Sujet Précédent Sujet Suivant

Rapport HIjackthis pour Anthony51

Talamasca Messages postés 346 Statut Membre -  
Talamasca Messages postés 346 Statut Membre -
Re Anthony,
voilà le log hijackthis pour l'autre PC.
A mon avis y a du boulot

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:51:13, on 21/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\airsvcu.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\documents and settings\sonia\local settings\application data\oommqee.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\sonia\Bureau\OUtils désinfection\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.hiyo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe1.dll
R3 - URLSearchHook: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SmartShopper - {2BA1C226-EC1B-4471-A65F-D0688AC6EE3A} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: mysidesearch search enhancer - {99E015A6-8B83-702C-F705-3C16BAE4311E} - C:\WINDOWS\system32\wguryxujntueeya.dll
O2 - BHO: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: adzgalore - {c90e33e8-9a87-6d38-ace9-0d390a7326a0} - C:\WINDOWS\system32\nsf66.dll (file missing)
O2 - BHO: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: The Pirate Bay Toolbar - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe1.dll
O3 - Toolbar: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [{11-12-2F-F5-DW}] C:\windows\system32\rlwnw64r.exe DWrvgXX
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [HiYo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /F "C:\WINDOWS\TEMP\E_S15E.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Orange Link] "C:\PROGRA~1\ORANGE~1\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [second load] C:\DOCUME~1\sonia\APPLIC~1\IDOLSU~1\DrvWay.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [oommqee] "c:\documents and settings\sonia\local settings\application data\oommqee.exe" oommqee
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Présentation de Media Manager.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\SPLASHA.EXE
O4 - Startup: ppcbooster.lnk = C:\Program Files\ppcbooster\ppcbooster.exe
O4 - Startup: ppcb_32.lnk = C:\Program Files\ppcbooster\ppcb_32.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\rlwnw64r.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Protocol: bw+0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {7EF78BEC-612B-41F4-BCA6-BD74F590E0C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
A voir également:

25 réponses

Précédent
  • 1
  • 2
Réponse 21 / 25
anthony5151 Messages postés 10927 Statut Contributeur sécurité 790
 
/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement pour Talamasca, il n'est pas transposable sur un autre ordinateur !

• Télécharge ce dossier Talamasca.zip
• Fais un clic-droit dessus --> Extraire tout --> choisis le Bureau comme destination
• Un autre dossier va apparaitre, prends le fichier CFScript.txt qui se trouve à l'intérieur et place le sur le Bureau.

• Désactive tes logiciels de protection
• Fais un glisser/déposer de ce fichier CFScript.txt sur le fichier Combofix.exe

• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici → C:\ComboFix.txt

Télécharge Flash Disinfector (de sUBs) sur ton Bureau.
• Double clique dessus pour le lancer
• Une fenêtre "Start Flash Disinfector" va apparaître --> branche tous tes disques amovibles (clés USB, lecteurs mp3, disques durs externes, iPod...) et clique sur OK.
• Tes icônes vont disparaitre, c'est normal, ne touche à rien pendant la désinfection.
• Lorsque le message "Finish" apparaît, clique sur OK.

Remarque : ton antivirus peut afficher une alerte pour ce programme, c'est bien sûr une fausse alerte. Si c'est le cas, désactive le temporairement.

Enfin, télécharge Ad-Remover (de C_XX) sur ton Bureau.

/!\ Déconnecte toi et ferme toutes les applications en cours /!\

● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-remover située sur ton Bureau
● Au menu principal choisis l'option "A"
● Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report(date).log )

Remarque : si ton antivirus fait une alerte sur process.exe, ignore la et désactive ton antivirus. C'est un composant d'Ad-Remover, détecté comme outil à risque, mais qui est tout à fait légitime.

Aide en images ( Installation ) : http://pagesperso-orange.fr/FindyKill.Ad.Remover/ad_r_instal.html
Aide en images ( Recherche ) : http://pagesperso-orange.fr/FindyKill.Ad.Remover/ad_r_recherche.html

0
Réponse 22 / 25
Talamasca Messages postés 346 Statut Membre 11
 
Voilà pour C-Fix et ton script:

ComboFix 09-03-19.02 - sonia 2009-03-23 20:24:21.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.502.261 [GMT 1:00]
Lancé depuis: c:\documents and settings\sonia\Bureau\C-fix.exe
Commutateurs utilisés :: c:\documents and settings\sonia\Bureau\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090319-0] *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\CMSSTGU.DLL
c:\windows\system32\SHSTGEU.DLL

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-23 au 2009-03-23 ))))))))))))))))))))))))))))))))))))
.

2009-03-22 11:53 . 2009-03-22 11:53 <REP> d--h----- c:\windows\ie8
2009-03-16 22:32 . 2009-03-16 22:32 <REP> d-------- c:\program files\eEye Digital Security
2009-03-15 21:11 . 2009-03-15 21:11 <REP> d-------- c:\documents and settings\sonia\Application Data\Malwarebytes
2009-03-15 21:10 . 2009-03-15 21:11 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-11 23:39 . 2009-03-11 23:39 <REP> d-------- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-14 00:00 --------- d-----w c:\program files\Program Files
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:05 1,846,912 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-16 23:03 2,560 ----a-w c:\windows\_MSRSTRT.EXE
2009-01-16 22:17 47,927 ----a-w c:\windows\BricoPackUninst.cmd
2009-01-16 22:17 219,648 ----a-w c:\windows\system32\uxtheme.dll
2009-01-16 22:17 2,150 ----a-w c:\windows\BricoPackFoldersDelete.cmd
2009-01-16 09:13 3,084 ----a-w c:\documents and settings\sonia\Application Data\wklnhst.dat
2009-01-10 13:16 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-08-25 17:32 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008082520080826\index.dat
.

------- Sigcheck -------

2008-04-14 04:34 1886208 318626d9d5cc4ecd0ec3ba5f261cbf3d c:\windows\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2008-04-14 04:34 1886208 318626d9d5cc4ecd0ec3ba5f261cbf3d c:\windows\ServicePackFiles\i386\explorer.exe
2004-08-19 16:09 1036288 2a7bd330924252a2fd80344fc949bb72 c:\windows\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 1037312 d0288319660edcfed07c7e74c4ea38a5 c:\windows\$NtServicePackUninstall$\explorer.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-03-22_11.47.16.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-08-13 17:39:20 71,680 ------w c:\windows\ie8\admparse.dll
+ 2008-12-20 22:46:48 124,928 ------w c:\windows\ie8\advpack.dll
+ 2008-04-14 03:33:22 35,328 ------w c:\windows\ie8\corpol.dll
+ 2008-12-20 22:46:48 347,136 ------w c:\windows\ie8\dxtmsft.dll
+ 2008-12-20 22:46:48 214,528 ------w c:\windows\ie8\dxtrans.dll
+ 2007-08-13 17:18:02 60,416 ------w c:\windows\ie8\hmmapi.dll
+ 2008-12-20 22:46:50 63,488 ------w c:\windows\ie8\icardie.dll
+ 2008-12-19 09:11:12 70,656 ------w c:\windows\ie8\ie4uinit.exe
+ 2008-12-20 22:46:50 153,088 ------w c:\windows\ie8\ieakeng.dll
+ 2008-12-20 22:46:50 230,400 ------w c:\windows\ie8\ieaksie.dll
+ 2008-12-19 05:23:56 161,792 ------w c:\windows\ie8\ieakui.dll
+ 2007-04-17 10:32:38 2,455,488 ------w c:\windows\ie8\ieapfltr.dat
+ 2008-12-20 22:46:50 383,488 ------w c:\windows\ie8\ieapfltr.dll
+ 2008-12-20 22:46:50 384,512 ------w c:\windows\ie8\iedkcs32.dll
+ 2008-04-14 03:33:26 81,920 ------w c:\windows\ie8\ieencode.dll
+ 2008-12-20 22:46:54 6,066,688 ------w c:\windows\ie8\ieframe.dll
+ 2007-08-13 17:54:10 191,488 ------w c:\windows\ie8\iepeers.dll
+ 2007-08-13 17:54:10 287,744 ------w c:\windows\ie8\ieproxy.dll
+ 2008-12-20 22:46:54 44,544 ------w c:\windows\ie8\iernonce.dll
+ 2008-12-20 22:46:54 267,776 ------w c:\windows\ie8\iertutil.dll
+ 2007-08-13 17:39:12 55,296 ------w c:\windows\ie8\iesetup.dll
+ 2007-08-13 17:54:10 180,736 ------w c:\windows\ie8\ieui.dll
+ 2008-12-19 05:25:26 634,024 ------w c:\windows\ie8\iexplore.exe
+ 2007-08-13 17:36:06 36,352 ------w c:\windows\ie8\imgutil.dll
+ 2007-08-13 17:39:02 92,672 ------w c:\windows\ie8\inseng.dll
+ 2008-05-09 11:55:00 512,000 ------w c:\windows\ie8\jscript.dll
+ 2008-12-20 22:46:56 27,648 ------w c:\windows\ie8\jsproxy.dll
+ 2007-08-13 17:44:18 40,960 ------w c:\windows\ie8\licmgr10.dll
+ 2008-12-20 22:46:56 459,264 ------w c:\windows\ie8\msfeeds.dll
+ 2008-12-20 22:46:58 52,224 ------w c:\windows\ie8\msfeedsbs.dll
+ 2007-08-13 17:36:40 12,288 ------w c:\windows\ie8\msfeedssync.exe
+ 2007-08-13 17:32:30 45,568 ------w c:\windows\ie8\mshta.exe
+ 2009-01-16 20:15:42 3,594,752 ------w c:\windows\ie8\mshtml.dll
+ 2008-12-20 22:47:02 477,696 ------w c:\windows\ie8\mshtmled.dll
+ 2007-08-13 17:01:12 48,128 ------w c:\windows\ie8\mshtmler.dll
+ 2007-08-13 17:54:10 156,160 ------w c:\windows\ie8\msls31.dll
+ 2008-12-20 22:47:02 193,024 ------w c:\windows\ie8\msrating.dll
+ 2008-12-20 22:47:02 671,232 ------w c:\windows\ie8\mstime.dll
+ 2008-12-20 22:47:02 102,912 ------w c:\windows\ie8\occache.dll
+ 2008-12-20 22:47:02 44,544 ------w c:\windows\ie8\pngfilt.dll
+ 2006-09-06 16:43:28 216,800 ------w c:\windows\ie8\spuninst.exe
+ 2008-09-08 23:26:14 49,736 ------w c:\windows\ie8\spuninst\iecustom.dll
+ 2008-06-12 10:28:06 235,040 ------w c:\windows\ie8\spuninst\spuninst.exe
+ 2008-06-12 10:28:08 406,048 ------w c:\windows\ie8\spuninst\updspapi.dll
+ 2008-12-20 22:47:02 105,984 ------w c:\windows\ie8\url.dll
+ 2008-12-20 22:47:04 1,160,192 ------w c:\windows\ie8\urlmon.dll
+ 2008-05-09 11:55:00 430,080 ------w c:\windows\ie8\vbscript.dll
+ 2007-07-13 00:30:52 765,952 ------w c:\windows\ie8\vgx.dll
+ 2008-12-20 22:47:04 233,472 ------w c:\windows\ie8\webcheck.dll
+ 2007-08-13 17:45:16 206,336 ------w c:\windows\ie8\winfxdocobj.exe
+ 2008-12-20 22:47:04 826,368 ------w c:\windows\ie8\wininet.dll
- 2007-08-13 17:39:20 71,680 ------w c:\windows\system32\admparse.dll
+ 2008-08-22 02:06:30 72,704 ----a-w c:\windows\system32\admparse.dll
- 2008-12-20 22:46:48 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-22 02:06:16 128,512 ----a-w c:\windows\system32\advpack.dll
+ 2009-02-05 21:11:36 1,256,296 ----a-w c:\windows\system32\aswBoot.exe
+ 2009-02-05 21:04:46 97,480 ----a-w c:\windows\system32\AvastSS.scr
- 2008-04-14 03:33:22 35,328 ------w c:\windows\system32\corpol.dll
+ 2008-08-22 02:07:08 18,944 ----a-w c:\windows\system32\corpol.dll
- 2007-08-13 17:39:20 71,680 ------w c:\windows\system32\dllcache\admparse.dll
+ 2008-08-22 02:06:30 72,704 ----a-w c:\windows\system32\dllcache\admparse.dll
- 2008-12-20 22:46:48 124,928 ------w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-22 02:06:16 128,512 ----a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-06-12 10:28:06 1,022,976 ------w c:\windows\system32\dllcache\browseui.dll
+ 2008-08-22 02:07:08 18,944 ------w c:\windows\system32\dllcache\corpol.dll
- 2008-12-20 22:46:48 347,136 ------w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-22 02:05:16 346,624 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-12-20 22:46:48 214,528 ------w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-22 02:05:10 217,088 ----a-w c:\windows\system32\dllcache\dxtrans.dll
- 2007-08-13 17:18:02 60,416 ------w c:\windows\system32\dllcache\hmmapi.dll
+ 2008-08-22 02:00:28 68,608 ----a-w c:\windows\system32\dllcache\hmmapi.dll
- 2008-12-20 22:46:50 63,488 ------w c:\windows\system32\dllcache\icardie.dll
+ 2008-08-22 02:05:20 61,952 ----a-w c:\windows\system32\dllcache\icardie.dll
- 2008-12-19 09:11:12 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-22 02:06:24 162,304 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-12-20 22:46:50 153,088 ------w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-08-22 02:06:36 124,928 ----a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-12-20 22:46:50 230,400 ------w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-22 02:06:40 228,864 ----a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
+ 2008-08-22 02:06:24 163,840 ----a-w c:\windows\system32\dllcache\ieakui.dll
- 2007-04-17 10:32:38 2,455,488 ------w c:\windows\system32\dllcache\ieapfltr.dat
+ 2008-07-29 21:58:08 3,670,112 ----a-w c:\windows\system32\dllcache\ieapfltr.dat
- 2008-12-20 22:46:50 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-08-22 01:42:22 443,392 ----a-w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-12-20 22:46:50 384,512 ------w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-22 02:06:44 385,024 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-12-20 22:46:54 6,066,688 ------w c:\windows\system32\dllcache\ieframe.dll
+ 2008-08-22 02:10:34 11,985,408 ----a-w c:\windows\system32\dllcache\ieframe.dll
- 2007-08-13 17:54:10 191,488 ------w c:\windows\system32\dllcache\iepeers.dll
+ 2008-08-22 02:05:24 186,880 ----a-w c:\windows\system32\dllcache\iepeers.dll
- 2008-12-20 22:46:54 44,544 ------w c:\windows\system32\dllcache\iernonce.dll
+ 2008-08-22 02:06:20 55,808 ----a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-12-20 22:46:54 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
+ 2008-08-22 02:06:02 1,778,688 ----a-w c:\windows\system32\dllcache\iertutil.dll
- 2007-08-13 17:39:12 55,296 ------w c:\windows\system32\dllcache\iesetup.dll
+ 2008-08-22 02:06:24 71,680 ----a-w c:\windows\system32\dllcache\iesetup.dll
- 2008-12-19 05:25:26 634,024 ------w c:\windows\system32\dllcache\iexplore.exe
+ 2008-09-08 23:23:38 637,984 ----a-w c:\windows\system32\dllcache\iexplore.exe
- 2007-08-13 17:36:06 36,352 ------w c:\windows\system32\dllcache\imgutil.dll
+ 2008-08-22 02:05:14 35,840 ----a-w c:\windows\system32\dllcache\imgutil.dll
- 2007-08-13 17:39:02 92,672 ------w c:\windows\system32\dllcache\inseng.dll
+ 2008-08-22 02:06:16 94,720 ----a-w c:\windows\system32\dllcache\inseng.dll
- 2008-05-09 11:55:00 512,000 ------w c:\windows\system32\dllcache\jscript.dll
+ 2008-08-22 02:06:30 552,960 ----a-w c:\windows\system32\dllcache\jscript.dll
- 2008-12-20 22:46:56 27,648 ------w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-22 02:06:58 28,672 ----a-w c:\windows\system32\dllcache\jsproxy.dll
- 2007-08-13 17:44:18 40,960 ------w c:\windows\system32\dllcache\licmgr10.dll
+ 2008-08-22 02:08:00 43,008 ----a-w c:\windows\system32\dllcache\licmgr10.dll
- 2008-12-20 22:46:56 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-08-22 02:05:48 580,608 ----a-w c:\windows\system32\dllcache\msfeeds.dll
- 2008-12-20 22:46:58 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-08-22 02:05:22 53,760 ----a-w c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-08-13 17:32:30 45,568 ------w c:\windows\system32\dllcache\mshta.exe
+ 2008-08-22 02:04:54 45,568 ----a-w c:\windows\system32\dllcache\mshta.exe
- 2009-01-16 20:15:42 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-22 02:09:32 5,699,584 ----a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-12-20 22:47:02 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-22 02:05:08 70,656 ----a-w c:\windows\system32\dllcache\mshtmled.dll
- 2007-08-13 17:01:12 48,128 ------w c:\windows\system32\dllcache\mshtmler.dll
+ 2008-08-22 02:05:00 48,128 ----a-w c:\windows\system32\dllcache\mshtmler.dll
- 2007-08-13 17:54:10 156,160 ------w c:\windows\system32\dllcache\msls31.dll
+ 2008-08-22 01:57:56 156,160 ----a-w c:\windows\system32\dllcache\msls31.dll
- 2008-12-20 22:47:02 193,024 ------w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-22 02:07:50 193,536 ----a-w c:\windows\system32\dllcache\msrating.dll
- 2008-12-20 22:47:02 671,232 ------w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-22 02:05:34 630,272 ----a-w c:\windows\system32\dllcache\mstime.dll
- 2008-12-20 22:47:02 102,912 ------w c:\windows\system32\dllcache\occache.dll
+ 2008-08-22 02:07:50 116,224 ----a-w c:\windows\system32\dllcache\occache.dll
- 2008-12-20 22:47:02 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-22 02:05:14 45,056 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-06-12 10:28:06 1,497,088 ------w c:\windows\system32\dllcache\shdocvw.dll
+ 2008-06-12 10:28:06 474,624 ------w c:\windows\system32\dllcache\shlwapi.dll
+ 2008-06-12 10:27:56 134,144 ------w c:\windows\system32\dllcache\sqmapi.dll
- 2008-12-20 22:47:02 105,984 ------w c:\windows\system32\dllcache\url.dll
+ 2008-08-22 02:07:58 105,984 ----a-w c:\windows\system32\dllcache\url.dll
- 2008-12-20 22:47:04 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-22 02:08:22 1,206,784 ----a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-05-09 11:55:00 430,080 ------w c:\windows\system32\dllcache\vbscript.dll
+ 2008-08-22 02:06:36 434,176 ----a-w c:\windows\system32\dllcache\vbscript.dll
- 2007-07-13 00:30:52 765,952 ------w c:\windows\system32\dllcache\vgx.dll
+ 2008-08-22 02:07:20 755,200 ----a-w c:\windows\system32\dllcache\VGX.dll
- 2008-12-20 22:47:04 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
+ 2008-08-22 02:08:08 236,544 ----a-w c:\windows\system32\dllcache\webcheck.dll
- 2008-12-20 22:47:04 826,368 ------w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-22 02:08:06 878,592 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2009-02-05 21:05:12 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
+ 2009-02-05 21:07:12 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
+ 2009-02-05 21:08:20 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2009-02-05 21:08:10 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2009-02-05 21:06:10 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2009-02-05 21:07:24 114,768 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2009-02-05 21:06:20 51,376 ----a-w c:\windows\system32\drivers\aswTdi.sys
- 2008-12-20 22:46:48 347,136 ------w c:\windows\system32\dxtmsft.dll
+ 2008-08-22 02:05:16 346,624 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-12-20 22:46:48 214,528 ------w c:\windows\system32\dxtrans.dll
+ 2008-08-22 02:05:10 217,088 ----a-w c:\windows\system32\dxtrans.dll
- 2008-12-20 22:46:50 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-08-22 02:05:20 61,952 ----a-w c:\windows\system32\icardie.dll
- 2006-06-29 07:05:44 26,112 ------w c:\windows\system32\idndl.dll
+ 2008-06-12 10:27:42 26,112 ----a-w c:\windows\system32\idndl.dll
- 2008-12-19 09:11:12 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-08-22 02:06:24 162,304 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-12-20 22:46:50 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-08-22 02:06:36 124,928 ----a-w c:\windows\system32\ieakeng.dll
- 2008-12-20 22:46:50 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-08-22 02:06:40 228,864 ----a-w c:\windows\system32\ieaksie.dll
- 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-08-22 02:06:24 163,840 ----a-w c:\windows\system32\ieakui.dll
- 2007-04-17 10:32:38 2,455,488 ------w c:\windows\system32\ieapfltr.dat
+ 2008-07-29 21:58:08 3,670,112 ----a-w c:\windows\system32\ieapfltr.dat
- 2008-12-20 22:46:50 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-08-22 01:42:22 443,392 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-12-20 22:46:50 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-08-22 02:06:44 385,024 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-12-20 22:46:54 6,066,688 ----a-w c:\windows\system32\ieframe.dll
+ 2008-08-22 02:10:34 11,985,408 ----a-w c:\windows\system32\ieframe.dll
- 2007-08-13 17:54:10 191,488 ------w c:\windows\system32\iepeers.dll
+ 2008-08-22 02:05:24 186,880 ----a-w c:\windows\system32\iepeers.dll
- 2008-12-20 22:46:54 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-08-22 02:06:20 55,808 ----a-w c:\windows\system32\iernonce.dll
- 2008-12-20 22:46:54 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-08-22 02:06:02 1,778,688 ----a-w c:\windows\system32\iertutil.dll
- 2007-08-13 17:39:12 55,296 ------w c:\windows\system32\iesetup.dll
+ 2008-08-22 02:06:24 71,680 ----a-w c:\windows\system32\iesetup.dll
- 2008-12-19 09:10:16 13,824 ------w c:\windows\system32\ieudinit.exe
+ 2008-08-22 02:06:24 36,864 ----a-w c:\windows\system32\ieudinit.exe
- 2007-08-13 17:54:10 180,736 ------w c:\windows\system32\ieui.dll
+ 2008-08-22 01:58:12 181,760 ----a-w c:\windows\system32\ieui.dll
- 2007-08-13 17:36:06 36,352 ------w c:\windows\system32\imgutil.dll
+ 2008-08-22 02:05:14 35,840 ----a-w c:\windows\system32\imgutil.dll
- 2007-08-13 17:39:02 92,672 ------w c:\windows\system32\inseng.dll
+ 2008-08-22 02:06:16 94,720 ----a-w c:\windows\system32\inseng.dll
- 2008-05-09 11:55:00 512,000 ----a-w c:\windows\system32\jscript.dll
+ 2008-08-22 02:06:30 552,960 ----a-w c:\windows\system32\jscript.dll
- 2008-12-20 22:46:56 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-08-22 02:06:58 28,672 ----a-w c:\windows\system32\jsproxy.dll
- 2007-08-13 17:44:18 40,960 ------w c:\windows\system32\licmgr10.dll
+ 2008-08-22 02:08:00 43,008 ----a-w c:\windows\system32\licmgr10.dll
+ 2008-08-05 16:55:38 265,720 ----a-w c:\windows\system32\msdbg2.dll
- 2008-12-20 22:46:56 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-08-22 02:05:48 580,608 ----a-w c:\windows\system32\msfeeds.dll
- 2008-12-20 22:46:58 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-08-22 02:05:22 53,760 ----a-w c:\windows\system32\msfeedsbs.dll
- 2007-08-13 17:36:40 12,288 ------w c:\windows\system32\msfeedssync.exe
+ 2008-08-22 02:05:22 13,312 ----a-w c:\windows\system32\msfeedssync.exe
- 2007-08-13 17:32:30 45,568 ------w c:\windows\system32\mshta.exe
+ 2008-08-22 02:04:54 45,568 ----a-w c:\windows\system32\mshta.exe
- 2009-01-16 20:15:42 3,594,752 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-22 02:09:32 5,699,584 ----a-w c:\windows\system32\mshtml.dll
- 2008-12-20 22:47:02 477,696 ------w c:\windows\system32\mshtmled.dll
+ 2008-08-22 02:05:08 70,656 ----a-w c:\windows\system32\mshtmled.dll
- 2007-08-13 17:01:12 48,128 ------w c:\windows\system32\mshtmler.dll
+ 2008-08-22 02:05:00 48,128 ----a-w c:\windows\system32\mshtmler.dll
- 2007-08-13 17:54:10 156,160 ------w c:\windows\system32\msls31.dll
+ 2008-08-22 01:57:56 156,160 ----a-w c:\windows\system32\msls31.dll
- 2008-12-20 22:47:02 193,024 ------w c:\windows\system32\msrating.dll
+ 2008-08-22 02:07:50 193,536 ----a-w c:\windows\system32\msrating.dll
- 2008-12-20 22:47:02 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-08-22 02:05:34 630,272 ----a-w c:\windows\system32\mstime.dll
- 2006-06-28 16:59:26 24,576 ------w c:\windows\system32\nlsdl.dll
+ 2008-06-12 10:27:44 24,576 ----a-w c:\windows\system32\nlsdl.dll
- 2006-06-29 07:05:44 23,552 ------w c:\windows\system32\normaliz.dll
+ 2008-06-12 10:27:42 23,552 ----a-w c:\windows\system32\normaliz.dll
- 2008-12-20 22:47:02 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-08-22 02:07:50 116,224 ----a-w c:\windows\system32\occache.dll
- 2008-12-20 22:47:02 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-22 02:05:14 45,056 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-22 02:05:00 48,640 ------w c:\windows\system32\PrivacIE.dll
- 2007-11-30 11:19:06 18,296 ------w c:\windows\system32\spmsg.dll
+ 2008-06-12 10:28:06 17,952 ------w c:\windows\system32\spmsg.dll
- 2007-07-27 08:41:38 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2008-06-12 10:28:06 26,144 ----a-w c:\windows\system32\spupdsvc.exe
- 2008-12-20 22:47:02 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-08-22 02:07:58 105,984 ----a-w c:\windows\system32\url.dll
- 2008-12-20 22:47:04 1,160,192 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-22 02:08:22 1,206,784 ----a-w c:\windows\system32\urlmon.dll
- 2008-05-09 11:55:00 430,080 ----a-w c:\windows\system32\vbscript.dll
+ 2008-08-22 02:06:36 434,176 ----a-w c:\windows\system32\vbscript.dll
- 2008-12-20 22:47:04 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-08-22 02:08:08 236,544 ----a-w c:\windows\system32\webcheck.dll
- 2007-08-13 17:45:16 206,336 ------w c:\windows\system32\WinFXDocObj.exe
+ 2008-08-22 02:08:22 208,384 ----a-w c:\windows\system32\WinFXDocObj.exe
- 2008-12-20 22:47:04 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-22 02:08:06 878,592 ----a-w c:\windows\system32\wininet.dll
- 2008-04-14 03:33:52 121,856 ----a-w c:\windows\system32\xmllite.dll
+ 2008-06-12 10:28:02 121,856 ----a-w c:\windows\system32\xmllite.dll
+ 2009-03-23 19:27:22 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_430.dat
+ 2009-03-23 19:27:22 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_5c0.dat
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a33fa729-d155-4b23-842b-2c665ecabdb6}"= "c:\program files\The_Pirate_Bay\tbThe0.dll" [2009-03-21 1883672]
"{cd36797a-70f3-4acd-8825-623d3b896881}"= "c:\program files\securedie\tbsecu.dll" [2007-09-06 1453080]

[HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}]

[HKEY_CLASSES_ROOT\clsid\{cd36797a-70f3-4acd-8825-623d3b896881}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a33fa729-d155-4b23-842b-2c665ecabdb6}]
2009-03-21 21:04 1883672 --a------ c:\program files\The_Pirate_Bay\tbThe0.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cd36797a-70f3-4acd-8825-623d3b896881}]
2007-09-06 12:28 1453080 --a------ c:\program files\securedie\tbsecu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a33fa729-d155-4b23-842b-2c665ecabdb6}"= "c:\program files\The_Pirate_Bay\tbThe0.dll" [2009-03-21 1883672]
"{cd36797a-70f3-4acd-8825-623d3b896881}"= "c:\program files\securedie\tbsecu.dll" [2007-09-06 1453080]

[HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}]

[HKEY_CLASSES_ROOT\clsid\{cd36797a-70f3-4acd-8825-623d3b896881}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A33FA729-D155-4B23-842B-2C665ECABDB6}"= "c:\program files\The_Pirate_Bay\tbThe0.dll" [2009-03-21 1883672]
"{CD36797A-70F3-4ACD-8825-623D3B896881}"= "c:\program files\securedie\tbsecu.dll" [2007-09-06 1453080]

[HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}]

[HKEY_CLASSES_ROOT\clsid\{cd36797a-70f3-4acd-8825-623d3b896881}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-07-21 36864]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-11 68856]
"eMuleAutoStart"="c:\program files\eMule\emule.exe" [2009-02-22 5668864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"HiYo"="c:\program files\HiYo\bin\HiYo.exe" [2009-01-28 300336]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-10 136600]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\sonia\Menu D‚marrer\Programmes\D‚marrage\
Pr‚sentation de Media Manager.lnk - c:\program files\Fichiers communs\Microsoft Shared\Media Manager\SPLASHA.EXE [1997-07-31 156672]
Y'z ToolBar.lnk - c:\windows\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe [2002-09-29 90112]
Stardock ObjectDock.lnk - c:\windows\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe [2005-02-21 1826885]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-07-21 196608]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= ir41_32.dll
"wave2"= rddv1044.dll
"midi2"= rddv1044.dll
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\[u]0[/u]stera

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57760:TCP"= 57760:TCP:Pando P2P TCP Listening Port
"57760:UDP"= 57760:UDP:Pando P2P UDP Listening Port

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-22 114768]
R1 Hotkey;Hotkey;c:\windows\system32\drivers\HOTKEY.sys [2005-07-06 9867]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-22 20560]
R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [2005-07-06 4096]
R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [2005-07-06 78208]
R2 osaio;osaio;c:\windows\system32\drivers\osaio.sys [2006-01-28 8704]
R2 osanbm;osanbm;c:\windows\system32\drivers\osanbm.sys [2006-01-28 4010]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2008-09-20 33792]
S1 mailKmd;mailKmd; [x]
S1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys --> c:\windows\system32\drivers\Wbutton.sys [?]
S2 MMIndexer;Indexer de Media Manager;c:\program files\Fichiers communs\Microsoft Shared\Media Manager\AIRSVCU.EXE [1997-07-31 137216]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-11 29744]
S3 PAC207;SoC PC-Camera Beta3;c:\windows\system32\drivers\pfc027.sys [2005-02-24 162176]
S3 PCANDIS5_RETWIFI;PCANDIS5_RETWIFI Protocol Driver;\??\c:\progra~1\EEYEDI~1\RETINA~1\PCANDIS5_RETWIFI.SYS --> c:\progra~1\EEYEDI~1\RETINA~1\PCANDIS5_RETWIFI.SYS [?]
S3 PCANDIS5_WIFISCAN.SYS;PCANDIS5_WIFISCAN.SYS;\??\c:\program files\eEye Digital Security\Retina Wireless Scanner\PCANDIS5_WIFISCAN.SYS --> c:\program files\eEye Digital Security\Retina Wireless Scanner\PCANDIS5_WIFISCAN.SYS [?]
S3 POWERKEY;POWERKEY;c:\program files\Launch Manager\POWERKEY.SYS [2006-01-28 2343]
S3 RDID1044;Roland SP-606;c:\windows\system32\drivers\rdwm1044.sys [2006-07-07 161422]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\w300mgmt.sys [2007-12-05 87824]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;c:\windows\system32\drivers\w300obex.sys [2007-12-05 85696]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d1c0902-353e-11dd-b6df-0014a4532927}]
\Shell\AutoRun\command - F:\setupSNK.exe
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://lo.st/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
mWindow Title =
uInternet Settings,ProxyOverride = localhost
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-23 20:29:20
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1331557266-1888346133-1591605675-1005\RemoteAccess\Profile\x *]
"EnableAutodisconnect"=dword:00000001
"EnableExitDisconnect"=dword:00000001
"DisconnectIdleTime"=dword:00000014
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'lsass.exe'(560)
c:\windows\system32\rddv1044.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
c:\program files\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
c:\acer\EMANAGER\ANBMSERV.EXE
c:\program files\GOOGLE\COMMON\GOOGLE UPDATER\GOOGLEUPDATERSERVICE.EXE
c:\program files\JAVA\JRE6\BIN\JQS.EXE
c:\windows\SYSTEM32\PASTISVC.EXE
c:\windows\SYSTEM32\WBEM\WMIAPSRV.EXE
c:\program files\Windows Live\Messenger\MsnMsgr.Exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-03-23 20:31:26 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-03-23 19:31:24
ComboFix2.txt 2009-03-22 10:48:18

Avant-CF: 14 600 568 832 octets libres
Après-CF: 14,576,484,352 octets libres

430 --- E O F --- 2009-03-21 22:36:43

Ensuite Flash-Desinfector c"est exécuter normalement, par contre avec Ad-Remover y a eu un problème.

Le programme c'est lancé, j'ai ordonné l'option A, le scan a commencé mais au bout d'un moment j'ai une fenêtre qui c'est ouverte "GREP.exe _ l'application n'a pas pu n'initialiser et ne s'exécutera pas normalement..."
j'ai cliqué OK le programme c'est fermé et je ne peux plus le relancer... je vais essayer de le réinstaller pour voir
0
Réponse 23 / 25
Talamasca Messages postés 346 Statut Membre 11
 
Bon, même en ré-installant ça ne marche pas
quand je vais dans"ajouter supprimer des programmes" et que je fais supprimer Ad-Remover à chaque fois j'ai un message qui me dit qu'une erreur c'est produite qu'il est peut être déjà désinstallé...
Peut en le téléchargeant une nouvelle fois...
0
Réponse 24 / 25
anthony5151 Messages postés 10927 Statut Contributeur sécurité 790
 
Est-ce que tu peux lancer Ad-Remover et choisir l'option "Désinstaller" ?

Sinon, supprime le manuellement (tu le trouveras dans C:\Program Files)

Ensuite, désactive ton antivirus, puis retélécharge le.

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 25
Talamasca Messages postés 346 Statut Membre 11
 
non impossible de relancer Ad-Remover, je l'installe mais c'est comme si il n'y était pas...
j'essayerais comme tu me dis, en le re-télécharger avec l'antivirus désactivé.
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses