Me débarasser de sos connexin

Question

Bonjour, je veux me déebarasser de sos connexion !!!... (merci).
Je pence avoir des virus ,je ne sais même pas comment sos con....... est arrivé sur mon pc ! j'ai essayé beaucoup de choses par moi même ,je n'y arrive pas.(désolé pour l'ortogrphe).

pimprenelle27 · Answer

Bonjour,

Pour commencer :  faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner

Ensuite :

Télécharge le fichier d'installation d'HijackThis.

Enregistre HJTInstall.exe sur ton bureau.

Renomme Hijackthis en Tutu

Double-clique sur HJTInstall.exe (tutu)  pour lancer le programme

Par défaut, il s'installera là :
C:\Program Files\Trend Micro\HijackThis

Accepte la licence en cliquant sur le bouton "I Accept"

Choisis l'option "Do a system scan and save a log file"

Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note

Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

Colle le rapport que tu viens de copier sur ce forum

Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement

Tutoriaux (ne fixe rien pour le moment !!)

Pour ceux qui ont vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs

cartondodo · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:27:44, on 08/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Users\Tomtom\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Shareaza\Shareaza.exe
D:\Partage Mulet\emule0.49b-Xtreme7.1\emule.exe
C:\Windows\system32\conime.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Tomtom\Videos	utu.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = SOS Connexion - Le web en toute simplicité
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent	bP2P1.dll
R3 - URLSearchHook: johnqtv1 Toolbar - {e413a417-d00b-4a3b-9c17-19048046f1ce} - C:\Program Files\johnqtv1	bjoh1.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net	bfree.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent	bP2P1.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: johnqtv1 Toolbar - {e413a417-d00b-4a3b-9c17-19048046f1ce} - C:\Program Files\johnqtv1	bjoh1.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net	bfree.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent	bP2P1.dll
O3 - Toolbar: johnqtv1 Toolbar - {e413a417-d00b-4a3b-9c17-19048046f1ce} - C:\Program Files\johnqtv1	bjoh1.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net	bfree.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Users\Tomtom\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\Tomtom\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Users\Tomtom\Desktop\emule.exe -AutoStart
O4 - HKCU\..\Run: [yiwka] "c:\users	omtom\appdata\local\yiwka.exe" yiwka
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Startup: Ubisoft register.lnk = C:\Program Files\Ubisoft\Register\schedule.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\Tomtom\AppData\LocalLow\Dealio\kb127es\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O13 - Gopher Prefix: 
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Users\Tomtom\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Update Service (gupdate1c98739f840dc24) (gupdate1c98739f840dc24) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32
vvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

cartondodo · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:27:44, on 08/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Users\Tomtom\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Shareaza\Shareaza.exe
D:\Partage Mulet\emule0.49b-Xtreme7.1\emule.exe
C:\Windows\system32\conime.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Tomtom\Videos	utu.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = SOS Connexion - Le web en toute simplicité
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent	bP2P1.dll
R3 - URLSearchHook: johnqtv1 Toolbar - {e413a417-d00b-4a3b-9c17-19048046f1ce} - C:\Program Files\johnqtv1	bjoh1.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net	bfree.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent	bP2P1.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: johnqtv1 Toolbar - {e413a417-d00b-4a3b-9c17-19048046f1ce} - C:\Program Files\johnqtv1	bjoh1.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net	bfree.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: P2P Torrent Toolbar - {bc4be15d-6a34-4356-9e97-79e43da32b1d} - C:\Program Files\P2P_Torrent	bP2P1.dll
O3 - Toolbar: johnqtv1 Toolbar - {e413a417-d00b-4a3b-9c17-19048046f1ce} - C:\Program Files\johnqtv1	bjoh1.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net	bfree.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Users\Tomtom\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\Tomtom\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Users\Tomtom\Desktop\emule.exe -AutoStart
O4 - HKCU\..\Run: [yiwka] "c:\users	omtom\appdata\local\yiwka.exe" yiwka
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Startup: Ubisoft register.lnk = C:\Program Files\Ubisoft\Register\schedule.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\Tomtom\AppData\LocalLow\Dealio\kb127es\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O13 - Gopher Prefix: 
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Users\Tomtom\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Update Service (gupdate1c98739f840dc24) (gupdate1c98739f840dc24) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32
vvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

cartondodo · Answer

désoler j'ai du copier coller 2 fois en croyant ne l'avoir fait que une. Je n'ai pas compri le terme "fixe" ,en esperant que je n'ai pas fait de connerie ,sinnon j'ai fait comme le message disé merci des instruction , mais je ne comprend pas le copier coller  ,ou est la finalité dans toute ces démarche? merci ,a plus tard. Thomas.*

g!rly · Answer

commence par 
Télécharge combofix.exe (par sUBs) sur ton Bureau.

-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe     

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse. 

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

juste un conseil...

cartondodo · Answer

ComboFix 09-03-06.02 - Tomtom 2009-03-08 20:42:42.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.3069.1793 [GMT 1:00]
Lancé depuis: c:\users\Tomtom\Desktop\ComboFix.exe
AV: BitDefender Antivirus *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\acer\Empowering Technology\eRecovery\Autorun\SW1\Tuner\Liteon\Resources\_desktop.ini
c:\drv\Tuner\Yuan\Resources\_desktop.ini
c:\users\Tomtom\AppData\Local\aauid.dat
c:\users\Tomtom\AppData\Local\aauid.exe
c:\users\Tomtom\AppData\Local\aauid_nav.dat
c:\users\Tomtom\AppData\Local\aauid_navps.dat
c:\users\Tomtom\AppData\Local\ssgkeqm.dat
c:\users\Tomtom\AppData\Local\ssgkeqm.exe
c:\users\Tomtom\AppData\Local\ssgkeqm_nav.dat
c:\users\Tomtom\AppData\Local\ssgkeqm_navps.dat
c:\users\Tomtom\AppData\Local\yiwka.dat
c:\users\Tomtom\AppData\Local\yiwka.exe
c:\users\Tomtom\AppData\Local\yiwka_nav.dat
c:\users\Tomtom\AppData\Local\yiwka_navps.dat
c:\windows\system32\x64
c:\windows\system32\x64\csnp2uvc.dll
c:\windows\system32\x64\rsnpvc64.dll
c:\windows\system32\x64\sncduvc.sys
c:\windows\system32\x64\snp2uvc.sys
c:\windows\system32\x64\vsnpvc64.dll
D:\update.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-08 au 2009-03-08 ))))))))))))))))))))))))))))))))))))
.

2009-03-07 21:22 . 2009-03-07 21:22 <REP> d-------- c:\users\All Users\Games-Attack
2009-03-07 21:22 . 2009-03-07 21:22 <REP> d-------- c:\programdata\Games-Attack
2009-03-07 18:18 . 2009-03-07 18:18 <REP> d-------- c:\program files\OpenAL
2009-03-07 18:18 . 2009-03-07 18:18 413,696 --a------ c:\windows\System32\wrap_oal.dll
2009-03-07 18:18 . 2009-03-07 18:18 110,592 --a------ c:\windows\System32\OpenAL32.dll
2009-03-06 16:47 . 2009-03-06 16:47 <REP> d-------- c:\program files\Activision
2009-03-06 03:13 . 2009-03-06 03:13 <REP> d-------- c:\users\Tomtom\AppData\Roaming\Template
2009-03-06 03:13 . 2009-03-06 08:07 152 --a------ c:\users\Tomtom\AppData\Roaming\wklnhst.dat
2009-03-04 15:21 . 2009-03-04 15:21 <REP> d-------- c:\program files\Universal Extractor
2009-03-02 22:38 . 2009-03-02 22:38 <REP> d-------- c:\users\Tomtom\AppData\Roaming\Shareaza
2009-03-02 22:38 . 2009-03-02 22:38 <REP> d-------- c:\program files\Shareaza
2009-03-02 21:46 . 2009-03-02 21:46 <REP> d-------- c:\users\Tomtom\AppData\Roaming\Thunderbird
2009-03-02 03:12 . 2009-03-02 03:12 <REP> d--h-c--- c:\users\All Users\{D053C6A1-0410-4934-B297-783A3379D416}
2009-03-02 03:12 . 2009-03-02 03:12 <REP> d--h-c--- c:\programdata\{D053C6A1-0410-4934-B297-783A3379D416}
2009-03-02 02:17 . 2009-03-02 02:17 <REP> d-------- c:\program files\GameSpy
2009-03-02 02:13 . 2009-03-02 03:12 <REP> d--h-c--- c:\users\All Users\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}
2009-03-02 02:13 . 2009-03-02 03:12 <REP> d--h-c--- c:\programdata\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}
2009-03-02 01:51 . 2009-03-02 01:51 <REP> d-------- c:\program files\Electronic Arts
2009-03-01 00:54 . 2009-03-08 18:00 <REP> d-------- c:\program files\Norton Security Scan
2009-02-28 01:24 . 2009-03-08 04:08 <REP> d-------- c:\program files\Steam
2009-02-28 01:24 . 2009-02-28 01:31 <REP> d-------- c:\program files\Common Files\Steam
2009-02-25 21:38 . 2009-03-02 07:16 <REP> d-------- c:\users\Tomtom\AppData\Roaming\Azureus
2009-02-25 21:38 . 2009-02-25 21:38 <REP> d-------- c:\users\All Users\Azureus
2009-02-25 21:38 . 2009-02-25 21:38 <REP> d-------- c:\programdata\Azureus
2009-02-25 21:38 . 2009-02-25 21:38 <REP> d-------- c:\program files\AskBarDis
2009-02-25 21:37 . 2009-02-26 19:23 <REP> d-------- c:\program files\Vuze
2009-02-25 21:17 . 2009-03-04 23:20 <REP> d-------- c:\users\Tomtom\AppData\Roaming\LimeWire
2009-02-25 21:16 . 2009-02-25 21:16 410,984 --a------ c:\windows\System32\deploytk.dll
2009-02-24 18:25 . 2007-09-02 20:56 1,686,016 --a------ c:\windows\System32\clinetsuitex6.ocx
2009-02-24 18:25 . 2004-06-14 14:56 427,864 --a------ c:\windows\System32\XceedZip.dll
2009-02-24 01:13 . 2009-02-24 01:13 <REP> dr------- c:\windows\System32\config\systemprofile\Videos
2009-02-24 01:13 . 2009-02-24 01:13 <REP> dr------- c:\windows\System32\config\systemprofile\Searches
2009-02-24 01:13 . 2009-02-24 01:13 <REP> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-02-24 01:13 . 2009-02-24 01:13 <REP> dr------- c:\windows\System32\config\systemprofile\Pictures
2009-02-24 01:13 . 2009-02-24 01:13 <REP> dr------- c:\windows\System32\config\systemprofile\Links
2009-02-24 01:13 . 2009-02-24 01:13 <REP> dr------- c:\windows\System32\config\systemprofile\Downloads
2009-02-24 01:13 . 2009-02-24 01:13 <REP> dr------- c:\windows\System32\config\systemprofile\Documents
2009-02-24 01:10 . 2009-03-08 05:16 <REP> d-------- c:\program files\Trend Micro
2009-02-24 00:35 . 2009-02-24 01:53 1,822 --a------ c:\windows\System32\BDUpdateV1.xml
2009-02-24 00:28 . 2009-02-24 00:28 <REP> d-------- c:\windows\BDOSCAN8
2009-02-24 00:00 . 2009-02-24 06:03 81,984 --a------ c:\windows\System32\bdod.bin
2009-02-23 23:54 . 2009-02-23 23:54 850 --a------ c:\windows\System32\ProductTweaks.xml
2009-02-23 23:54 . 2009-02-23 23:54 385 --a------ c:\windows\System32\user_gensett.xml
2009-02-23 23:51 . 2009-02-23 23:51 <REP> d-------- c:\windows\System32\logs
2009-02-23 23:51 . 2009-02-23 23:51 <REP> d-------- c:\users\Tomtom\AppData\Roaming\BitDefender
2009-02-23 23:50 . 2009-02-23 23:54 <REP> d-------- c:\users\All Users\BitDefender
2009-02-23 23:50 . 2009-02-23 23:54 <REP> d-------- c:\programdata\BitDefender
2009-02-23 23:49 . 2009-02-23 23:49 <REP> d-------- c:\windows\System32\URTTEMP
2009-02-23 23:48 . 2009-02-24 06:05 <REP> d-------- c:\program files\Common Files\BitDefender
2009-02-23 21:23 . 2009-02-24 18:41 <REP> d-------- c:\program files\Dipisoft
2009-02-23 21:23 . 2001-08-22 23:00 1,355,776 --a------ c:\windows\System32\msvbvm50.dll
2009-02-23 21:23 . 1998-03-14 16:47 96,256 --a------ c:\windows\System32\vb5fr.dll
2009-02-22 23:32 . 2009-02-22 23:32 <REP> d-------- c:\program files\Crytek
2009-02-22 18:59 . 2001-05-04 11:05 505,104 --a------ c:\windows\System32\msxml.dll
2009-02-22 18:59 . 1998-06-18 00:00 89,360 --a------ c:\windows\System32\VB5DB.DLL
2009-02-22 18:59 . 2000-03-17 08:21 69,632 --a------ c:\windows\System32\xmltok.dll
2009-02-22 18:59 . 2000-03-17 08:21 36,864 --a------ c:\windows\System32\xmlparse.dll
2009-02-22 18:59 . 2002-04-24 12:43 35,840 --a------ c:\windows\System32\comdlg32.oca
2009-02-22 18:59 . 2002-04-09 17:23 29,184 --a------ c:\windows\System32\MSINET.oca
2009-02-22 18:59 . 2001-05-04 11:05 28,432 --a------ c:\windows\System32\msxmlr.dll
2009-02-22 18:59 . 2002-10-17 10:35 26,096 --a------ c:\windows\System32\xmlinst.exe
2009-02-22 18:38 . 2009-02-22 18:38 <REP> d-------- c:\program files\free-downloads.net
2009-02-22 18:38 . 2009-02-22 18:38 <REP> d-------- c:\program files\Alcohol Soft
2009-02-22 18:35 . 2009-02-22 18:35 717,296 --a------ c:\windows\System32\drivers\sptd.sys
2009-02-15 08:04 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-15 08:04 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-15 08:04 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-15 08:04 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-15 08:04 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-14 17:06 . 2009-02-14 17:06 <REP> d-------- c:\program files\Common Files\Skype
2009-02-12 18:31 . 2009-02-12 18:50 <REP> d-------- c:\users\Tomtom\AVG Anti-Spyware 7.5
2009-02-12 18:31 . 2009-02-12 18:31 <REP> d-------- c:\users\Tomtom\AppData\Roaming\Grisoft
2009-02-12 18:31 . 2009-02-12 18:31 <REP> d-------- c:\users\All Users\Grisoft
2009-02-12 18:31 . 2009-02-12 18:31 <REP> d-------- c:\programdata\Grisoft
2009-02-12 18:31 . 2007-05-30 13:10 10,872 --a------ c:\windows\System32\drivers\AvgAsCln.sys
2009-02-11 03:24 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 03:24 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-08 19:28 108,526 ----a-w c:\users\All Users\nvModes.dat
2009-03-08 19:28 108,526 ----a-w c:\programdata\nvModes.dat
2009-03-07 20:38 138,464 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-03-07 20:37 111,928 ----a-w c:\windows\System32\PnkBstrB.exe
2009-03-06 23:46 --------- d-----w c:\users\Tomtom\AppData\Roaming\Skype
2009-03-06 16:25 --------- d-----w c:\program files\Ubisoft
2009-03-06 16:07 22,328 ----a-w c:\users\Tomtom\AppData\Roaming\PnkBstrK.sys
2009-03-06 16:06 682,280 ----a-w c:\windows\System32\pbsvc.exe
2009-03-05 06:32 --------- d-----w c:\users\Tomtom\AppData\Roaming\dvdcss
2009-03-04 17:45 --------- d-----w c:\program files\Ipod Video Converter
2009-02-28 23:54 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-27 16:39 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-25 20:16 --------- d-----w c:\program files\Java
2009-02-25 18:32 --------- d-----w c:\programdata\eMule
2009-02-25 18:25 --------- d-----w c:\users\Tomtom\AppData\Roaming\skypePM
2009-02-25 18:24 --------- d-----w c:\users\Tomtom\AppData\Roaming\EoRezo
2009-02-24 04:11 --------- d-----w c:\program files\eMule
2009-02-24 00:13 2,720 ----a-w c:\windows\System32\ealregsnapshot1.reg
2009-02-23 19:33 --------- d-----w c:\program files\johnqtv1
2009-02-22 22:32 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-21 20:22 --------- d-----w c:\program files\Google
2009-02-19 17:23 --------- d-----w c:\program files\Safari
2009-02-16 17:59 --------- d-----w c:\program files\P2P_Torrent
2009-02-14 16:06 --------- d-----w c:\programdata\Skype
2009-02-12 02:00 --------- d-----w c:\program files\Windows Mail
2009-02-11 01:31 --------- d-----w c:\program files\Free Audio Pack
2009-02-08 20:34 --------- d-----w c:\program files\Codemasters
2009-02-08 20:31 --------- d-----w c:\program files\Bethesda Softworks
2009-02-05 21:06 51,792 ----a-w c:\windows\system32\drivers\aswMonFlt.sys
2009-01-31 22:18 --------- d-----w c:\users\Tomtom\AppData\Roaming\CyberLink
2009-01-31 21:41 --------- d-----w c:\programdata\CyberLink
2009-01-31 21:13 --------- d---a-w c:\programdata\TEMP
2009-01-31 20:34 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-01-30 23:58 --------- d-----w c:\program files\inKline Global
2009-01-28 19:26 --------- d-----w c:\users\Tomtom\AppData\Roaming\vlc
2009-01-27 23:17 --------- d-----w c:\users\Tomtom\AppData\Roaming\JLC's Software
2009-01-26 17:55 --------- d-----w c:\program files\eMule Acceleration Patch
2009-01-26 17:55 --------- d-----w c:\program files\Conduit
2009-01-25 01:09 --------- d-----w c:\program files\Common Files\Java
2009-01-24 21:12 --------- d-----w c:\programdata\RapidSolution
2009-01-23 16:01 --------- d-----w c:\program files\Bonjour
2009-01-22 13:28 290,816 ----a-w c:\windows\System32\decdll.dll
2009-01-21 21:07 --------- d-----w c:\users\Tomtom\AppData\Roaming\BitZipper
2009-01-21 21:07 --------- d-----w c:\program files\BitZipper
2009-01-20 21:22 --------- d-----w c:\program files\Internet Download Manager
2009-01-20 21:21 --------- d-----w c:\users\Tomtom\AppData\Roaming\DMCache
2009-01-20 21:19 --------- d-----w c:\users\Tomtom\AppData\Roaming\IDM
2009-01-18 22:22 --------- d-----w c:\programdata\Microsoft Help
2009-01-18 20:46 56 ---ha-w c:\users\All Users\ezsidmv.dat
2009-01-18 20:46 56 ---ha-w c:\programdata\ezsidmv.dat
2009-01-16 21:53 --------- d-----w c:\program files\PDFCreator
2009-01-16 21:07 --------- d-----w c:\users\Tomtom\AppData\Roaming\Sony
2009-01-16 21:07 --------- d-----w c:\programdata\Sony
2009-01-16 20:24 --------- d-----w c:\program files\Sony
2009-01-16 20:24 --------- d-----w c:\program files\Common Files\Sony Shared
2009-01-16 20:23 --------- d-----w c:\programdata\Sony Corporation
2009-01-16 20:22 --------- d-----w c:\program files\Sony Setup
2009-01-16 20:13 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-01-15 23:26 --------- d-----w c:\program files\Windows Live
2009-01-15 23:02 --------- d-----w c:\program files\Microsoft Sync Framework
2009-01-15 23:02 --------- d-----w c:\program files\Microsoft
2009-01-15 23:01 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-01-15 22:59 --------- d-----w c:\program files\Windows Live SkyDrive
2009-01-15 22:50 --------- d-----w c:\program files\Common Files\Windows Live
2009-01-15 20:22 --------- d-----w c:\program files\Common Files\Adobe
2009-01-15 20:12 --------- d-----w c:\programdata\Yahoo! Companion
2009-01-15 19:08 --------- d-----w c:\program files\OrangeHSS
2009-01-15 18:22 --------- d--h--w c:\programdata\yahoo!
2009-01-15 18:22 --------- d-----w c:\users\Tomtom\AppData\Roaming\Yahoo!
2009-01-15 18:22 --------- d-----w c:\program files\Yahoo!
2009-01-15 17:45 --------- d-----w c:\programdata\NVIDIA
2009-01-14 21:35 174 --sha-w c:\program files\desktop.ini
2009-01-14 21:29 --------- d-----w c:\program files\Windows Sidebar
2009-01-14 21:29 --------- d-----w c:\program files\Windows Photo Gallery
2009-01-14 21:29 --------- d-----w c:\program files\Windows Journal
2009-01-14 21:29 --------- d-----w c:\program files\Windows Defender
2009-01-14 21:29 --------- d-----w c:\program files\Windows Collaboration
2009-01-14 21:29 --------- d-----w c:\program files\Windows Calendar
2009-01-14 21:21 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-01-14 21:21 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-01-14 21:08 47,560 ----a-w c:\windows\System32\SPReview.exe
2009-01-14 21:08 152,576 ----a-w c:\windows\System32\SPWizUI.dll
2009-01-14 02:03 --------- d-----w c:\program files\Microsoft Works
2009-01-13 23:08 --------- d-----w c:\program files\AGEIA Technologies
2009-01-13 22:44 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-01-13 19:57 --------- d-----w c:\users\Tomtom\AppData\Roaming\Apple Computer
2009-01-13 19:11 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-13 19:11 --------- d-----w c:\program files\iTunes
2009-01-13 19:11 --------- d-----w c:\program files\iPod
2009-01-13 19:11 --------- d-----w c:\program files\Common Files\Apple
2009-01-13 19:10 --------- d-----w c:\program files\QuickTime
2009-01-13 18:37 27,934 ----a-w c:\users\Tomtom\AppData\Roaming\nvModes.dat
2009-01-12 17:25 --------- d-----w c:\program files\Securitoo
2009-01-12 17:21 --------- d-----w c:\program files\Common Files\France Telecom
2009-01-10 23:05 --------- dc-h--w c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2009-01-10 22:48 --------- d-----w c:\programdata\Electronic Arts
2008-12-26 21:49 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2008-12-23 20:58 453,152 ----a-w c:\windows\System32\NVUNINST.EXE
2008-12-12 10:18 87,336 ----a-w c:\windows\System32\dns-sd.exe
2008-12-12 10:11 61,440 ----a-w c:\windows\System32\dnssd.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bc4be15d-6a34-4356-9e97-79e43da32b1d}"= "c:\program files\P2P_Torrent\tbP2P1.dll" [2009-02-16 1882136]
"{e413a417-d00b-4a3b-9c17-19048046f1ce}"= "c:\program files\johnqtv1\tbjoh1.dll" [2009-02-23 1882136]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-09-15 1784856]

[HKEY_CLASSES_ROOT\clsid\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]

[HKEY_CLASSES_ROOT\clsid\{e413a417-d00b-4a3b-9c17-19048046f1ce}]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-12-09 18:40 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]
2009-02-16 18:59 1882136 --a------ c:\program files\P2P_Torrent\tbP2P1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e413a417-d00b-4a3b-9c17-19048046f1ce}]
2009-02-23 20:33 1882136 --a------ c:\program files\johnqtv1\tbjoh1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-09-15 06:47 1784856 --a------ c:\program files\free-downloads.net\tbfree.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bc4be15d-6a34-4356-9e97-79e43da32b1d}"= "c:\program files\P2P_Torrent\tbP2P1.dll" [2009-02-16 1882136]
"{e413a417-d00b-4a3b-9c17-19048046f1ce}"= "c:\program files\johnqtv1\tbjoh1.dll" [2009-02-23 1882136]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-09-15 1784856]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]

[HKEY_CLASSES_ROOT\clsid\{e413a417-d00b-4a3b-9c17-19048046f1ce}]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BC4BE15D-6A34-4356-9E97-79E43DA32B1D}"= "c:\program files\P2P_Torrent\tbP2P1.dll" [2009-02-16 1882136]
"{E413A417-D00B-4A3B-9C17-19048046F1CE}"= "c:\program files\johnqtv1\tbjoh1.dll" [2009-02-23 1882136]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-09-15 1784856]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]

[HKEY_CLASSES_ROOT\clsid\{e413a417-d00b-4a3b-9c17-19048046f1ce}]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-21 39408]
"Steam"="c:\program files\steam\steam.exe" [2009-02-28 1410296]
"Comrade.exe"="c:\program files\GameSpy\Comrade\Comrade.exe" [2008-10-01 800256]
"Shareaza"="c:\program files\Shareaza\Shareaza.exe" [2008-10-01 5723136]
"eMuleAutoStart"="c:\users\Tomtom\Desktop\emule.exe" [2008-12-20 6086656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"!AVG Anti-Spyware"="c:\users\Tomtom\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-25 136600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SoftwareHelper"="c:\users\Tomtom\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe" [2008-12-09 368224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]

c:\users\Tomtom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Ubisoft register.lnk - c:\program files\Ubisoft\Register\schedule.exe [2009-02-22 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ExifLauncher2.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk
backup=c:\windows\pss\ExifLauncher2.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PDFCreator.lnk
backup=c:\windows\pss\PDFCreator.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Tomtom^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DipisoftUpdate.lnk]
path=c:\users\Tomtom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DipisoftUpdate.lnk
backup=c:\windows\pss\DipisoftUpdate.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Tomtom^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^eMule Acceleration Patch.lnk]
path=c:\users\Tomtom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eMule Acceleration Patch.lnk
backup=c:\windows\pss\eMule Acceleration Patch.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
--a------ 2007-06-11 10:25 6731312 c:\users\Tomtom\AVG Anti-Spyware 7.5\avgas.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
--a------ 2007-08-01 17:30 151552 c:\acer\AcerTour\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 02:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2008-11-23 01:36 203720 c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
--a------ 2007-06-06 09:06 159744 c:\program files\Apoint2K\Apoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2009-02-06 16:27 177472 c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\au]
--a------ 2008-05-26 18:50 595296 c:\program files\Dealio\DealioAU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]
--------- 2007-08-31 16:38 1286144 c:\acer\Empowering Technology\eAudio\eAudio.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
--a------ 2007-04-25 16:33 457216 c:\acer\Empowering Technology\eDataSecurity\eDSLoader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
--a------ 2008-01-18 23:33 125952 c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
--a------ 2008-12-20 03:51 6086656 d:\emule extra\emule0.49b-Xtreme7.1\emule.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
--a------ 2007-07-12 15:36 178712 c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
--a------ 2007-10-17 06:57 768520 c:\progra~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2008-12-02 22:41 3882312 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2008-12-08 17:42 13601312 c:\windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2008-12-08 17:42 92704 c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAHSSSessionManager]
--a------ 2007-12-12 09:50 107248 c:\program files\OrangeHSS\SessionManager\SessionManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
--a------ 2008-04-09 12:05 14487552 c:\program files\inKline Global\PC Booster\PCBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
--------- 2007-12-05 09:32 200704 c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
--a------ 2007-07-05 11:35 94208 c:\windows\PLFSetL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
--a------ 2008-06-12 15:57 991584 c:\program files\Search Settings\SearchSettings.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
--a------ 2008-01-18 23:33 1233920 c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2009-02-28 01:29 1410296 c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2009-02-21 21:22 39408 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
--a------ 2008-01-29 16:38 583048 c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tarantula]
--a------ 2006-09-30 15:48 176128 c:\program files\Razer\Tarantula\razerhid.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipStunt]
--a------ 2008-12-01 17:29 9039152 d:\voipstunt\VoipStunt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
--a------ 2006-11-05 20:48 57344 c:\acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2008-01-18 23:38 1008184 c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsLivePhone]
--a------ 2008-12-22 14:59 787816 c:\program files\Windows Live\Device Manager\msgrdvmn.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
--a------ 2007-07-06 04:06 4669440 c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
--a------ 2007-06-15 09:45 1826816 c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{95A7975D-F577-4067-AC0A-954BCF96402E}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{5F29E5F7-5482-49D6-9F4E-1BF6426FA02D}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
"{94900125-AC46-4578-9B8C-4800245D3DA6}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
"{50E87D2A-F768-47F4-8DB9-99477B0B2538}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard
"{032D76A3-1403-40E4-8D3F-EDAC700F61D3}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F9A7E859-6350-444F-A69B-AE53485A6107}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8AE2EC57-3B55-47B5-B8B3-7BA2307CAFB0}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
"{573A8F55-2604-40B7-B804-5CA54C095BF5}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie
"{87DD4A0A-A830-44E4-A212-ACE71AE92E84}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program
"{B4A8B3B3-40C0-4E61-8F82-2D3423ACBC95}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{B6755FD6-E0B3-4DC1-8930-64D0F7C5CB33}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2
"{686999D1-204A-4182-9297-E8C97873DCA7}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{15E07FAC-8453-4E3D-9C75-7CBE8FE76429}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater
"{D39D3154-ECA0-46AE-BDBC-1C49EB630BD1}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur
"{2B7A30BF-80C7-44A1-B157-9FE13CBC1C16}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur
"{D2301614-88E2-468C-B7C1-5967F648E5E7}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{5F9D561E-520E-4CA0-B5DB-42CBE8CBDC08}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{FDF06420-8CF1-4287-9053-8E2EF99A05CB}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{F9A2802C-251B-41FF-B71E-59411212B3D8}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{CBBD5718-9FBE-438A-8A3C-3D1C78D6B7C0}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{F8CB8F11-DDBC-4399-8E91-12A0BC0009DA}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"{F7A6F8EC-369A-49B1-B9B2-191C3FB82C33}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{BAB66E30-03EA-4236-9DF8-FD244B9846E5}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{5D6BF710-03B4-4262-B9D9-761901204324}c:\\program files\\maxis\\simcity 3000 world edition\\apps\\updater\\updater.exe"= UDP:c:\program files\maxis\simcity 3000 world edition\apps\updater\updater.exe:SC3UpdaterMFC
"UDP Query User{128CF55C-C0BA-46DD-87E4-3E4F3056C4F6}c:\\program files\\maxis\\simcity 3000 world edition\\apps\\updater\\updater.exe"= TCP:c:\program files\maxis\simcity 3000 world edition\apps\updater\updater.exe:SC3UpdaterMFC
"{A3880D1E-E66F-4773-BAB0-2EA7308DE3E6}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{A7A81752-E784-4C2D-81C9-85FE51A82085}"= UDP:c:\program files\Sony\Media Manager for PSP\MediaManager.exe:Media Manager for PSP 3.0
"{6F0AC3CE-BFD0-49AD-A4E6-B83315AEC35E}"= TCP:c:\program files\Sony\Media Manager for PSP\MediaManager.exe:Media Manager for PSP 3.0
"{4A6E61D3-3308-4F2C-AD13-B9C070A4ECCF}"= UDP:d:\voipstunt\VoipStunt.exe:VoipStunt
"{1935861C-D3EC-4127-ACF8-AF3A0455952F}"= TCP:d:\voipstunt\VoipStunt.exe:VoipStunt
"{6A950D82-9ADD-446E-AE0E-2525DDD2275F}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{883C370D-8CD5-4C80-B77E-C1ED436041A3}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{D0ACDE70-82D7-47A2-BE40-E25D0E52645E}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{6CE2EEFC-3D3C-422C-ACF0-547845410D84}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{C40B36F4-D49B-4C22-8D1F-32327B68F599}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{57D6BC49-4816-4251-AE5B-08F46D7C75AB}d:\\emule\\emule.exe"= UDP:d:\emule\emule.exe:eMule
"UDP Query User{DFC35FA2-3B79-416F-9186-2BE9A774029E}d:\\emule\\emule.exe"= TCP:d:\emule\emule.exe:eMule
"{1F14F8A8-0E8C-450C-9C94-99AB3803514F}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{8A118AA8-A9B6-4554-B38F-634A7B718309}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{3603EFA9-C4E2-4B35-BD27-668E14EB6E20}d:\\internet tv\\internet tv.exe"= UDP:d:\internet tv\internet tv.exe:Internet TV
"UDP Query User{900A106A-7538-4F2A-9AA9-818F2A2FBB90}d:\\internet tv\\internet tv.exe"= TCP:d:\internet tv\internet tv.exe:Internet TV
"TCP Query User{258E9BF2-C0B7-4279-A62A-FF3592B25646}d:\\adsltv.exe"= UDP:D:\adsltv.exe:adsltv
"UDP Query User{4C0B4176-B1DC-4123-B964-7D82AC88C059}d:\\adsltv.exe"= TCP:D:\adsltv.exe:adsltv
"TCP Query User{CD6A3172-168F-430E-9255-350B90FDA1AD}d:\\emule xtra\\emule\\emule.exe"= UDP:d:\emule xtra\emule\emule.exe:eMule Plus
"UDP Query User{DA4459B7-F7C2-4FCA-856E-3341C31A16C7}d:\\emule xtra\\emule\\emule.exe"= TCP:d:\emule xtra\emule\emule.exe:eMule Plus
"TCP Query User{8BB9D82B-6A86-4E28-A144-D5C56A8D9284}d:\\snaketv\\snaketv.exe"= UDP:d:\snaketv\snaketv.exe:SnakeTV
"UDP Query User{AE71461C-980E-420F-842A-E646BBC3D7A1}d:\\snaketv\\snaketv.exe"= TCP:d:\snaketv\snaketv.exe:SnakeTV
"TCP Query User{C738FE84-0765-4D56-92F0-2997C6DCDD6D}d:\\emule extra\\emule0.49b-xtreme7.1\\emule.exe"= UDP:d:\emule extra\emule0.49b-xtreme7.1\emule.exe:eMule
"UDP Query User{1C1CB0FA-4766-4FD4-89B6-DD4E9F5CC142}d:\\emule extra\\emule0.49b-xtreme7.1\\emule.exe"= TCP:d:\emule extra\emule0.49b-xtreme7.1\emule.exe:eMule
"TCP Query User{EED44513-E233-45B6-838F-EF2311640940}c:\\users\\tomtom\\desktop\\emule.exe"= UDP:c:\users\tomtom\desktop\emule.exe:emule.exe
"UDP Query User{6EEAA25E-E13A-4C9F-8212-8DF76CEBE04B}c:\\users\\tomtom\\desktop\\emule.exe"= TCP:c:\users\tomtom\desktop\emule.exe:emule.exe
"{1D14D386-B5F3-43DF-8FD7-CB608F369649}"= UDP:d:\limewire\LimeWire.exe:LimeWire
"{C2AD4349-D8BF-4D84-8845-F1B0555FBE67}"= TCP:d:\limewire\LimeWire.exe:LimeWire
"TCP Query User{041A300C-FC0D-4EE0-9B0A-52625F2BF87E}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{1F5A3164-6809-4052-8B87-FB8883532B98}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"{3360FF63-CB00-4DC1-8EBE-D4955DCEAFBF}"= UDP:d:\tom dowl\LimeWire.exe:LimeWire
"{6D8F0127-8BB9-438D-A067-8BAB515109CA}"= TCP:d:\tom dowl\LimeWire.exe:LimeWire
"TCP Query User{17E59C77-2DA9-40FE-9E99-53B02373FD6E}d:\\skype\\phone\\skype.exe"= UDP:d:\skype\phone\skype.exe:Skype
"UDP Query User{3D022F9E-BF5F-436E-9003-9A77910FE015}d:\\skype\\phone\\skype.exe"= TCP:d:\skype\phone\skype.exe:Skype
"TCP Query User{BBB23609-0BEF-4973-8EB6-D0BD84B52EE2}c:\\users\\tomtom\\desktop\\skype.exe"= UDP:c:\users\tomtom\desktop\skype.exe:skype.exe
"UDP Query User{E2B7852A-FC36-4875-8D9E-59070099BA46}c:\\users\\tomtom\\desktop\\skype.exe"= TCP:c:\users\tomtom\desktop\skype.exe:skype.exe
"{0CE70990-1210-4951-9A49-B5E05006842F}"= UDP:d:\steam!!!!\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
"{DF40DE9D-23E6-4CEC-8C12-17A2E192CD51}"= TCP:d:\steam!!!!\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
"TCP Query User{7443C46D-F2CD-4236-B074-35F0941410FA}c:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:c:\program files\gamespy\comrade\comrade.exe:Comrade
"UDP Query User{68AB02CF-0D2F-4010-A199-CF9D77180034}c:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:c:\program files\gamespy\comrade\comrade.exe:Comrade
"TCP Query User{51B09566-466C-4716-9DEB-D27B06D0B9A2}c:\\program files\\electronic arts\\crytek\\crysis wars\\bin32\\crysis.exe"= UDP:c:\program files\electronic arts\crytek\crysis wars\bin32\crysis.exe:Crysis
"UDP Query User{8574059A-608F-419A-8AF3-49274BF99D3C}c:\\program files\\electronic arts\\crytek\\crysis wars\\bin32\\crysis.exe"= TCP:c:\program files\electronic arts\crytek\crysis wars\bin32\crysis.exe:Crysis
"{6CA5E3DC-E873-48ED-A56C-498FD57300FA}"= UDP:c:\program files\Shareaza\Shareaza.exe:Shareaza
"{ADF2A8AE-AF0F-471F-9B92-31DDF9EC9B66}"= TCP:c:\program files\Shareaza\Shareaza.exe:Shareaza
"{1A703CE9-7E32-485C-8965-4A1D28A56551}"= UDP:22546:shaeraza
"{4DBA0DA0-042B-4938-9EDA-B97A76EA0C49}"= UDP:c:\program files\Steam\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
"{6B48D34D-2EDD-4A22-BE19-83B9EFB5FC05}"= TCP:c:\program files\Steam\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
"{D8E2D9EA-9967-43F1-9CF8-FF0764D26B89}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{10B0C494-1FDB-49C2-8C3F-E995590B543F}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{619D4EC7-AA73-48E1-BCE0-64D06D7F3DDB}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{90835837-D7FD-4886-BBBE-F48C39DE26D6}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{944B6040-6DC3-4945-83C6-CBF45EA21843}"= UDP:d:\partage mulet\eMule\emule.exe:eMuleMorphXT
"{A3AF94F3-4360-4A7A-B66E-38BB5CE5CD42}"= TCP:d:\partage mulet\eMule\emule.exe:eMuleMorphXT
"TCP Query User{0D596441-6A2B-4212-B49A-99606692B3DD}d:\\partage mulet\\emule0.49b-xtreme7.1\\emule.exe"= UDP:d:\partage mulet\emule0.49b-xtreme7.1\emule.exe:eMule
"UDP Query User{4933B864-F770-4FF8-9A55-0994155BEFAA}d:\\partage mulet\\emule0.49b-xtreme7.1\\emule.exe"= TCP:d:\partage mulet\emule0.49b-xtreme7.1\emule.exe:eMule
"{D461B2E6-DE98-4D97-97AE-56714A8D3E11}"= UDP:c:\program files\Steam\steamapps\common\unreal tournament 3\Binaries\UT3.exe:Unreal Tournament 3
"{A2983E18-2965-4D54-89AC-AFB1F1E82F27}"= TCP:c:\program files\Steam\steamapps\common\unreal tournament 3\Binaries\UT3.exe:Unreal Tournament 3
"TCP Query User{7D1DAD2B-DF08-4330-9308-E9B569712864}d:\\call of duty - world at war\\codwaw.exe"= UDP:d:\call of duty - world at war\codwaw.exe:Call of Duty(R): World at War Campaign/Coop
"UDP Query User{32E34D91-4AD9-4B9B-811B-B58381CD561F}d:\\call of duty - world at war\\codwaw.exe"= TCP:d:\call of duty - world at war\codwaw.exe:Call of Duty(R): World at War Campaign/Coop

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS
"c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= c:\acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= c:\acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"c:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= c:\acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2008-11-17 114768]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\[u]0/u00.fcl [2008-06-28 21:37:20 41456]
R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2009-02-25 464264]
R2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-02-25 234888]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2008-11-17 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2008-11-17 51792]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2007-12-26 180736]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [2007-12-26 32256]
S2 gupdate1c98739f840dc24;Google Update Service (gupdate1c98739f840dc24);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 133104]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [2009-01-16 55264]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [2009-01-12 28224]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - EraserUtilDrv10910

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\shell\AutoRun\command - E:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\verb1\command - PeSrvr.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\verb1\command - PeSrvr.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa812685-4552-11dd-90b2-001de02ddde3}]
\shell\verb1\command - PeSrvr.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af541ff5-4557-11dd-87b4-806e6f6e6963}]
\shell\AutoRun\command - e:\setup\rsrc\Autorun.exe
\shell\dinstall\command - e:\directx\dxsetup.exe
.
Contenu du dossier 'Tâches planifiées'

2009-03-08 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 03:32]

2009-03-08 c:\windows\Tasks\Norton Security Scan for Tomtom.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 04:18]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-yiwka - c:\users\tomtom\appdata\local\yiwka.exe
HKCU-Run-Acer Tour Reminder - (no file)
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)
MSConfigStartUp-aauid - c:\users\tomtom\appdata\local\aauid.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-EoEngine - c:\program files\EoRezo\EoEngine.exe
MSConfigStartUp-RegistryMechanic - c:\program files\Registry Mechanic\RMTray.exe
MSConfigStartUp-SetPanel - c:\acer\APanel\APanel.cmd
MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe
MSConfigStartUp-ssgkeqm - c:\users\tomtom\appdata\local\ssgkeqm.exe

.
------- Examen supplémentaire -------
.
uStart Page = hxxp://y.lo.st
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://fr.fr.acer.yahoo.com
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: Compare Prices with &Dealio - c:\users\Tomtom\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Tomtom\AppData\Roaming\Mozilla\Firefox\Profiles\dfqcj2a3.default\
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-08 20:44:42
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2009-03-08 20:45:44
ComboFix-quarantined-files.txt 2009-03-08 19:45:40

Avant-CF: 21 429 104 640 octets libres
Après-CF: 21,293,129,728 octets libres

540 --- E O F --- 2009-03-08 02:00:35

cartondodo · Answer

Merci pour vos solution ,ça l'aire d'avoir fonctionné.
J'ai une dernière quetion ( je ne sais même pas comment sos connection est arrivée sur mon pc ):
comment faire pour éviter que cela ne revienne .

cartondodo · Answer

Depuis que mon probleme a été resolu (sos connexion) , et bien j'en est encore plus ,je n'arrive plus à jouer à mes jeux en réseau ,je n'arrive plus à faire marcher mes mules et d'autre petit soucis dans le genre .
Je n'ai pas envie de remetre sos ... en plus je ne sais pas le faire ! 
Alors comment dois-je faire ? Merci d'avance .

Me débarasser de sos connexin

8 réponses

Votre réponse

Discussions similaires

Newsletters