Sujet Précédent Sujet Suivant

Win32 cabinet self

djedje42 Messages postés 17 Statut Membre -  
totobetourne Messages postés 5677 Statut Membre -
Bonjour,
voila depuis quelque temps lorsque je démarre mon pc windows defender me bloc un programme au demarrage
win32 cabinet self-extraction
ma femme a chopper cette merde en discutant sur msn un lien en anglais et apparu , elle a cliquer dessus une fenetre internet c est ouverte mais elle a refermer cette fenetre aussitot rien n ai apparu sur cette fenetre
d'apres ce que j ai pu lire sur la toile lorsque que lvirus est actif le pc rame comme un fou
moi mon pc ne rame pas .

j aurai aimais savoir si le virus etait activé ?
ou se place le win32 cabinet self-extraction dans disque local c ,comment savoir le programme qui contient le win32
comment ce débarrasser de cette merde
j ai telecharger hijackthis
voici si joint le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:07, on 20/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TRCMan\TRCMan.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CaledosLAB\Caledos Automatic Wallpaper Changer\CaledosWallpaper6.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TRCMan] C:\Program Files\TOSHIBA\TRCMan\TRCMan.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\Windows\p_981116.exe /Q:A
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Caledos Wallpaper (startup).lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O18 - Protocol: bwfile-8876480 - (no CLSID) - (no file)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - https://sourceforge.net/p/libusb-win32/wiki/Home/ - C:\Windows\system32\libusbd-nt.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

13 réponses

Réponse 1 / 13
totobetourne Messages postés 5677 Statut Membre 65
 
bonjour
une infection au moin.

1)pour vista si infection.

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection: IMPORTANT A NE SURTOUT PAS OUBLIER):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html

2)Télécharge ToolBar-S&D ( Merci à Eric_71, Angeldark, Sham_Rock et XmichouX )
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

lors du scan coupe ta connection internet.

* Double-clique sur ToolBar-SD afin de lancer l'installation, un raccourci sera ajouté sur le Bureau.
* Double-clique dessus pour démarrer l'outil; choisis la langue.
* Sous Vista, faire un clic droit et "Exécuter en tant qu'administrateur" (Elévation des privilèges), puis -> Continuer.
* Tape 1 puis sur la touche [Entrée] afin de lancer la suppression.
* Patiente jusqu'à la fin de la recherche.
* À la fin du scan, le rapport s'ouvrira dans le Bloc-notes.
* Poste ce rapport, par copier/coller, dans ta prochaine réponse.
* Le rapport se trouve également sous : C:\TB.txt

3)relance toolbar mais la appuie sur l option 2. tu obtiens un rapport que tu colles.

4)comment se comporte ton pc?
0
djedje42 Messages postés 17 Statut Membre
 
mon pc se comporte normarlement ne rame pas , ne beug pas ,tout a l air cline
0
Réponse 2 / 13
totobetourne Messages postés 5677 Statut Membre 65
 
fait ce qu il y a d indique car une infection est tout de meme presente.
0
Réponse 3 / 13
djedje42 Messages postés 17 Statut Membre
 
voici le rapport de toolbarsd

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz )
BIOS : v2.00
USER : djedje ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:77 Go)
D:\ (Local Disk) - NTFS - Total:147 Go (Free:47 Go)
E:\ (CD or DVD) - UDF - Total:2 Go (Free:0 Go)
G:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 20/04/2009|11:32 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
C:\Program Files\DAEMON Tools Toolbar\Resources
C:\Program Files\DAEMON Tools Toolbar\uninst.exe
C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.png
C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\az.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png
C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\Config.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\genre.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuTr.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\next.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\noW.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Radio.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioE.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioG.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioN.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioW.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssClose.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\rssOpen.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\style.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\time.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\toolbar.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\trans.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_back.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico
C:\Windows\Prefetch\AgCx_S1_S-1-5-21-2189413481-176213709-3976588482-1000.snp.db
C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2189413481-176213709-3976588482-1000.db
C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2189413481-176213709-3976588482-1000.db

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.google.fr"
"Default_Page_URL"="https://www.google.com/webhp?gws_rd=ssl"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/webhp?gws_rd=ssl"
"Default_Page_URL"="https://www.google.com/webhp?gws_rd=ssl"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\djedje\AppData\Roaming\Microsoft\Windows\Recent\Diskeeper.2008.Premier.Pro.v12.0.758.FR.Incl-Crack.[emule-island.com].lnk
C:\Users\djedje\jeux pc\flipper\3D Ultra Pinball\crack.zip
C:\Users\djedje\jeux pc\PES 2009\Pro.Evolution.Soccer.2009.Crack.Only-RELOADED.rar

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 20/04/2009|11:33 - Option : [1]

-----------\\ Fin du rapport a 11:33:04,45
0
Réponse 4 / 13
totobetourne Messages postés 5677 Statut Membre 65
 
fait l option 2.

fait attention aux cracks c est tres souvent eux qui portent l infection.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
djedje42 Messages postés 17 Statut Membre
 
j ai donc fait l option 2 voila le rapprt

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz )
BIOS : v2.00
USER : djedje ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:149 Go (Free:77 Go)
D:\ (Local Disk) - NTFS - Total:147 Go (Free:47 Go)
E:\ (CD or DVD) - UDF - Total:2 Go (Free:0 Go)
G:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 20/04/2009|11:39 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-2189413481-176213709-3976588482-1000.snp.db
Supprime! - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2189413481-176213709-3976588482-1000.db
Supprime! - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2189413481-176213709-3976588482-1000.db
Supprime! - C:\Program Files\DAEMON Tools Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.google.fr"
"Default_Page_URL"="https://www.google.com/webhp?gws_rd=ssl"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.google.com/webhp?gws_rd=ssl"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\djedje\AppData\Roaming\Microsoft\Windows\Recent\Diskeeper.2008.Premier.Pro.v12.0.758.FR.Incl-Crack.[emule-island.com].lnk
C:\Users\djedje\jeux pc\flipper\3D Ultra Pinball\crack.zip
C:\Users\djedje\jeux pc\PES 2009\Pro.Evolution.Soccer.2009.Crack.Only-RELOADED.rar

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 20/04/2009|11:33 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 20/04/2009|11:39 - Option : [2]
mais toujours pareils peut tu me si tu vos l emplacement du virus merci
0
Réponse 6 / 13
totobetourne Messages postés 5677 Statut Membre 65
 
pour l instant je vois rien d autre par rapport a ton hijack.

passe cela on va voir si tu as autre chose.
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...

-> laisse faire le scan et ne touche pas au PC ...

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
0
Réponse 7 / 13
djedje42 Messages postés 17 Statut Membre
 
tiens le rapport de rsit

Logfile of random's system information tool 1.06 (written by random/random)
Run by djedje at 2009-04-20 12:12:02
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 79 GB (52%) free of 153 GB
Total RAM: 3069 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:12:09, on 20/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TRCMan\TRCMan.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CaledosLAB\Caledos Automatic Wallpaper Changer\CaledosWallpaper6.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\djedje\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\djedje.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?sourceid=navclient&hl=fr&ie=UTF-8&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TRCMan] C:\Program Files\TOSHIBA\TRCMan\TRCMan.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\Windows\p_981116.exe /Q:A
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Caledos Wallpaper (startup).lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O18 - Protocol: bwfile-8876480 - (no CLSID) - (no file)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 8 / 13
djedje42 Messages postés 17 Statut Membre
 
vola le second

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{E4EC1B81-777E-4062-AA8E-DED2FEDE48BF}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-01 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-04-01 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-04-01 522224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-04-26 716800]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1045800]
"TOSDCR"=C:\Program Files\TOSHIBA\PasswordUtility\TOSDCR.exe [2007-08-28 169296]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-03-19 716800]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
"TRCMan"=C:\Program Files\TOSHIBA\TRCMan\TRCMan.exe [2008-04-10 692224]
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-21 6111232]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-08-26 103824]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-16 29744]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-29 13543968]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-29 92704]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-09-21 55824]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-04-17 98616]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"DXM6Patch_981116"=C:\Windows\p_981116.exe [1998-11-30 497376]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-04-24 430080]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-16 39408]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-03-31 251264]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Caledos Wallpaper (startup).lnk - C:\Windows\Installer\{8279F050-726C-43FC-BC8E-2691FEB5A9CE}\_A1AF51419EA1235CE79E42.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
PHOTOfunSTUDIO -viewer-.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8269015-2ab8-11de-82e6-001c7e3c28bc}]
shell\AutoRun\command - F:\LaunchU3.exe -a

======List of files/folders created in the last 2 months======

2009-04-20 11:32:49 ----A---- C:\TB.txt
2009-04-20 11:32:18 ----D---- C:\ToolBar SD
2009-04-20 10:02:11 ----D---- C:\rsit
2009-04-19 16:19:57 ----D---- C:\Users\djedje\AppData\Roaming\Malwarebytes
2009-04-19 16:19:53 ----D---- C:\ProgramData\Malwarebytes
2009-04-19 16:19:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-19 16:16:43 ----D---- C:\Program Files\Trend Micro
2009-04-19 15:44:40 ----A---- C:\Windows\system32\winhttp.dll
2009-04-19 15:44:34 ----A---- C:\Windows\system32\xolehlp.dll
2009-04-19 15:44:34 ----A---- C:\Windows\system32\msdtcprx.dll
2009-04-19 15:44:06 ----A---- C:\Windows\system32\rpcss.dll
2009-04-19 15:44:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-04-19 15:44:06 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-04-19 15:44:04 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-19 15:44:03 ----A---- C:\Windows\system32\sdohlp.dll
2009-04-19 15:44:03 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-19 15:44:03 ----A---- C:\Windows\system32\iasrecst.dll
2009-04-19 15:44:03 ----A---- C:\Windows\system32\iashost.exe
2009-04-19 15:44:03 ----A---- C:\Windows\system32\iasdatastore.dll
2009-04-19 15:44:03 ----A---- C:\Windows\system32\iasads.dll
2009-04-19 15:43:52 ----A---- C:\Windows\system32\lsasrv.dll
2009-04-19 15:43:52 ----A---- C:\Windows\system32\kernel32.dll
2009-04-19 15:43:51 ----A---- C:\Windows\system32\secur32.dll
2009-04-19 15:43:51 ----A---- C:\Windows\system32\apilogen.dll
2009-04-19 15:43:51 ----A---- C:\Windows\system32\amxread.dll
2009-04-19 15:43:45 ----A---- C:\Windows\system32\mshtml.dll
2009-04-19 15:43:44 ----A---- C:\Windows\system32\ieframe.dll
2009-04-19 15:43:43 ----A---- C:\Windows\system32\wininet.dll
2009-04-19 15:43:43 ----A---- C:\Windows\system32\urlmon.dll
2009-04-19 15:43:43 ----A---- C:\Windows\system32\iertutil.dll
2009-04-19 15:43:42 ----A---- C:\Windows\system32\occache.dll
2009-04-19 15:43:42 ----A---- C:\Windows\system32\mstime.dll
2009-04-19 15:43:42 ----A---- C:\Windows\system32\msfeeds.dll
2009-04-19 15:43:42 ----A---- C:\Windows\system32\ieUnatt.exe
2009-04-19 15:43:42 ----A---- C:\Windows\system32\ieencode.dll
2009-04-19 15:43:42 ----A---- C:\Windows\system32\iedkcs32.dll
2009-04-19 15:43:42 ----A---- C:\Windows\system32\ieaksie.dll
2009-04-19 15:43:41 ----A---- C:\Windows\system32\jsproxy.dll
2009-04-19 11:45:21 ----D---- C:\Program Files\Sierra
2009-04-19 11:14:53 ----D---- C:\Program Files\Vietcong
2009-04-19 10:53:38 ----D---- C:\Program Files\Illusion Softworks
2009-04-19 10:41:13 ----D---- C:\Program Files\Sierra On-Line
2009-04-19 10:41:13 ----A---- C:\Windows\system32\WONshell.dll
2009-04-19 10:41:13 ----A---- C:\Windows\system32\WONauth.dll
2009-04-19 10:41:13 ----A---- C:\Windows\system32\SNWValid.dll
2009-04-19 10:41:13 ----A---- C:\Windows\system32\Sigres.exe
2009-04-19 10:41:13 ----A---- C:\Windows\system32\SierraNW.dll
2009-04-19 10:41:13 ----A---- C:\Windows\system32\GIF89.DLL
2009-04-19 10:41:11 ----A---- C:\Windows\system32\Iyvu9_32.dll
2009-04-19 10:41:11 ----A---- C:\Windows\system32\Iacenc.dll
2009-04-19 10:39:56 ----A---- C:\Windows\SIERRA.INI
2009-04-19 10:39:53 ----A---- C:\Windows\IsUn040c.exe
2009-04-18 11:50:10 ----D---- C:\Program Files\EA GAMES
2009-04-17 23:19:38 ----A---- C:\Windows\IsUninst.exe
2009-04-17 23:17:30 ----D---- C:\Program Files\Adobe
2009-04-17 19:46:36 ----D---- C:\Users\djedje\AppData\Roaming\dvdcss
2009-04-17 19:13:30 ----D---- C:\Program Files\Ubisoft
2009-04-17 15:30:53 ----A---- C:\Windows\system32\LMRTREND.dll
2009-04-17 15:30:53 ----A---- C:\Windows\system32\LMRT.dll
2009-04-17 15:30:53 ----A---- C:\Windows\system32\dxtmsft3.dll
2009-04-17 15:30:52 ----A---- C:\Windows\system32\unam4ie.exe
2009-04-17 15:30:52 ----A---- C:\Windows\system32\strmdll.dll
2009-04-17 15:30:51 ----A---- C:\Windows\system32\vidx16.dll
2009-04-17 15:30:50 ----A---- C:\Windows\system32\qcut.dll
2009-04-17 15:30:50 ----A---- C:\Windows\system32\danim.dll
2009-04-17 15:30:49 ----A---- C:\Windows\system32\w95inf32.dll
2009-04-17 15:30:49 ----A---- C:\Windows\system32\w95inf16.dll
2009-04-12 17:29:17 ----A---- C:\Windows\system32\CmdLineExt03.dll
2009-04-11 22:49:24 ----RHD---- C:\Users\djedje\AppData\Roaming\SecuROM
2009-04-11 21:08:16 ----A---- C:\Windows\system32\xinput1_3.dll
2009-04-11 21:08:15 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-04-11 21:08:15 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-04-11 21:08:15 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-04-11 21:08:14 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-04-11 21:08:14 ----A---- C:\Windows\system32\d3dx10.dll
2009-04-10 19:51:21 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-04-09 20:17:20 ----D---- C:\Users\djedje\AppData\Roaming\ArcSoft
2009-04-07 12:17:58 ----D---- C:\ProgramData\Apple Computer
2009-04-07 12:17:58 ----D---- C:\Program Files\QuickTime
2009-04-07 12:08:03 ----D---- C:\ProgramData\Apple
2009-04-07 12:08:03 ----D---- C:\Program Files\Apple Software Update
2009-04-06 23:28:31 ----D---- C:\Program Files\LibUSB-Win32-0.1.10.1
2009-04-06 23:28:31 ----A---- C:\Windows\system32\libusbd-nt.exe
2009-04-06 23:28:31 ----A---- C:\Windows\system32\libusbd-9x.exe
2009-04-06 02:05:15 ----A---- C:\Windows\system32\libusb0.dll
2009-04-05 14:30:35 ----A---- C:\Windows\system32\newdev.exe
2009-04-05 14:30:35 ----A---- C:\Windows\system32\newdev.dll
2009-04-03 12:55:26 ----SHD---- C:\Diskeeper
2009-04-03 00:17:07 ----D---- C:\ProgramData\IsolatedStorage
2009-04-03 00:11:49 ----D---- C:\ProgramData\Diskeeper Corporation
2009-04-03 00:11:47 ----D---- C:\Program Files\Diskeeper Corporation
2009-04-02 23:59:29 ----A---- C:\Windows\unvise32.exe
2009-04-02 23:58:09 ----D---- C:\Program Files\Pure Pinball
2009-04-02 23:44:50 ----D---- C:\Users\djedje\AppData\Roaming\Nero
2009-04-02 23:15:16 ----D---- C:\Program Files\Microsoft Silverlight
2009-04-02 23:15:15 ----D---- C:\Program Files\AviSynth 2.5
2009-04-02 23:13:53 ----D---- C:\Windows\system32\URTTEMP
2009-04-02 23:12:34 ----D---- C:\Windows\system32\IOSUBSYS
2009-04-02 23:08:43 ----D---- C:\ProgramData\ArcSoft
2009-04-02 23:08:34 ----ASH---- C:\Users\djedje\AppData\Roaming\desktop.ini
2009-04-02 22:56:28 ----A---- C:\Windows\system32\infocardapi.dll
2009-04-02 22:56:27 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-02 22:56:25 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-04-02 22:56:25 ----A---- C:\Windows\system32\icardres.dll
2009-04-02 22:56:25 ----A---- C:\Windows\system32\icardagt.exe
2009-04-02 22:56:21 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-04-02 22:56:18 ----A---- C:\Windows\system32\PresentationHost.exe
2009-04-02 22:52:59 ----D---- C:\Program Files\CCleaner
2009-04-02 22:46:35 ----A---- C:\UpdaterforApp.ini
2009-04-02 22:45:31 ----D---- C:\Program Files\Common Files\ArcSoft
2009-04-02 22:45:31 ----A---- C:\Windows\system32\unicows.dll
2009-04-02 22:44:34 ----D---- C:\Windows\system32\MediaImpression Slideshow
2009-04-02 22:44:32 ----D---- C:\Program Files\ArcSoft
2009-04-02 22:40:56 ----A---- C:\Windows\system32\PICSDK2.dll
2009-04-02 22:40:56 ----A---- C:\Windows\system32\PICSDK.ini
2009-04-02 22:40:56 ----A---- C:\Windows\system32\PICSDK.dll
2009-04-02 22:40:56 ----A---- C:\Windows\system32\PICEntry.dll
2009-04-02 22:40:56 ----A---- C:\Windows\system32\EpPicPrt.dll
2009-04-02 22:40:56 ----A---- C:\Windows\system32\EPPicMgr.dll
2009-04-02 22:40:31 ----D---- C:\Program Files\Panasonic
2009-04-02 22:05:17 ----D---- C:\Program Files\Microsoft
2009-04-02 22:05:02 ----D---- C:\Program Files\Windows Live SkyDrive
2009-04-02 22:04:45 ----D---- C:\Program Files\Windows Live
2009-04-02 21:58:04 ----D---- C:\Program Files\Common Files\Windows Live
2009-04-02 19:54:05 ----D---- C:\Users\djedje\AppData\Roaming\Media Player Classic
2009-04-02 18:25:18 ----D---- C:\Program Files\Nero
2009-04-02 18:24:35 ----D---- C:\ProgramData\Nero
2009-04-02 18:24:34 ----D---- C:\Program Files\Common Files\Nero
2009-04-02 18:23:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-04-02 18:07:12 ----D---- C:\Program Files\Microsoft Visual Studio
2009-04-02 18:07:11 ----D---- C:\Program Files\Common Files\DESIGNER
2009-04-02 18:06:52 ----D---- C:\Windows\PCHEALTH
2009-04-02 18:06:52 ----D---- C:\Program Files\Microsoft.NET
2009-04-02 18:04:02 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-04-02 18:02:47 ----RHD---- C:\MSOCache
2009-04-02 17:57:22 ----D---- C:\Users\djedje\AppData\Roaming\DAEMON Tools Pro
2009-04-02 17:57:22 ----D---- C:\Users\djedje\AppData\Roaming\DAEMON Tools
2009-04-02 17:56:45 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-04-02 17:06:46 ----A---- C:\Windows\system32\tzres.dll
2009-04-02 17:04:06 ----D---- C:\Program Files\CaledosLAB
2009-04-02 17:03:23 ----D---- C:\Users\djedje\AppData\Roaming\WinRAR
2009-04-02 17:02:58 ----D---- C:\Users\djedje\AppData\Roaming\DAEMON Tools Lite
2009-04-02 17:02:15 ----D---- C:\Program Files\WinRAR
2009-04-02 17:01:10 ----D---- C:\Users\djedje\AppData\Roaming\vlc
2009-04-02 17:00:39 ----D---- C:\Program Files\VideoLAN
2009-04-02 16:58:54 ----A---- C:\Windows\system32\unrar.dll
2009-04-02 16:58:53 ----A---- C:\Windows\system32\yv12vfw.dll
2009-04-02 16:58:53 ----A---- C:\Windows\system32\xvidvfw.dll
2009-04-02 16:58:53 ----A---- C:\Windows\system32\xvidcore.dll
2009-04-02 16:58:52 ----A---- C:\Windows\system32\qt-dx331.dll
2009-04-02 16:58:52 ----A---- C:\Windows\system32\dpl100.dll
2009-04-02 16:58:52 ----A---- C:\Windows\system32\divx.dll
2009-04-02 16:58:51 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2009-04-02 16:58:51 ----A---- C:\Windows\system32\ff_vfw.dll
2009-04-02 16:58:50 ----D---- C:\Program Files\K-Lite Codec Pack
2009-04-02 16:20:13 ----D---- C:\ProgramData\eMule
2009-04-02 16:20:04 ----D---- C:\Program Files\eMule
2009-04-02 16:12:05 ----D---- C:\ProgramData\IM
2009-04-02 16:12:04 ----D---- C:\ProgramData\IncrediMail
2009-04-02 16:12:04 ----D---- C:\Program Files\IncrediMail
2009-04-02 16:06:18 ----A---- C:\Windows\system32\MSVCR71.dll
2009-04-02 16:06:18 ----A---- C:\Windows\system32\MSVCP71.dll
2009-04-02 16:06:18 ----A---- C:\Windows\system32\MFC71.dll
2009-04-02 16:06:18 ----A---- C:\Windows\system32\aswBoot.exe
2009-04-02 16:06:17 ----D---- C:\Program Files\Alwil Software
2009-04-01 22:28:57 ----A---- C:\Windows\system32\dfshim.dll
2009-04-01 22:28:39 ----A---- C:\Windows\system32\mscoree.dll
2009-04-01 22:28:32 ----A---- C:\Windows\system32\netfxperf.dll
2009-04-01 22:27:23 ----A---- C:\Windows\system32\mscorier.dll
2009-04-01 22:27:00 ----A---- C:\Windows\system32\mscories.dll
2009-04-01 22:20:42 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-04-01 22:20:40 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-04-01 22:17:10 ----A---- C:\Windows\system32\msxml3.dll
2009-04-01 22:17:08 ----A---- C:\Windows\system32\gdi32.dll
2009-04-01 22:17:05 ----A---- C:\Windows\system32\shell32.dll
2009-04-01 22:16:59 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-04-01 22:16:57 ----A---- C:\Windows\system32\connect.dll
2009-04-01 22:16:55 ----A---- C:\Windows\system32\wersvc.dll
2009-04-01 22:16:55 ----A---- C:\Windows\system32\Faultrep.dll
2009-04-01 22:16:52 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-04-01 22:16:52 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-04-01 22:16:52 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-04-01 22:16:47 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-04-01 22:16:47 ----A---- C:\Windows\system32\mf.dll
2009-04-01 22:16:45 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-04-01 22:16:44 ----A---- C:\Windows\system32\logagent.exe
2009-04-01 22:16:41 ----A---- C:\Windows\system32\EncDec.dll
2009-04-01 22:16:37 ----A---- C:\Windows\system32\psisdecd.dll
2009-04-01 22:16:29 ----A---- C:\Windows\system32\netapi32.dll
2009-04-01 22:16:12 ----A---- C:\Windows\system32\wmp.dll
2009-04-01 22:16:09 ----A---- C:\Windows\system32\spwmp.dll
2009-04-01 22:16:08 ----A---- C:\Windows\system32\dxmasf.dll
2009-04-01 22:16:07 ----A---- C:\Windows\system32\wmploc.DLL
2009-04-01 22:16:06 ----A---- C:\Windows\system32\msxml6.dll
2009-04-01 22:16:04 ----A---- C:\Windows\explorer.exe
2009-04-01 22:16:03 ----A---- C:\Windows\system32\schannel.dll
2009-04-01 22:16:01 ----A---- C:\Windows\system32\win32spl.dll
2009-04-01 22:09:34 ----D---- C:\Users\djedje\AppData\Roaming\Macromedia
2009-04-01 22:09:07 ----D---- C:\Users\djedje\AppData\Roaming\Adobe
2009-04-01 22:08:34 ----D---- C:\Users\djedje\AppData\Roaming\Toshiba
2009-04-01 22:06:41 ----D---- C:\Users\djedje\AppData\Roaming\Logitech
2009-04-01 22:05:57 ----R---- C:\Windows\bwUnin-8.1.1.50-8876480SL.exe
2009-04-01 22:03:23 ----A---- C:\Windows\system32\BtCoreIf.dll
2009-04-01 22:03:20 ----A---- C:\Windows\system32\KemXML.dll
2009-04-01 22:03:20 ----A---- C:\Windows\system32\KemWnd.dll
2009-04-01 22:03:20 ----A---- C:\Windows\system32\KemUtil.dll
2009-04-01 22:03:20 ----A---- C:\Windows\system32\kemutb.dll
2009-04-01 22:02:54 ----D---- C:\ProgramData\Logitech
2009-04-01 22:02:43 ----D---- C:\Program Files\Common Files\Logishrd
2009-04-01 22:02:37 ----D---- C:\Program Files\Logitech
2009-04-01 22:01:55 ----D---- C:\ProgramData\LogiShrd
2009-04-01 21:58:33 ----A---- C:\Windows\system32\wups2.dll
2009-04-01 21:58:33 ----A---- C:\Windows\system32\wucltux.dll
2009-04-01 21:58:33 ----A---- C:\Windows\system32\wuauclt.exe
2009-04-01 21:58:32 ----A---- C:\Windows\system32\wuaueng.dll
2009-04-01 21:57:36 ----A---- C:\Windows\system32\wups.dll
2009-04-01 21:57:36 ----A---- C:\Windows\system32\wudriver.dll
2009-04-01 21:57:36 ----A---- C:\Windows\system32\wuapi.dll
2009-04-01 21:57:29 ----D---- C:\Users\djedje\AppData\Roaming\Google
2009-04-01 21:57:19 ----A---- C:\Windows\system32\wuwebv.dll
2009-04-01 21:57:19 ----A---- C:\Windows\system32\wuapp.exe
2009-04-01 21:45:58 ----D---- C:\ProgramData\NVIDIA
2009-04-01 21:45:46 ----SHD---- C:\$RECYCLE.BIN
2009-04-01 21:45:28 ----D---- C:\Users\djedje\AppData\Roaming\Identities
2009-04-01 21:42:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-04-01 21:41:48 ----D---- C:\Users\djedje\AppData\Roaming\InstallShield
2009-04-01 21:41:31 ----A---- C:\Windows\system32\IVIresizeW7.dll
2009-04-01 21:41:31 ----A---- C:\Windows\system32\IVIresizePX.dll
2009-04-01 21:41:31 ----A---- C:\Windows\system32\IVIresizeP6.dll
2009-04-01 21:41:31 ----A---- C:\Windows\system32\IVIresizeM6.dll
2009-04-01 21:41:31 ----A---- C:\Windows\system32\IVIresizeA6.dll
2009-04-01 21:41:31 ----A---- C:\Windows\system32\IVIresize.dll
2009-04-01 21:41:25 ----D---- C:\Program Files\InterVideo
2009-04-01 21:41:15 ----D---- C:\Windows\system32\Macromed
2009-04-01 21:41:10 ----HD---- C:\Windows\msdownld.tmp
2009-04-01 21:41:10 ----D---- C:\Windows\RegisteredPackages
2009-04-01 21:41:05 ----D---- C:\Program Files\Windows Media Components
2009-04-01 21:37:20 ----D---- C:\ProgramData\Ulead Systems
2009-04-01 21:37:20 ----D---- C:\Program Files\Ulead Systems
2009-04-01 21:37:20 ----D---- C:\Program Files\Common Files\Ulead Systems
2009-04-01 21:34:00 ----D---- C:\ProgramData\ToshibaEurope
2009-04-01 21:33:47 ----SD---- C:\Users\djedje\AppData\Roaming\Microsoft
2009-04-01 21:33:47 ----D---- C:\Users\djedje\AppData\Roaming\Media Center Programs
2009-04-01 21:30:38 ----SHD---- C:\ProgramData\Modèles
2009-04-01 21:30:38 ----SHD---- C:\ProgramData\Menu Démarrer
2009-04-01 21:30:38 ----SHD---- C:\ProgramData\Favoris
2009-04-01 21:30:38 ----SHD---- C:\ProgramData\Bureau
2009-04-01 21:30:38 ----SHD---- C:\Program Files\Fichiers communs
2009-04-01 21:25:50 ----A---- C:\Windows\system32\nvexpbar.dll
2009-04-01 21:25:50 ----A---- C:\Windows\system32\nvcpluir.dll
2009-04-01 21:25:50 ----A---- C:\Windows\system32\nvcplui.exe
2009-04-01 21:25:37 ----D---- C:\Windows\SoftwareDistribution
2009-04-01 21:25:37 ----A---- C:\Windows\system32\NVUNINST.EXE
2009-04-01 21:25:33 ----D---- C:\Program Files\ltmoh
2009-04-01 21:25:33 ----A---- C:\Windows\system32\tosmreg.ini
2009-04-01 21:25:33 ----A---- C:\Windows\system32\tosmreg.exe
2009-04-01 21:25:33 ----A---- C:\Windows\system32\cseltbl.ini
2009-04-01 21:25:33 ----A---- C:\Windows\system32\csellang.ini
2009-04-01 21:25:33 ----A---- C:\Windows\system32\csellang.dll
2009-04-01 21:25:33 ----A---- C:\Windows\system32\cselect.exe
2009-04-01 21:25:23 ----D---- C:\Windows\Options
2009-04-01 21:25:16 ----D---- C:\Windows\system32\FRA
2009-04-01 21:25:15 ----D---- C:\Windows\system32\Lang
2009-04-01 21:25:15 ----A---- C:\Windows\system32\imsmudlg.exe
2009-04-01 21:25:15 ----A---- C:\Windows\system32\difxapi.dll
2009-04-01 21:21:30 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 2 months======

2009-04-20 12:12:07 ----D---- C:\Windows\Temp
2009-04-20 11:53:16 ----RD---- C:\Program Files
2009-04-20 11:51:06 ----D---- C:\Windows\inf
2009-04-20 11:51:06 ----AD---- C:\Windows\System32
2009-04-20 11:51:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-04-20 11:39:42 ----D---- C:\Windows\Prefetch
2009-04-20 10:53:55 ----D---- C:\Windows\system32\drivers
2009-04-20 10:45:23 ----HD---- C:\ProgramData
2009-04-20 10:32:29 ----HD---- C:\Windows\system32\GroupPolicy
2009-04-19 22:55:28 ----D---- C:\Windows
2009-04-19 22:51:05 ----D---- C:\ProgramData\Partner
2009-04-19 18:12:53 ----D---- C:\Windows\winsxs
2009-04-19 18:02:16 ----D---- C:\Windows\system32\catroot
2009-04-19 18:00:26 ----D---- C:\Windows\system32\wbem
2009-04-19 18:00:26 ----D---- C:\Program Files\Windows Mail
2009-04-19 17:56:40 ----D---- C:\Windows\Debug
2009-04-19 15:48:51 ----D---- C:\Windows\system32\manifeststore
2009-04-19 15:48:51 ----D---- C:\Windows\AppPatch
2009-04-19 15:48:50 ----D---- C:\Program Files\Internet Explorer
2009-04-19 15:45:34 ----SHD---- C:\Windows\Installer
2009-04-19 15:45:33 ----D---- C:\ProgramData\Microsoft Help
2009-04-19 15:42:27 ----D---- C:\Windows\system32\catroot2
2009-04-19 11:52:38 ----RSD---- C:\Windows\assembly
2009-04-19 11:45:24 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-19 10:52:13 ----D---- C:\Program Files\Common Files\InstallShield
2009-04-19 10:41:10 ----D---- C:\Program Files\Intel
2009-04-17 23:17:44 ----D---- C:\Program Files\Common Files\Adobe
2009-04-17 23:17:38 ----D---- C:\ProgramData\Adobe
2009-04-17 23:13:57 ----D---- C:\Windows\system32\Msdtc
2009-04-17 23:12:40 ----D---- C:\Windows\system32\config
2009-04-17 23:12:34 ----D---- C:\Windows\Tasks
2009-04-17 23:12:34 ----D---- C:\Windows\system32\Tasks
2009-04-17 23:12:34 ----D---- C:\Windows\system32\spool
2009-04-17 23:12:34 ----D---- C:\Windows\system32\CodeIntegrity
2009-04-17 23:12:34 ----D---- C:\Windows\registration
2009-04-17 23:01:15 ----D---- C:\Program Files\Common Files
2009-04-17 15:30:53 ----D---- C:\Program Files\Windows Media Player
2009-04-17 15:30:52 ----D---- C:\Windows\Help
2009-04-16 21:21:02 ----D---- C:\Windows\system32\NDF
2009-04-12 12:03:38 ----D---- C:\Windows\system32\WDI
2009-04-10 19:51:24 ----D---- C:\Windows\Microsoft.NET
2009-04-07 13:40:33 ----SD---- C:\Windows\Downloaded Program Files
2009-04-06 16:57:24 ----A---- C:\Windows\system32\mrt.exe
2009-04-06 11:33:41 ----D---- C:\Windows\system32\LogFiles
2009-04-03 02:01:54 ----D---- C:\Windows\Logs
2009-04-02 23:35:38 ----D---- C:\Windows\rescache
2009-04-02 23:17:26 ----D---- C:\Windows\system32\fr-FR
2009-04-02 23:17:24 ----D---- C:\Windows\system32\XPSViewer
2009-04-02 23:17:24 ----D---- C:\Windows\system32\en-US
2009-04-02 23:12:26 ----D---- C:\Program Files\Google
2009-04-02 23:07:19 ----A---- C:\Windows\win.ini
2009-04-02 23:06:00 ----D---- C:\Program Files\Common Files\microsoft shared
2009-04-02 22:40:53 ----RSD---- C:\Windows\Fonts
2009-04-02 21:57:51 ----SD---- C:\ProgramData\Microsoft
2009-04-02 18:07:25 ----D---- C:\Program Files\Microsoft Works
2009-04-02 18:07:20 ----D---- C:\Program Files\MSBuild
2009-04-02 18:07:14 ----D---- C:\Program Files\Microsoft Office
2009-04-02 18:07:09 ----D---- C:\Windows\ShellNew
2009-04-02 18:03:47 ----D---- C:\Program Files\Common Files\System
2009-04-02 17:52:14 ----D---- C:\Windows\system32\migration
2009-04-02 17:52:11 ----D---- C:\Windows\ehome
2009-04-02 15:50:05 ----D---- C:\ProgramData\McAfee
2009-04-01 21:46:10 ----D---- C:\Toshiba
2009-04-01 21:42:59 ----D---- C:\Program Files\Common Files\Toshiba Shared
2009-04-01 21:42:21 ----D---- C:\ProgramData\Toshiba
2009-04-01 21:42:17 ----D---- C:\Program Files\TOSHIBA
2009-04-01 21:36:17 ----D---- C:\Windows\system32\restore
2009-04-01 21:33:47 ----RD---- C:\Users
2009-04-01 21:30:38 ----D---- C:\Program Files\Windows NT
2009-04-01 21:28:00 ----D---- C:\Windows\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 hidshim;Service for HID-KMDF Shim layer; C:\Windows\system32\DRIVERS\hidshim.sys [2008-06-03 5632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-23 2124568]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-09-21 35088]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys [2005-03-09 33792]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-09-21 36240]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-29 7497792]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199728]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 wbondir;Winbond CIR Transceiver; C:\Windows\system32\DRIVERS\wbondir.sys [2007-06-24 64000]
R3 winbondhidcir;Winbond HID CIR Receiver; C:\Windows\system32\DRIVERS\winbondhidcir.sys [2008-06-03 23040]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2008-04-23 131712]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2008-03-19 74112]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-10-18 41856]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-04-17 102712]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-07-10 40960]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\Windows\system32\libusbd-nt.exe [2005-03-09 18944]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-29 196608]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-08-26 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-05-30 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe []
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-16 29744]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-01 137200]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2007-11-15 121360]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
0
Réponse 9 / 13
totobetourne Messages postés 5677 Statut Membre 65
 
a priori je ne vois pas d infection.donc pc est ok.

si tu veux on peut augmenter tes protections ainsi que d augmenter la vitesse au demarrage.
0
Réponse 10 / 13
djedje42 Messages postés 17 Statut Membre
 
oui dit moi comment
0
Réponse 11 / 13
djedje42 Messages postés 17 Statut Membre
 
c est dangereux si je le laisse
c est a dire que defender me le declare mais aucune idée de son emplacement
merci d avance
0
Réponse 12 / 13
totobetourne Messages postés 5677 Statut Membre 65
 
1)Clic sur "démarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du système"

¤ coche la case "désactiver la Restauration du systéme sur tous les lecteurs", puis clic sur "appliquer"
¤ décoche la case et clic sur "appliquer" puis "ok".

Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

Clic sur "démarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créé. Si un jour tu décides tu pourras revenir en arrière à la date créée.

Tuto : http://www.libellules.ch/desactiver_restauration.php

2)pour enlever les fichiers temporaires

a passer tout les 15 jours a peu pres.

• Télécharger CCLeaner et l'installer sur le bureau en refusant l'installation de la barre Yahoo.
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner

• Fermer toutes les applications
• Lancer CCLeaner
S'il n'est pas en Français cliquer sur Options, Setting, Language
et sélectionner Français
• cocher dans le menu Nettoyeur - onglet Windows :
Internet Explorer: Fichiers Internet Temporaires, Cookies
• Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers
• Avancé: Vieilles données du Prefetch
• Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures
• Cocher dans le menu Nettoyeur - onglet Applications : Internet: Sun Java
• Cocher , si cela est possible, dans le menu Nettoyeur - onglet Applications :
Firefox/Mozilla: Cache Internet, Cookies
• Click sur Analyse
• Click sur le bouton Lancer le nettoyage dans le menu Nettoyeur.
• Click sur Registre
• Sélectionner tout
• Click sur Chercher des erreurs (En bas)

Une fois le scan terminé sélectionner tout
• Click sur Réparer les erreurs sélectionnées

3)passe a mozilla 3 au lieu d internet explorer car c est bien plus sur.

http://www.commentcamarche.net/telecharger/telecharger 111 firefox

fait ce qui est indique sur ce lien pour mieux securise firefox.
https://www.malekal.com/securiser-le-navigateur-web-firefox-2/

surtout NO SCRIPT(arrete les programmes java et adobe automatiquement,empeche des infections par script
donc il faut autoriser pour certains de tes sites pour pouvoir lire des textes ou des video)

efficace sur des sites inconnu, ou douteux.

4)passe cet antimalware, fait comme indique
Telecharges malwaresbytes antimalwares(MBAM) : egalement tres util sur pb de pub mais pas tous malheureusement

Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
fais comme indique,mise a jour , scan complet en mode sans echec et les rapports.
COLLE LE RAPPORT APRES SUPPRESSION MERCI.

garde le et lance un scan tout les mois comme indique.

si tu as ad aware tu peux desinstalle car il ne reconnait plus grand chose.

5)pare-feu gratuits:regle un seul pare feu sur un ordi.telecharge un des suivants ensuite deconnecte toi.
puis desactive le pare feu windows(aller dans le centre de securite puis pare feu windows et la desactive le)
puis installe celui de ton choix.

je te conseille un des 2(en anglais mais simple avec le tuto qui est donne)

Comodo pro Firewall(juste le pare feu)
http://www.commentcamarche.net/telecharger/telecharger 34055041 comodo firewall pro
Tuto pour la 3.0
https://infomars.fr/forum/index.php?showtopic=1225

ou

OnlineArmor :
téléchargement:https://www.commentcamarche.net/telecharger/ 34055356 online armor personal firewall

tutoriels:https://forum.pcastuces.com/sujet.asp?f=25&s=35606
:http://www.malekal.com/tutorial_Online_Armor.ph

il y en a d autres mais d apres les test de matousec en gratuit il n y en a pas bcp d autre.
http://www.matousec.com/index.html

6)refais moi un rapport hijack et colle le c est quasiment fini.
0
Réponse 13 / 13
totobetourne Messages postés 5677 Statut Membre 65
 
arrete windows defender si tu en as marre de son intervention , c est juste un programme de windows donc pense pas qu il soit tres efficace.

0

Discussions similaires

Avast HNS-SELF-WAN-ACCESS-IPV6
Astafor99 -
Astafor99 -

4 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
PUADlManager:Win32/OfferCore
tenmalade -
tenmalade -

2 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
PUABundler:Win32/CandyOpen : dangereux ?
joubine -
bazfile -

2 réponses