe
Q:\Updates\Drivers\desktop.ini
Q:\Updates\Drivers\System.exe
Q:\Updates\Drivers
Q:\Updates
K:\ntldr.exe
L:\ntldr.exe

################## | Registre |


################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{0bea77d7-cf59-11de-b089-806e6f6e6963}
shell\AutoRun\command =I:\Install.exe

################## | Vaccin |


################## | ! Fin du rapport # UsbFix V6.112 ! |

pear
 Posté le 10/05/2010 à 10:53 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Il manque le rapport de nettoyage Usbfix !

Dans la barre d'adresse Firefox, tapez about:config

dans la fenêtre "filtre" tapez:keyword
si vous trouvez:
keyword.URL: hxxp://www.wibeez.com/france?search&q=

clic droit modifier:
inscrivez:
http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

recommencez la procédure pour
browser.search.selectedEngine: Wibeez

remplacez par google.

pilotebien
 Posté le 10/05/2010 à 12:46 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Le rapport USB Fic NETTOYAGE


############################## | UsbFix V6.112 |

User : LEDIER (Administrateurs) # LEDIER-PC
Update on 09/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 12:33:48 | 10/05/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 32-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Disabled

C:\ -> Disque fixe local # 76,32 Go (29,61 Go free) [SYSTEME] # NTFS
D:\ -> Disque fixe local # 205,08 Go (147,04 Go free) [TRAVAIL ] # NTFS
E:\ -> Disque fixe local # 189,91 Go (92,33 Go free) [JEUX] # NTFS
F:\ -> Disque fixe local # 391,09 Go (377,85 Go free) [PROGRAMMES] # NTFS
G:\ -> Disque fixe local # 698,63 Go (518,26 Go free) [INTERNET] # NTFS
H:\ -> Disque fixe local # 390,62 Go (239,13 Go free) [SURCOUF] # NTFS
I:\ -> Disque CD-ROM
J:\ -> Disque CD-ROM # 1,24 Go (0 Mo free) [BF2XPACK DVD] # UDF
K:\ -> Disque fixe local # 308,01 Go (135,16 Go free) [DATACENTER] # NTFS
L:\ -> Disque fixe local # 698,63 Go (470,95 Go free) [MULTIMEDIA] # NTFS
M:\ -> Disque amovible
N:\ -> Disque CD-ROM
O:\ -> Disque CD-ROM
Q:\ -> Disque amovible # 7,48 Go (5,45 Go free) [CLE NICOLAS] # FAT32

################## | Elements infectieux |

Supprimé ! C:\$Recycle.Bin\S-1-5-21-784295801-2750337316-878779667-1000
Supprimé ! D:\autorun.inf
Supprimé ! D:\$Recycle.Bin\S-1-5-21-784295801-2750337316-878779667-1000
Supprimé ! E:\autorun.inf
Supprimé ! E:\$Recycle.Bin\S-1-5-21-784295801-2750337316-878779667-1000
Supprimé ! F:\autorun.inf
Supprimé ! F:\$Recycle.Bin\S-1-5-21-784295801-2750337316-878779667-1000
Supprimé ! G:\autorun.inf
Supprimé ! G:\$Recycle.Bin\S-1-5-21-784295801-2750337316-878779667-1000
Supprimé ! H:\autorun.inf
Supprimé ! H:\$Recycle.Bin\S-1-5-21-784295801-2750337316-878779667-1000
(!) Non supprimé ! J:\autorun.inf
(!) Non supprimé ! J:\autorun.exe
Supprimé ! K:\autorun.inf
Supprimé ! K:\$Recycle.Bin\S-1-5-21-784295801-2750337316-878779667-1000
Supprimé ! L:\autorun.inf
Supprimé ! L:\$Recycle.Bin\S-1-5-21-784295801-2750337316-878779667-1000
Q:\autorun.inf -> fichier appelé : "Q:\Updates\Drivers\System.exe" ( Présent ! )
Supprimé ! Q:\Updates\Drivers\System.exe
Supprimé ! Q:\autorun.inf
Supprimé ! Q:\autorun.exe
Supprimé ! Q:\Updates\Drivers\desktop.ini
Supprimé ! Q:\Updates\Drivers
Supprimé ! Q:\Updates

################## | Registre |


################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{0bea77d7-cf59-11de-b089-806e6f6e6963}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[09/05/2010 19:54|--a------|6611] C:\Ad-Report-CLEAN[1].txt
[09/05/2010 19:39|--a------|6304] C:\Ad-Report-SCAN[1].txt
[10/06/2009 23:42|--a------|24] C:\autoexec.bat
[16/03/2010 23:42|--a------|848] C:\bar.emf
[05/05/2010 20:45|--a------|260283] C:\bdlog.txt
[14/07/2009 03:38|-rahs----|383562] C:\bootmgr
[12/11/2009 08:55|-rahs----|8192] C:\BOOTSECT.BAK
[15/12/2009 23:46|--a------|74] C:\CMLoader.log
[10/06/2009 23:42|--a------|10] C:\config.sys
[?|?|?] C:\hiberfil.sys
[12/11/2009 23:25|-rahs----|0] C:\IO.SYS
[12/11/2009 23:25|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[10/05/2010 12:43|--a------|3322] C:\UsbFix.txt
[09/05/2010 20:33|--ah-----|18161] D:\Driver.jar
[09/05/2010 23:02|--ah-----|18161] E:\Driver.jar
[09/05/2010 23:02|--ah-----|18161] F:\Driver.jar
[09/05/2010 20:33|--ah-----|18161] G:\Driver.jar
[09/05/2010 23:02|--ah-----|18161] H:\Driver.jar
[27/10/2005 23:41|-r-------|20482048] J:\00000001.TMP
[27/10/2005 23:41|-r-------|317440] J:\00000002.TMP
[27/10/2005 23:41|-r-------|4386816] J:\Autorun.exe
[27/10/2005 23:41|-r-------|46] J:\Autorun.inf
[27/10/2005 23:41|-r-------|4150] J:\BF2xp1.ico
[27/10/2005 23:39|-r-------|10081031] J:\data1.cab
[27/10/2005 23:39|-r-------|179561] J:\data1.hdr
[27/10/2005 23:41|-r-------|993840383] J:\data2.cab
[27/10/2005 23:41|-r-------|2115175] J:\dist.vlu
[22/10/2004 10:16|-r-------|470174] J:\engine32.cab
[27/10/2005 23:41|-r-------|9684] J:\layout.bin
[27/10/2005 04:21|-r-------|1279256] J:\Setup.bmp
[22/10/2004 10:16|-r-------|118736] J:\setup.exe
[27/10/2005 23:39|-r-------|464834] J:\setup.ibt
[27/10/2005 23:39|-r-------|633] J:\setup.ini
[27/10/2005 21:40|-r-------|246831] J:\setup.inx
[05/09/2009 22:58|--ahs----|402] K:\desktop.ini
[09/05/2010 23:02|--ah-----|18161] L:\Driver.jar
[09/05/2010 21:40|--a------|82043] Q:\Pr‚servatifs.jpg
[04/05/2010 14:08|--a------|684195] Q:\Plaquette_PC_ENSOA.pdf
[08/03/2010 15:19|--a------|34413568] Q:\LiMnO2_D_short.mpg
[06/05/2010 14:31|--a------|213991] Q:\Certificat Foot Adj LEDIER.pdf
[07/05/2010 11:02|--a------|242688] Q:\Demande Achat vierge - 07 mai 2010.xls
[07/05/2010 13:16|--a------|75264] Q:\Export OP 2009.xls
[08/03/2010 15:18|--a------|27859696] Q:\balle dans piles BB2590 lithium.wmv
[08/03/2010 15:19|--a------|25469952] Q:\perforation piles lithium nail.mpg
[08/03/2010 15:18|--a------|56572160] Q:\explosion piles BA 5390 lithium.wmv

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# E:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# F:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# G:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# H:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# K:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# L:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# Q:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

################## | Upload |

Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_LEDIER-PC.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.112 ! |

Page : [1] 
Page 1 sur 1

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
Gros problème ! Virus après une mise à jour avec avast?
J'ai un problème avec un ou plusieurs virus
Problème avec le "virus gendarmerie"
problème avec windows suite a attaques de virus!
probleme virus avec avira
problème avec kaspersky anti virus
probleme avec un virus DIVOCODEC
Encore un problème avec Gllob suite à virus msn..
Problème avec anti-virus
Problème etrange avec google. Virus ?
Plus de sujets relatifs à Probleme avec virus d-xdiag10cd.exe ou d-xdiag10bc
 > Tous les forums > Forum Sécurité