Sujet Précédent Sujet Suivant

Aidez moi a enlevé mes virus et trojans svp

Guizo -  
plopus Messages postés 6113 Statut Contributeur sécurité -
Bonjour,
Mon pc a été infécté par des trojan j'ai donc fait des analyses avec a-squared et spybot j'ai effacé tous les trojans et g nettoyé mon pc avec c-cleaner. Pourtant mon pc rame a fond dans windows et sur internet aussi. J'ai telecharger hijack this (trend micro) et smitfraudFix et je voudrais savoir si vous pouviez m'analyser les rapports??

Config:

Windows vista
Internet explorer 8
Mozilla firefox

MERCI BCP
A voir également:

30 réponses

  • 1
  • 2
Réponse 1 / 30
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
bonjour

telecharge hijackthis sur ton bureau https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

execute le en administrateuir sous vista choisit do a scan and save the log et poste le rapport
0
Réponse 2 / 30
Guizo
 
Salut merci pour ton aide. Voila le rapport hijack this.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:02:23, on 29/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\USB Disk Win98 Driver\Res.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2HiJackFree.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Users\start\Desktop\HiJackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [] Winreg.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F43DE135-7EC4-4234-ADF1-B307F837E77E}: NameServer = 192.168.1.1
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate1c9bb79361eb80b) (gupdate1c9bb79361eb80b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - C:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 3 / 30
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
Tu as une toolbar infectieuse + une autre infection

Fait ceci :

# Télécharge ToolbarSD (de Team IDN) sur ton Bureau

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

# Lance l'installation du programme en exécutant le fichier téléchargé.

#clique droit et execute en administrateur sous vista maintenant sur le raccourci de Toolbar-S&D.

# Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.

# Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.

# Poste le rapport généré. (C:\TB.txt)
0
Réponse 4 / 30
Guizo
 
Salut voila le rapport toolbarSD

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2080 @ 1.73GHz )
BIOS : Ver 1.00PARTTBL0
USER : start ( Not Administrator ! )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Not Activated)
Firewall : Norton Internet Security 2007 (Not Activated)
C:\ (Local Disk) - NTFS - Total:147 Go (Free:18 Go)
D:\ (USB)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 29/05/2009|21:45 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\Gossiper
C:\Program Files\Gossiper\GossiperToolbarHelper.exe
C:\Program Files\Gossiper\INSTALL.LOG
C:\Program Files\Gossiper\tbGoss.dll
C:\Program Files\Gossiper\toolbar.cfg
C:\Program Files\Gossiper\UNWISE.EXE
C:\ProgramData\Kiwee Toolbar
C:\ProgramData\Kiwee Toolbar\config
C:\ProgramData\Kiwee Toolbar\images
C:\ProgramData\Kiwee Toolbar\config\content_a.xml
C:\ProgramData\Kiwee Toolbar\config\content_ie.xml
C:\ProgramData\Kiwee Toolbar\config\content_m.xml
C:\ProgramData\Kiwee Toolbar\config\content_y.xml
C:\ProgramData\Kiwee Toolbar\config\logger.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIE.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_a.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_m.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_y.xml
C:\ProgramData\Kiwee Toolbar\images\allow.bmp
C:\ProgramData\Kiwee Toolbar\images\block.bmp
C:\ProgramData\Kiwee Toolbar\images\dontsend.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbardropdownmenu.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsHelprolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_bg.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_dp.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm2rolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarstextrollover.bmp
C:\ProgramData\Kiwee Toolbar\images\send.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_eg.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_emoticons.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_eyeglass.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_gear.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_images.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_kiwee.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_msnlogo.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_news.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_text.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_videos.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_webshots.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_winks.bmp
C:\ProgramData\Kiwee Toolbar\images\X.bmp
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar
C:\Program Files\Kiwee Toolbar
C:\Program Files\Kiwee Toolbar\2.8.167
C:\Program Files\Kiwee Toolbar\2.8.167\firefox
C:\Program Files\Kiwee Toolbar\2.8.167\kiweetoolbar.zip
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\firefox.xpi
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\install.rdf
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome\kiweetoolbar.jar
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.xpt
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.xpt
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\manifest.mf
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.rsa
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.sf

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.orange.fr/portail"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\01 - Lloyd - Girls All Around THe World - DJ Felon Remix.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\02 - Shwayze - Corona And Lime.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\03 - Too hort - Blow The Whistle.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\04 - Missy Elliott - Ching A Ling.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\05 - Michael Jackson ft Fergie - Billie Jean 2008 - Kanye West Remix.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\06 - Diddy - Through The Pain.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\07 - Kanye West - Stronger.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\08 - Nelly - Bay Bay Bay.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\09 - E-40 ft Akon - Wake It Up.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\10 - Timbaland ft. Nelly Furtado- Give It To Me.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\11 - ONeal McKnight ft. Jermaine Dupri - Check Your Coat - Jearmaine Remix.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\12 - Madonna ft. Justin Timberlake Timbo - 4 Minutes To Save The World.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\13 - Craig David - Hot Stuff.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\14 - Lil Mama ft T-Pain - Shawty Get Loose.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\15 - The Federation - I Wear My Stunna Glasses At Nite.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\16 - Timbaland - The Way I Are.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\17 - Ludacris - What A Fool Believes - Benny Black Doobie Brothers Remix.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\18 - Nelly Furtado - Say It Right.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\19 - Estelle ft Kanye West - American Boy.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\20 - Three 6 Mafia - Lollipop.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\Distributed by Mininova.txt
C:\Users\start\Documents\T‚l‚chargement termin‚\Acronis Disk Director 10 FR build 2161 (Partition suite) # Keygen inclus - par Ju#.7z
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007.zip
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\A lire.doc
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\key.txt
C:\Users\start\Documents\T‚l‚chargement termin‚\Office 2007 Professional Plus SP2 FR\OFF12PPSP1FR\_Extras\Classic Menu for Office 2007 v4.00\keygen.exe
C:\Users\start\Music\Documents\NI - Traktor Pro 1.0.1\crack

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 29/05/2009|21:48 - Option : [1]

-----------\\ Fin du rapport a 21:48:11,29
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 30
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
attention au crack !!!

C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007.zip
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\A lire.doc
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\key.txt
C:\Users\start\Documents\T‚l‚chargement termin‚\Office 2007 Professional Plus SP2 FR\OFF12PPSP1FR\_Extras\Classic Menu for Office 2007 v4.00\keygen.exe
C:\Users\start\Music\Documents\NI - Traktor Pro 1.0.1\crack

surtout qu'il existe a la place de microsoft office, open office qui est la meme chose mais gratuit

* Relance Toolbar-S&D en liquant droit et execute en administrateur sur le raccourci.

* Tape sur "2" puis valide en appuyant sur "Entrée".

/!\ Ne ferme pas la fenêtre lors de la suppression /!\

* Un rapport sera généré, poste son contenu ici.

* NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.

puis fait un scan en ligne ici et poste le rapport http://www.bitdefender.fr/scan_fr/scan8/ie.html

puis

* Télécharge Malwarebytes
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebytes anti malware

* Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
* Lance une analyse complète en cliquant sur "Exécuter un examen complet"
* Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
* L'analyse peut durer un bon moment.....
* Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
* Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
* Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum

* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
0
Guizo
 
Salut j'ai fait l'analyse bit defender voila le rapport:

BitDefender Online Scanner - Rapport virus en temps réel



Généré à: Sat, May 30, 2009 - 15:08:49


--------------------------------------------------------------------------------





Info d'analyse



Fichiers scannés
140812

Infectés Fichiers
0








Virus Détectés



Aucun virus trouvé.











--------------------------------------------------------------------------------



Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
0
Réponse 6 / 30
Guizo
 
Salut et encore merci pour ton aide. Voila le rapport toolbar sd apres suppression:

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2080 @ 1.73GHz )
BIOS : Ver 1.00PARTTBL0
USER : start ( Not Administrator ! )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Not Activated)
Firewall : Norton Internet Security 2007 (Not Activated)
C:\ (Local Disk) - NTFS - Total:147 Go (Free:12 Go)
D:\ (USB)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 30/05/2009|13:32 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\Gossiper\GossiperToolbarHelper.exe
Supprime! - C:\Program Files\Gossiper\INSTALL.LOG
Supprime! - C:\Program Files\Gossiper\tbGoss.dll
Supprime! - C:\Program Files\Gossiper\toolbar.cfg
Supprime! - C:\Program Files\Gossiper\UNWISE.EXE
Supprime! - C:\ProgramData\Kiwee Toolbar\config
Supprime! - C:\ProgramData\Kiwee Toolbar\images
Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar
Supprime! - C:\Program Files\Kiwee Toolbar\2.8.167
Supprime! - C:\Program Files\Gossiper
Supprime! - C:\ProgramData\Kiwee Toolbar
Supprime! - C:\Program Files\Kiwee Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.orange.fr/portail"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\01 - Lloyd - Girls All Around THe World - DJ Felon Remix.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\02 - Shwayze - Corona And Lime.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\03 - Too hort - Blow The Whistle.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\04 - Missy Elliott - Ching A Ling.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\05 - Michael Jackson ft Fergie - Billie Jean 2008 - Kanye West Remix.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\06 - Diddy - Through The Pain.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\07 - Kanye West - Stronger.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\08 - Nelly - Bay Bay Bay.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\09 - E-40 ft Akon - Wake It Up.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\10 - Timbaland ft. Nelly Furtado- Give It To Me.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\11 - ONeal McKnight ft. Jermaine Dupri - Check Your Coat - Jearmaine Remix.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\12 - Madonna ft. Justin Timberlake Timbo - 4 Minutes To Save The World.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\13 - Craig David - Hot Stuff.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\14 - Lil Mama ft T-Pain - Shawty Get Loose.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\15 - The Federation - I Wear My Stunna Glasses At Nite.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\16 - Timbaland - The Way I Are.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\17 - Ludacris - What A Fool Believes - Benny Black Doobie Brothers Remix.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\18 - Nelly Furtado - Say It Right.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\19 - Estelle ft Kanye West - American Boy.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\20 - Three 6 Mafia - Lollipop.mp3
C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\Distributed by Mininova.txt
C:\Users\start\Documents\T‚l‚chargement termin‚\Acronis Disk Director 10 FR build 2161 (Partition suite) # Keygen inclus - par Ju#.7z
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007.zip
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\A lire.doc
C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\key.txt
C:\Users\start\Documents\T‚l‚chargement termin‚\Office 2007 Professional Plus SP2 FR\OFF12PPSP1FR\_Extras\Classic Menu for Office 2007 v4.00\keygen.exe
C:\Users\start\Music\Documents\NI - Traktor Pro 1.0.1\crack

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 29/05/2009|21:48 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 30/05/2009|13:41 - Option : [2]

-----------\\ Fin du rapport a 13:41:22,01
0
Réponse 7 / 30
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
ok passe a malwarebyte et poste le rapport
0
Réponse 8 / 30
Guizo
 
Salut voila le rapport malwarebytes:

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2196
Windows 6.0.6001 Service Pack 1

30/05/2009 17:50:44
mbam-log-2009-05-30 (17-50-44).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 249725
Temps écoulé: 2 hour(s), 26 minute(s), 39 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Miracle (Rogue.FixTool) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\desktop sms (Worm.P2P) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\start\PerfectOptimizer.exe (Rogue.PerfectOptimizer) -> Quarantined and deleted successfully.
c:\Windows\Tasks\PerfectOptimzier_OneClick.job (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
0
Réponse 9 / 30
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
ok fait attention avec les logiciels de securité ou d'optimisation qui ne sont pas connu fait des recherches avant de les telecharger.

est ce toi qui as installé ce programme ? PerfectOptimizer,

fait ceci :

• Télécharge Random's System Information Tool (RSIT) de Random/Random, et enregistre le sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe

• clique droit et execute en administrateur sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande) et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
0
Guizo
 
J'ai essayé de separé le rapport j'espere que c'est bien ça:

Logfile of random's system information tool 1.06 (written by random/random)
Run by start at 2009-05-30 18:25:53
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 12 GB (8%) free of 151 GB
Total RAM: 1013 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:27, on 30/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\msdtc.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\USB Disk Win98 Driver\Res.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Users\start\Desktop\RSIT.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\start\Desktop\RSIT.exe
C:\Program Files\trend micro\start.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [] Winreg.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F43DE135-7EC4-4234-ADF1-B307F837E77E}: NameServer = 192.168.1.1
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate1c9bb79361eb80b) (gupdate1c9bb79361eb80b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - C:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
0
Guizo
 
J'te donne la 2ème partie:

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\User_Feed_Synchronization-{3037FDC8-E66C-4A01-909D-DA431392C1D2}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-10-23 96984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{988B07F5-7392-455A-8A1F-64935CB8B6ED}]
BHO Barre de Confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-04 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-04 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-04 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-28 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-10-23 565960]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
{55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - Barre de confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280]
{0a452a47-c5a8-4854-a237-4b9b06b376f0}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2006-11-01 413696]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2006-12-20 411768]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-02-06 509496]
"NDSTray.exe"=NDSTray.exe []
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-01-17 534648]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-03-02 577536]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-11-01 438272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-02 835584]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-28 148888]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-18 4349952]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-01-13 90191]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-01-13 81920]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-01-13 7766016]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-05-15 516440]
"Persistence"=C:\Windows\system32\igfxpers.exe [2006-11-28 81920]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2006-11-28 98304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2006-11-28 106496]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /a /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll []
"PLFSet"=C:\Windows\PLFSet.dll [2007-04-24 45056]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248]
"CardDetectorHUAWEI160"=C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe [2008-09-25 274432]
"BEWINTERNET-FR-DMGP-V2SessionManager"=C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe [2008-09-25 131824]
"a-squared"=C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe [2009-05-30 2940560]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"USB Storage Toolbox"=C:\Program Files\USB Disk Win98 Driver\Res.EXE [2005-09-14 65536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2006-11-13 413696]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-04 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-10-24 107112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2006-11-28 212992]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1329d651-1873-11de-b9b8-001b38177ab6}]
shell\AutoRun\command - F:\AutoRunCardDetector.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72740357-e889-11dd-adc9-001b38177ab6}]
shell\AutoRun\command - F:\start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dfb19c75-1a6a-11de-a37d-001b38177ab6}]
shell\AutoRun\command - F:\AutoRunCardDetector.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2009-05-30 18:23:26 ----D---- C:\Program Files\trend micro
2009-05-30 18:23:25 ----D---- C:\rsit
2009-05-30 15:23:16 ----D---- C:\Users\start\AppData\Roaming\uTorrent
2009-05-30 15:18:22 ----D---- C:\Users\start\AppData\Roaming\Malwarebytes
2009-05-30 15:17:53 ----D---- C:\ProgramData\Malwarebytes
2009-05-30 15:17:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-30 14:01:03 ----D---- C:\Windows\BDOSCAN8
2009-05-29 21:45:44 ----A---- C:\TB.txt
2009-05-29 21:44:38 ----D---- C:\ToolBar SD
2009-05-29 17:35:20 ----D---- C:\Users\start\AppData\Roaming\dvdcss
2009-05-29 17:34:33 ----D---- C:\Users\start\AppData\Roaming\vlc
2009-05-29 17:29:32 ----D---- C:\Program Files\VideoLAN
2009-05-28 15:13:46 ----D---- C:\Users\start\AppData\Roaming\Printer Info Cache
2009-05-28 15:13:44 ----D---- C:\Users\start\AppData\Roaming\Image Zone Express
2009-05-22 17:08:14 ----A---- C:\SmitfraudFix new 5.txt
2009-05-19 14:12:20 ----D---- C:\ProgramData\WEBREG
2009-05-19 14:11:41 ----D---- C:\Users\start\AppData\Roaming\HP
2009-05-19 14:10:51 ----D---- C:\ProgramData\HPSSUPPLY
2009-05-19 14:05:37 ----D---- C:\Program Files\Hewlett-Packard
2009-05-19 14:05:37 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-05-19 14:05:00 ----D---- C:\Program Files\Common Files\HP
2009-05-19 14:00:30 ----D---- C:\Program Files\HP
2009-05-19 13:57:07 ----D---- C:\ProgramData\HP
2009-05-19 13:56:57 ----A---- C:\Windows\system32\hpzids01.dll
2009-05-19 13:56:56 ----A---- C:\Windows\system32\hpowiav1.dll
2009-05-19 13:56:56 ----A---- C:\Windows\system32\hpovst01.dll
2009-05-19 13:56:56 ----A---- C:\Windows\system32\hpotscl1.dll
2009-05-18 15:23:45 ----A---- C:\Windows\system32\WS2Fix.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\VCCLSID.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\VACFix.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\swxcacls.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\swsc.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\swreg.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\SrchSTS.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\Process.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\o4Patch.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\IEDFix.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\IEDFix.C.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\dumphive.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\Agent.OMZ.Fix.exe
2009-05-18 15:23:45 ----A---- C:\Windows\system32\404Fix.exe
2009-05-18 14:39:35 ----A---- C:\XES37F8.tmp
2009-05-18 14:39:23 ----A---- C:\XES786.tmp
2009-05-18 14:28:27 ----A---- C:\Windows\system32\lsdelete.exe
2009-05-18 06:07:21 ----A---- C:\rapport Smitfraudfix new 3.txt
2009-05-18 06:04:44 ----A---- C:\rapport Smitfraudfix new 2.txt
2009-05-18 05:59:48 ----A---- C:\rapport Smitfraudfix new.txt
2009-05-18 02:44:59 ----A---- C:\rapport Smitfraudfix 4.txt
2009-05-18 02:27:30 ----A---- C:\rapport Smitfraudfix 3 dernier.txt
2009-05-17 23:21:20 ----A---- C:\rapport Smitfraudfix 2.txt
2009-05-17 23:15:38 ----A---- C:\Users\start\AppData\Roaming\SetValue.bat
2009-05-17 23:15:38 ----A---- C:\Users\start\AppData\Roaming\GetValue.vbs
2009-05-17 23:08:31 ----A---- C:\rapport Smitfraudfix.txt
2009-05-17 23:05:26 ----A---- C:\Windows\system32\tmp.txt
2009-05-17 23:05:22 ----A---- C:\rapport.txt
2009-05-17 22:36:15 ----A---- C:\index.ini
2009-05-15 13:12:28 ----D---- C:\Program Files\a-squared Anti-Malware
2009-05-15 09:18:20 ----HDC---- C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-05-15 09:17:08 ----D---- C:\ProgramData\Lavasoft
2009-05-15 09:17:08 ----D---- C:\Program Files\Lavasoft
2009-05-15 09:04:43 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-05-15 09:04:43 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-05-15 08:26:17 ----AD---- C:\ProgramData\TEMP
2009-05-13 23:01:46 ----D---- C:\ProgramData\eMule
2009-05-13 19:36:00 ----D---- C:\Program Files\Common Files\DESIGNER
2009-05-13 19:35:31 ----D---- C:\Program Files\Microsoft.NET
2009-05-13 19:32:47 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-05-13 19:31:35 ----D---- C:\Program Files\Microsoft Office
2009-05-13 19:26:49 ----RHD---- C:\MSOCache
2009-05-12 23:09:50 ----D---- C:\Program Files\mes données
2009-05-12 18:35:23 ----D---- C:\Program Files\Webcamfirst
2009-05-12 17:36:01 ----D---- C:\Windows\SUYIN NB Cam
2009-05-12 17:35:59 ----A---- C:\Windows\system32\vsnp2uvc.dll
2009-05-12 17:35:59 ----A---- C:\Windows\system32\rsnp2uvc.dll
2009-05-12 17:35:59 ----A---- C:\Windows\PLFSet.dll
2009-05-12 17:35:58 ----D---- C:\Program Files\Common Files\snp2uvc
2009-05-12 17:35:58 ----A---- C:\Windows\system32\csnp2uvc.dll
2009-05-12 07:17:39 ----A---- C:\Windows\system32\Autodial2000.dll
2009-05-12 07:17:24 ----D---- C:\Program Files\OrangeHSS
2009-05-11 17:38:22 ----D---- C:\Users\start\AppData\Roaming\agi
2009-05-11 17:37:40 ----D---- C:\Program Files\AGI
2009-05-11 06:43:51 ----D---- C:\Program Files\psx emulation cheater
2009-05-11 04:14:09 ----D---- C:\Windows\Recent
2009-05-11 04:14:08 ----D---- C:\Windows\APPLOG
2009-05-11 01:50:08 ----A---- C:\Windows\winstart.bat
2009-05-11 01:50:08 ----A---- C:\Windows\tmpdelis.bat
2009-05-11 01:50:08 ----A---- C:\Windows\tmpcpyis.bat
2009-05-11 01:43:15 ----A---- C:\Windows\IsUninst.exe
2009-05-07 03:30:23 ----D---- C:\Windows\Minidump
2009-05-03 20:35:44 ----D---- C:\Users\start\AppData\Roaming\fltk.org
2009-05-03 03:53:07 ----D---- C:\Windows\system32\Adobe
2009-04-22 14:00:38 ----A---- C:\Windows\system32\GEARAspi.dll
2009-04-22 13:59:56 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-17 03:01:18 ----D---- C:\Program Files\uTorrent Acceleration Tool
2009-04-17 02:55:25 ----HD---- C:\Windows\PIF
2009-04-15 02:36:31 ----A---- C:\Windows\system32\rpcss.dll
2009-04-15 02:36:31 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-04-15 02:36:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-04-15 02:36:27 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-15 02:36:26 ----A---- C:\Windows\system32\sdohlp.dll
2009-04-15 02:36:26 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-15 02:36:26 ----A---- C:\Windows\system32\iasrecst.dll
2009-04-15 02:36:26 ----A---- C:\Windows\system32\iasdatastore.dll
2009-04-15 02:36:25 ----A---- C:\Windows\system32\iashost.exe
2009-04-15 02:36:25 ----A---- C:\Windows\system32\iasads.dll
2009-04-15 02:36:21 ----A---- C:\Windows\system32\winhttp.dll
2009-04-15 02:36:18 ----A---- C:\Windows\system32\xolehlp.dll
2009-04-15 02:36:18 ----A---- C:\Windows\system32\msdtcprx.dll
2009-04-15 02:35:39 ----A---- C:\Windows\system32\lsasrv.dll
2009-04-15 02:35:38 ----A---- C:\Windows\system32\kernel32.dll
2009-04-15 02:35:37 ----A---- C:\Windows\system32\secur32.dll
2009-04-15 02:35:36 ----A---- C:\Windows\system32\apilogen.dll
2009-04-15 02:35:36 ----A---- C:\Windows\system32\amxread.dll
2009-04-13 02:23:23 ----D---- C:\Program Files\Zone Labs
2009-04-13 02:19:14 ----D---- C:\ProgramData\CheckPoint
2009-04-13 02:19:12 ----A---- C:\Windows\system32\vsutil(30).dll
2009-04-13 02:18:32 ----D---- C:\Windows\Internet Logs
2009-04-13 01:01:51 ----D---- C:\Program Files\Common Files\Scanner
2009-04-05 13:34:47 ----D---- C:\Users\start\AppData\Roaming\CamfrogWEB
2009-04-05 12:42:20 ----SHD---- C:\Users\start\AppData\Roaming\.#
2009-04-05 10:44:49 ----A---- C:\Windows\system32\Trace.txt
2009-04-03 19:47:01 ----D---- C:\Program Files\Bonjour
2009-04-02 18:40:43 ----D---- C:\Program Files\Ask Search Assistant
2009-04-02 08:31:21 ----D---- C:\ProgramData\AVS4YOU
2009-04-02 08:31:20 ----D---- C:\Users\start\AppData\Roaming\AVS4YOU
2009-04-02 08:30:49 ----D---- C:\Program Files\Common Files\AVSMedia
2009-04-02 08:30:49 ----A---- C:\Windows\system32\msxml3a.dll
2009-04-02 05:11:49 ----D---- C:\Program Files\uTorrent SpeedUp Pro
2009-04-02 01:50:54 ----D---- C:\Program Files\iPod
2009-04-02 01:50:52 ----D---- C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-04-02 01:50:52 ----D---- C:\Program Files\iTunes
2009-04-02 01:45:34 ----D---- C:\Program Files\Safari
2009-04-02 01:44:40 ----D---- C:\Program Files\Bonjour(9)
2009-04-02 01:43:14 ----D---- C:\Program Files\QuickTime

======List of files/folders modified in the last 2 months======

2009-05-30 18:26:14 ----D---- C:\Windows\Temp
2009-05-30 18:23:48 ----D---- C:\Windows\Prefetch
2009-05-30 18:23:26 ----D---- C:\Program Files
2009-05-30 18:07:26 ----D---- C:\Windows\system32\drivers
2009-05-30 18:04:40 ----SD---- C:\Users\start\AppData\Roaming\Microsoft
2009-05-30 18:02:02 ----D---- C:\Windows\System32
2009-05-30 17:50:44 ----D---- C:\Windows\Tasks
2009-05-30 15:17:53 ----HD---- C:\ProgramData
2009-05-30 14:01:06 ----SD---- C:\Windows\Downloaded Program Files
2009-05-30 14:01:03 ----D---- C:\Windows
2009-05-30 06:42:34 ----SHD---- C:\System Volume Information
2009-05-29 23:37:18 ----D---- C:\Program Files\Mozilla Firefox
2009-05-29 17:55:12 ----D---- C:\Windows\system32\wbem
2009-05-29 17:54:28 ----D---- C:\Windows\system32\config
2009-05-29 17:53:56 ----D---- C:\Windows\system32\spool
2009-05-29 17:53:56 ----D---- C:\Windows\system32\catroot2
2009-05-29 17:53:56 ----D---- C:\Windows\inf
2009-05-29 17:53:54 ----D---- C:\Windows\registration
2009-05-27 22:24:10 ----D---- C:\Windows\winsxs
2009-05-27 22:24:10 ----D---- C:\Program Files\Internet Explorer
2009-05-27 18:33:04 ----D---- C:\Windows\system32\catroot
2009-05-26 20:02:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-26 02:06:40 ----D---- C:\Program Files\uTorrent
2009-05-25 21:59:07 ----SHD---- C:\Windows\Installer
2009-05-25 17:47:17 ----D---- C:\ProgramData\Microsoft Help
2009-05-19 14:11:24 ----A---- C:\Windows\win.ini
2009-05-19 14:05:45 ----D---- C:\Windows\twain_32
2009-05-19 14:05:37 ----D---- C:\Program Files\Common Files
2009-05-19 12:36:08 ----D---- C:\Windows\Downloaded Installations
2009-05-19 11:43:34 ----D---- C:\Windows\ShellNew
2009-05-18 15:19:48 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-18 14:52:12 ----D---- C:\Program Files\OpenOffice.org 3
2009-05-18 07:51:34 ----D---- C:\Windows\system32\Tasks
2009-05-15 09:21:40 ----DC---- C:\Windows\system32\DRVSTORE
2009-05-15 08:04:14 ----D---- C:\Users\start\AppData\Roaming\OnlineStorage
2009-05-15 07:47:40 ----D---- C:\Program Files\WinRAR
2009-05-13 22:41:16 ----D---- C:\Windows\Debug
2009-05-13 20:33:41 ----RSD---- C:\Windows\Fonts
2009-05-13 20:31:29 ----D---- C:\Program Files\Common Files\microsoft shared
2009-05-13 20:30:59 ----D---- C:\Program Files\Common Files\System
2009-05-13 19:55:00 ----RSD---- C:\Windows\assembly
2009-05-13 19:36:32 ----D---- C:\Program Files\MSBuild
2009-05-13 19:35:32 ----SD---- C:\ProgramData\Microsoft
2009-05-13 03:01:40 ----D---- C:\Program Files\Windows Mail
2009-05-12 17:41:06 ----D---- C:\Program Files\Camera Assistant Software for Toshiba
2009-05-12 01:49:13 ----D---- C:\Windows\system32\Msdtc
2009-05-12 01:47:47 ----D---- C:\Windows\system32\CodeIntegrity
2009-05-12 01:47:37 ----D---- C:\Users\start\AppData\Roaming\Audacity
2009-05-12 01:47:25 ----D---- C:\Program Files\Messenger Plus! Live
2009-05-11 01:50:08 ----A---- C:\Windows\wininit.ini
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-05-04 17:15:18 ----D---- C:\Program Files\Google
2009-05-03 17:52:20 ----D---- C:\Program Files\CA Yahoo! Anti-Spy
2009-05-03 04:04:19 ----D---- C:\Users\start\AppData\Roaming\Mozilla
2009-05-03 03:58:21 ----D---- C:\ProgramData\Google
2009-05-03 00:54:55 ----D---- C:\Windows\ehome
2009-04-24 22:50:29 ----A---- C:\Windows\avisplitter.INI
2009-04-22 13:48:21 ----D---- C:\ProgramData\Adobe
2009-04-22 13:48:08 ----D---- C:\Program Files\Common Files\Adobe
2009-04-22 13:48:08 ----D---- C:\Program Files\Adobe
2009-04-20 19:35:39 ----RD---- C:\Users
2009-04-15 04:31:15 ----D---- C:\Windows\system32\manifeststore
2009-04-15 04:31:15 ----D---- C:\Windows\AppPatch
2009-04-13 10:16:02 ----SHD---- C:\$Recycle.Bin
2009-04-12 16:18:08 ----D---- C:\Program Files\DivX
2009-04-12 16:16:51 ----D---- C:\Program Files\Common Files\DivX Shared
2009-04-12 10:44:18 ----D---- C:\Windows\system32\LogFiles
2009-04-05 21:59:44 ----D---- C:\Windows\ModemLogs
2009-04-04 22:11:18 ----A---- C:\Windows\yesmessenger.ini
2009-04-02 07:02:58 ----D---- C:\Program Files\Windows Media Player
2009-04-02 02:38:13 ----D---- C:\Users\start\AppData\Roaming\Apple Computer
2009-04-02 01:50:53 ----D---- C:\Program Files\Common Files\Apple
2009-04-01 20:38:37 ----D---- C:\Program Files\CDBurnerXP
2009-04-01 20:36:37 ----D---- C:\Program Files\Synaptics
2009-04-01 20:36:37 ----D---- C:\Program Files\CCleaner
2009-04-01 20:28:54 ----D---- C:\Users\start\AppData\Roaming\uTorrent(111)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 CbFs;CbFs; \??\C:\Windows\system32\drivers\cbfs32.sys [2009-01-21 137384]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080415.002\IDSvix86.sys [2008-02-13 261680]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-02-26 5632]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-10-03 187952]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 1476096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-18 1729632]
R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2008-06-27 27072]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-02-07 1729152]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-01-12 124464]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-02 182328]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 ASAPIW2K;ASAPIW2K; C:\Windows\System32\Drivers\ASAPIW2K.sys [2003-11-28 11264]
S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys []
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2008-08-14 36512]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HDJAsioK;HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys []
S3 HDJMidi;Hercules DJ Console MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2007-02-08 41984]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-05-27 101504]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2008-08-20 100224]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 1476096]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-01-13 4452288]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2008-06-27 28224]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Port II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2008-10-03 12848]
S3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2008-10-03 146096]
S3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2008-10-03 39984]
S3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2008-10-03 37936]
S3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-10-03 27696]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 UVCFTR;UVCFTR; C:\Windows\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2AntiMalware;a-squared Anti-Malware Service; C:\Program Files\a-squared Anti-Malware\a2service.exe [2009-05-30 717320]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-09-25 69632]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-05-15 953168]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-20 428152]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 gupdate1c9bb79361eb80b;Service Google Update (gupdate1c9bb79361eb80b); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-12 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-04 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ISPwdSvc;Validation de mot de passe Symantec IS; C:\Program Files\Norton Internet Security\isPwdSvc.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
S4 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
S4 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
S4 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2006-10-13 49296]
S4 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
S4 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll []
S4 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-03-12 1251720]
S4 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-09-20 46736]

-----------------EOF-----------------
0
Réponse 10 / 30
Guizo
 
Salut oui c'est moi qui est installé perfect optimiser. J'ai fait l'analyse RSIT voila le rapport par contre j'en ai eu qu'un et pas deux:

Logfile of random's system information tool 1.06 (written by random/random)
Run by start at 2009-05-30 18:25:53
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 12 GB (8%) free of 151 GB
Total RAM: 1013 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:27, on 30/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\msdtc.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\USB Disk Win98 Driver\Res.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Users\start\Desktop\RSIT.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\start\Desktop\RSIT.exe
C:\Program Files\trend micro\start.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [] Winreg.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F43DE135-7EC4-4234-ADF1-B307F837E77E}: NameServer = 192.168.1.1
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate1c9bb79361eb80b) (gupdate1c9bb79361eb80b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - C:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 11 / 30
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
juste au passage avant la suite Perfetc optimiser est un rogue, c'est un faux logiciel qui est en réalité un virus donc ne t'etonne pas de + le retrouver normalement il a ete supprimé :) , si tu trouve encore des traces de ce logiciel supprime les.

bon il te reste des cochonnerie :

Fait un scan en ligne ici et poste le rapport en entier : http://www.bitdefender.fr/scan_fr/scan8/ie.html

au passage il te reste des traces de NOrton desinstalle le completement avec sa :

http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924

ensuite tu as beaucoup d'antispyware pour pas grand chose et en plus il ont tous des des resident ACTIVé ton PC doit ramer a fond !!!

desactive le TEA timer de spybot (d'ailleur j'aurai te le dire avant) et si tu le remet a la fin de la desinfection accepte TOUTES les modif de registre.

arrete aussi le resident de a-squared Anti-Malware. tu doit garder 1 guard en temps réel pour ton antivirus et une pour ton antispyware la tu as 4 guard en temps réel qui te fond ramé le PC, qui doivent entré en conflit etc...en plus tu es moins protege.

Un conseil desinstalle a-squared Anti-Malware completement et arrete le tea timer de spybot en allant dans les options de spybot et decoche utilisé le resident
0
Réponse 12 / 30
Guizo
 
Salut j'ai viré a-squared et ad-aware et g arrété le resident de spybot. Par contre c'es quoi le tea-timer de spybot? J'ai pas trouvé. Sinon j'arrive pas a desinstallé norton meme en suivant ton lien et en plus je n'ai pas le cd de norton. Et une derniere chose je voulais savoir si spybot est un spyware ou un antivirus? La je vais faire l'analyse bit defender et je te poste le rapport. Merci
0
Réponse 13 / 30
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
en fait le tea timer de spybot c'est le resident donc apparamment tu m'as desactivé .

sa doit deja moins ramer, tu feras ceci pour eliminer les traces de desinstallation c'est un nettoyeur :

telecharge et installe CCleaner DECOCHE L'installation de la yahoo toolbar puis va dans /option/avancé et decoche la premiere case puis va dans onglet registre et fichier temporaire et lance plusieurs nettoyage jusqu'a trouver 0erreur et ne fait pas de sauvegarde des elements.

en attente du scan en ligne
0
Réponse 14 / 30
Guizo
 
J'ai reussi a viré norton. Voila le rapport bitdefender:

BitDefender Online Scanner - Rapport virus en temps réel

Généré à: Sat, May 30, 2009 - 22:55:28

--------------------------------------------------------------------------------

Info d'analyse

Fichiers scannés
140211

Infectés Fichiers
0

Virus Détectés

Aucun virus trouvé.

--------------------------------------------------------------------------------

Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
0
Réponse 15 / 30
g!rly Messages postés 18462 Statut Contributeur 406
 
_______*#####*
____*##########*
__*##############
__################
_##################_________**####*
__##################_____*##########
__##################___*#############
___#################*_###############*
____#################################*
______###############################
_______#############################* __________
________*##########################__________
__________########################
___________*####################*
____________*##################
_____________*###############
_______________#############
________________##########
________________*#######*
_________________######
__________________####
__________________###
___________________#
0
Réponse 16 / 30
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
salut g!rly tu vas bien ? :)

guizo :

telecharge sur ton BUREAU combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

DESACTIVE ton antivirus et TOUtes tes defence et deconnecte toi d'internet

lance le suit les indication et ne touche a rien durant le scan meme pas a la souris sous risque de faire bug le PC et poste le rapport a la fin
0
Guizo
 
Salut, j'ai passer RSIT:


Logfile of random's system information tool 1.06 (written by random/random)
Run by start at 2009-05-31 23:01:59
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 19 GB (13%) free of 151 GB
Total RAM: 1013 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:24, on 31/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\USB Disk Win98 Driver\Res.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\start\Desktop\RSIT.exe
C:\Users\start\Desktop\start.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F43DE135-7EC4-4234-ADF1-B307F837E77E}: NameServer = 192.168.1.1
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate1c9bb79361eb80b) (gupdate1c9bb79361eb80b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 17 / 30
g!rly Messages postés 18462 Statut Contributeur 406
 
love ya` 

                             |
                         .   |
                             |
               \    *        |     *    .  /
                 \        *  |  .        /
              .    \     ___---___     /    .  
                     \.--         --./     
          ~-_    *  ./               \.   *   _-~
             ~-_   /    ^         ^    \   _-~     *
        *       ~-/    ___       ___    \-~        
          .      |    (_O_)     (_O_)    |      .
              * |                         | *     
     -----------|                         |-----------
       .        |    <               >    |        .    
             *   |    \             /    | *
                _-\    `.         .'    /-_    *
          .  _-~ . \     `-.___.-'     /   ~-_     
          _-~       `\               /'*      ~-_  
         ~           /`--___   ___--'\           ~
                *  /        ---     .  \   
                 /     *     |           \   
               /             |   *         \ 
                          .  |        .
                             |
0
Réponse 18 / 30
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
et ben dit ya une page entiere rempli g!rly :) tu es en forme ce matin

en plus j'ai vu que tu fait un combat avec chiquitine de celui qui aura le meilleur poste en dessin, chiquitine en a vraiment des pas mal ;)
0
Réponse 19 / 30
g!rly Messages postés 18462 Statut Contributeur 406
 
set vs horus .)
0
Réponse 20 / 30
Guizo
 
Salut et encore merci de continuer de m'aider. J'ai encore beaucoup de saloperies ou pas? J'ai passé comboFix voila le rapport:

ComboFix 09-05-30.03 - start 31/05/2009 7:38.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.1013.408 [GMT 2:00]
Lancé depuis: c:\users\start\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\start\AppData\Roaming\.#
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\Ijl11.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-04-28 au 2009-05-31 ))))))))))))))))))))))))))))))))))))
.

2009-05-30 18:11 . 2009-05-30 18:11 -------- d-----w c:\programdata\NortonInstaller
2009-05-30 16:23 . 2009-05-30 16:26 -------- d-----w c:\program files\trend micro
2009-05-30 16:23 . 2009-05-30 16:24 -------- d-----w C:\rsit
2009-05-30 13:23 . 2009-05-31 05:33 -------- d-----w c:\users\start\AppData\Roaming\uTorrent
2009-05-30 13:18 . 2009-05-30 13:18 -------- d-----w c:\users\start\AppData\Roaming\Malwarebytes
2009-05-30 13:17 . 2009-05-26 11:20 40160 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-30 13:17 . 2009-05-30 13:18 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-30 13:17 . 2009-05-30 13:17 -------- d-----w c:\programdata\Malwarebytes
2009-05-30 13:17 . 2009-05-26 11:19 19096 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-30 12:01 . 2009-05-30 19:54 -------- d-----w c:\windows\BDOSCAN8
2009-05-29 19:44 . 2009-05-30 11:41 -------- d-----w C:\ToolBar SD
2009-05-29 15:35 . 2009-05-29 15:36 -------- d-----w c:\users\start\AppData\Roaming\dvdcss
2009-05-29 15:34 . 2009-05-29 15:39 -------- d-----w c:\users\start\AppData\Roaming\vlc
2009-05-29 15:29 . 2009-05-29 15:29 -------- d-----w c:\program files\VideoLAN
2009-05-28 13:13 . 2009-05-28 13:13 -------- d-----w c:\users\start\AppData\Roaming\Printer Info Cache
2009-05-28 13:13 . 2009-05-28 13:13 -------- d-----w c:\users\start\AppData\Roaming\Image Zone Express
2009-05-26 16:58 . 2009-05-26 16:58 552 ----a-w c:\users\start\AppData\Local\d3d8caps.dat
2009-05-20 02:34 . 2009-05-20 02:34 -------- d-----w c:\users\start\Jeux de Nes
2009-05-19 12:12 . 2009-05-19 12:12 -------- d-----w c:\programdata\WEBREG
2009-05-19 12:11 . 2009-05-25 15:19 -------- d-----w c:\users\start\AppData\Roaming\HP
2009-05-19 12:10 . 2009-05-19 12:10 -------- d-----w c:\programdata\HPSSUPPLY
2009-05-19 12:05 . 2009-05-19 12:05 -------- d-----w c:\program files\Hewlett-Packard
2009-05-19 12:05 . 2009-05-19 12:05 -------- d-----w c:\program files\Common Files\Hewlett-Packard
2009-05-19 12:05 . 2009-05-19 12:10 -------- d-----w c:\program files\Common Files\HP
2009-05-19 12:00 . 2009-05-19 12:10 -------- d-----w c:\program files\HP
2009-05-19 11:57 . 2009-05-19 12:13 164400 ----a-w c:\windows\hpoins19.dat
2009-05-19 11:57 . 2009-05-19 12:42 -------- d-----w c:\programdata\HP
2009-05-19 11:56 . 2006-11-20 21:36 258048 ----a-w c:\windows\system32\hpzids01.dll
2009-05-19 11:56 . 2006-12-16 06:19 675840 ----a-w c:\windows\system32\hpowiav1.dll
2009-05-19 11:56 . 2006-12-16 06:19 303104 ----a-w c:\windows\system32\hpovst01.dll
2009-05-19 11:56 . 2006-12-16 06:19 573440 ----a-w c:\windows\system32\hpotscl1.dll
2009-05-19 11:56 . 2007-03-13 19:55 26952 ----a-w c:\windows\hpomdl19.dat
2009-05-17 21:15 . 2009-05-22 15:05 35 ----a-w c:\users\start\AppData\Roaming\SetValue.bat
2009-05-15 11:12 . 2009-05-30 18:01 -------- d-----w c:\program files\a-squared Anti-Malware
2009-05-15 07:17 . 2009-05-30 17:45 -------- d-----w c:\programdata\Lavasoft
2009-05-15 07:17 . 2009-05-30 17:45 -------- d-----w c:\program files\Lavasoft
2009-05-15 07:04 . 2009-05-30 17:33 -------- d-----w c:\programdata\Spybot - Search & Destroy
2009-05-15 07:04 . 2009-05-15 14:43 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-13 21:01 . 2009-05-13 21:01 -------- d-----w c:\programdata\eMule
2009-05-13 21:01 . 2009-05-13 21:42 -------- d-----w c:\users\start\AppData\Local\eMule
2009-05-13 17:35 . 2009-05-13 17:35 -------- d-----w c:\program files\Microsoft.NET
2009-05-13 17:32 . 2009-05-13 17:32 -------- d-----w c:\program files\Microsoft Visual Studio 8
2009-05-13 17:26 . 2009-05-13 17:26 -------- d--h--r C:\MSOCache
2009-05-12 21:10 . 2009-01-21 13:25 137384 ----a-w c:\windows\system32\drivers\cbfs32.sys
2009-05-12 21:09 . 2009-05-12 21:10 -------- d-----w c:\program files\mes données
2009-05-12 16:35 . 2009-05-30 17:49 -------- d-----w c:\program files\Webcamfirst
2009-05-12 15:36 . 2009-05-12 15:36 -------- d-----w c:\windows\SUYIN NB Cam
2009-05-12 15:35 . 2007-04-24 09:49 45056 ----a-w c:\windows\PLFSet.dll
2009-05-12 15:35 . 2007-04-02 16:40 172032 ----a-w c:\windows\system32\rsnp2uvc.dll
2009-05-12 15:35 . 2007-02-07 16:35 1729152 ----a-w c:\windows\system32\drivers\snp2uvc.sys
2009-05-12 15:35 . 2006-12-28 09:21 27904 ----a-w c:\windows\system32\drivers\sncduvc.sys
2009-05-12 15:35 . 2006-11-07 13:17 286720 ----a-w c:\windows\system32\vsnp2uvc.dll
2009-05-12 15:35 . 2009-05-12 15:35 -------- d-----w c:\program files\Common Files\snp2uvc
2009-05-12 15:35 . 2005-11-23 11:55 53248 ----a-w c:\windows\system32\csnp2uvc.dll
2009-05-12 05:17 . 2007-12-11 18:22 65536 ----a-w c:\windows\system32\Autodial2000.dll
2009-05-12 05:17 . 2009-05-12 05:31 -------- d-----w c:\program files\OrangeHSS
2009-05-11 15:38 . 2009-05-11 15:39 -------- d-----w c:\users\start\AppData\Roaming\agi
2009-05-11 15:37 . 2009-05-11 15:37 -------- d-----w c:\program files\AGI
2009-05-11 04:43 . 2009-05-11 04:43 -------- d-----w c:\program files\psx emulation cheater
2009-05-11 02:14 . 2009-05-11 23:47 -------- d-----w c:\windows\Recent
2009-05-11 02:14 . 2009-05-11 23:47 -------- d-----w c:\windows\APPLOG
2009-05-10 23:50 . 2009-05-10 23:50 26 ----a-w c:\windows\winstart.bat
2009-05-10 23:50 . 2009-05-10 23:50 141 ----a-w c:\windows\tmpcpyis.bat
2009-05-10 23:50 . 2009-05-10 23:50 122 ----a-w c:\windows\tmpdelis.bat
2009-05-10 23:43 . 1998-07-30 10:51 305152 ----a-w c:\windows\IsUninst.exe
2009-05-05 13:19 . 2009-05-15 06:09 90 ----a-w c:\users\start\AppData\Local\kcyss.bat
2009-05-03 18:35 . 2009-05-03 18:35 -------- d-----w c:\users\start\AppData\Roaming\fltk.org
2009-05-03 01:53 . 2009-05-03 01:53 -------- d-----w c:\windows\system32\Adobe
2009-05-03 01:51 . 2009-05-24 11:18 153024 ---ha-w c:\windows\system32\mlfcache.dat
2009-05-03 01:33 . 2009-05-03 17:12 -------- d-----w c:\users\start\Jeux console

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-30 19:50 . 2008-01-24 19:28 -------- d-----w c:\program files\Yahoo!
2009-05-30 18:14 . 2007-03-08 10:40 -------- d-----w c:\program files\Common Files\Symantec Shared
2009-05-26 18:02 . 2006-11-02 15:48 672322 ----a-w c:\windows\system32\perfh00C.dat
2009-05-26 18:02 . 2006-11-02 15:48 124434 ----a-w c:\windows\system32\perfc00C.dat
2009-05-26 00:06 . 2008-02-19 14:18 -------- d-----w c:\program files\uTorrent
2009-05-25 15:58 . 2009-03-28 06:47 1 ----a-w c:\users\start\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-05-25 15:47 . 2008-02-07 15:53 -------- d-----w c:\programdata\Microsoft Help
2009-05-22 15:05 . 2009-05-17 21:15 691 ----a-w c:\users\start\AppData\Roaming\GetValue.vbs
2009-05-18 13:19 . 2007-03-08 09:52 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-18 12:53 . 2009-04-01 23:50 -------- d-----w c:\program files\iPod
2009-05-18 12:52 . 2009-03-28 05:58 -------- d-----w c:\program files\OpenOffice.org 3
2009-05-18 12:41 . 2009-04-02 03:11 -------- d-----w c:\program files\uTorrent SpeedUp Pro
2009-05-18 12:39 . 2009-05-18 12:39 0 ----a-w C:\XES37F8.tmp
2009-05-18 12:39 . 2009-05-18 12:39 0 ----a-w C:\XES786.tmp
2009-05-15 06:04 . 2009-04-17 01:01 -------- d-----w c:\program files\uTorrent Acceleration Tool
2009-05-15 06:04 . 2009-03-27 01:28 -------- d-----w c:\users\start\AppData\Roaming\OnlineStorage
2009-05-13 22:08 . 2009-03-02 15:45 116120 ----a-w c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-05-13 17:36 . 2006-11-02 12:37 -------- d-----w c:\program files\MSBuild
2009-05-13 01:01 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-12 21:10 . 2009-05-12 21:09 -------- d-----w c:\program files\mes données
2009-05-12 15:41 . 2008-01-22 17:01 -------- d-----w c:\program files\Camera Assistant Software for Toshiba
2009-05-11 23:47 . 2009-03-24 13:19 -------- d-----w c:\users\start\AppData\Roaming\Audacity
2009-05-11 23:47 . 2009-02-04 01:20 -------- d-----w c:\program files\Messenger Plus! Live
2009-05-05 12:37 . 2009-03-28 02:54 88 ----a-w c:\users\start\AppData\Local\muqog.bat
2009-05-04 15:15 . 2009-03-30 19:49 -------- d-----w c:\program files\Google
2009-05-03 15:52 . 2009-03-30 17:54 -------- d-----w c:\program files\CA Yahoo! Anti-Spy
2009-04-28 09:19 . 2009-04-28 09:19 -------- d-----w c:\users\Wizgo.PC-DE-GUILLAUME\AppData\Roaming\OnlineStorage
2009-04-22 12:00 . 2009-04-22 11:59 -------- d-----w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-22 12:00 . 2009-04-01 23:50 -------- d-----w c:\program files\iTunes
2009-04-22 11:55 . 2009-04-22 11:55 75048 ----a-w c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-22 11:48 . 2008-06-18 21:45 -------- d-----w c:\program files\Common Files\Adobe
2009-04-13 08:24 . 2009-04-13 08:24 -------- d-----w c:\users\Wizgo.PC-DE-GUILLAUME\AppData\Roaming\Yahoo!
2009-04-13 08:23 . 2009-04-13 08:21 -------- d-----w c:\users\Wizgo.PC-DE-GUILLAUME\AppData\Roaming\uTorrent
2009-04-13 08:18 . 2009-04-13 08:18 -------- d-----w c:\users\Wizgo.PC-DE-GUILLAUME\AppData\Roaming\DivX
2009-04-13 08:17 . 2009-04-13 08:17 114568 ----a-w c:\users\Wizgo.PC-DE-GUILLAUME\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-13 00:23 . 2009-04-13 00:23 -------- d-----w c:\program files\Zone Labs
2009-04-13 00:19 . 2009-04-13 00:19 -------- d-----w c:\programdata\CheckPoint
2009-04-12 23:01 . 2009-04-12 23:01 -------- d-----w c:\program files\Common Files\Scanner
2009-04-12 14:18 . 2008-01-24 19:28 -------- d-----w c:\program files\DivX
2009-04-12 14:16 . 2009-03-26 16:26 -------- d-----w c:\program files\Common Files\DivX Shared
2009-04-05 20:17 . 2009-04-01 23:43 -------- d-----w c:\program files\QuickTime
2009-04-05 11:39 . 2009-04-05 11:34 -------- d-----w c:\users\start\AppData\Roaming\CamfrogWEB
2009-04-03 19:06 . 2009-04-02 06:30 -------- d-----w c:\program files\Common Files\AVSMedia
2009-04-03 17:49 . 2009-04-01 23:45 -------- d-----w c:\program files\Safari
2009-04-03 17:47 . 2009-04-03 17:47 -------- d-----w c:\program files\Bonjour
2009-04-02 06:31 . 2009-04-02 06:31 -------- d-----w c:\programdata\AVS4YOU
2009-04-02 06:31 . 2009-04-02 06:31 -------- d-----w c:\users\start\AppData\Roaming\AVS4YOU
2009-04-02 05:13 . 2009-04-01 23:44 -------- d-----w c:\program files\Bonjour(9)
2009-04-02 04:47 . 2008-01-22 16:49 8224 ----a-w c:\users\start\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-02 00:38 . 2008-03-21 21:54 -------- d-----w c:\users\start\AppData\Roaming\Apple Computer
2009-04-01 23:51 . 2009-04-01 23:50 -------- d-----w c:\programdata\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-04-01 23:50 . 2008-03-21 21:47 -------- d-----w c:\program files\Common Files\Apple
2009-04-01 18:38 . 2009-03-30 19:34 -------- d-----w c:\program files\CDBurnerXP
2009-04-01 18:36 . 2009-02-26 01:13 -------- d-----w c:\program files\CCleaner
2009-04-01 18:36 . 2008-01-22 16:40 -------- d-----w c:\program files\Synaptics
2009-04-01 18:28 . 2009-03-30 19:09 -------- d-----w c:\users\start\AppData\Roaming\uTorrent(111)
2009-04-01 18:10 . 2009-03-31 13:33 -------- d-----w c:\users\Wizgo\AppData\Roaming\uTorrent
2009-03-31 13:17 . 2009-03-31 13:17 114568 ----a-w c:\users\Wizgo\AppData\Local\GDIPFONTCACHEV1.DAT
2009-03-28 08:07 . 2009-03-28 08:07 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-19 14:32 . 2009-04-22 12:00 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-17 03:38 . 2009-04-15 00:35 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-15 00:35 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-08 11:34 . 2009-03-28 07:38 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-03-28 07:38 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-03-28 07:38 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-03-28 07:38 109056 ----a-w c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-03-28 07:38 109568 ----a-w c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-03-28 07:38 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-03-28 07:38 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-03-28 07:38 103936 ----a-w c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-03-28 07:38 132608 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-03-28 07:38 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-03-28 07:38 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-03-28 07:38 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-03-28 07:38 66560 ----a-w c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-03-28 07:38 169472 ----a-w c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-03-28 07:38 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-03-28 07:38 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-03-28 07:38 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-03-28 07:38 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-03 04:46 . 2009-04-15 00:36 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-15 00:36 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-15 00:36 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-15 00:36 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-15 00:36 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-15 00:36 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-15 00:36 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 04:37 . 2009-04-15 00:36 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 03:04 . 2009-04-15 00:36 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-15 00:36 17408 ----a-w c:\windows\system32\iashost.exe
2002-03-11 09:06 . 2002-03-11 09:06 1822520 ----a-w c:\program files\instmsiw.exe
2002-03-11 08:45 . 2002-03-11 08:45 1708856 ----a-w c:\program files\instmsia.exe
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OSDOverLayIcon]
@="{8129812F-4AF8-4A47-85A5-D995B505880C}"
[HKEY_CLASSES_ROOT\CLSID\{8129812F-4AF8-4A47-85A5-D995B505880C}]
2009-04-16 14:32 53248 ----a-w c:\program files\mes données\OSDExtension.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2006-11-13 413696]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-04 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2006-11-01 413696]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-19 411768]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-02-06 509496]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-01-17 534648]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-02-19 571024]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-03-02 577536]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-11-01 438272]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-02-02 835584]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-28 148888]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-01-13 90191]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-01-13 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-01-13 7766016]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-11-28 81920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-11-28 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-11-28 106496]
"PLFSet"="c:\windows\PLFSet.dll" [2007-04-24 45056]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
"ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]
"CardDetectorHUAWEI160"="c:\program files\CardDetector\HUAWEI160\CardDetector.exe" [2008-09-25 274432]
"BEWINTERNET-FR-DMGP-V2SessionManager"="c:\program files\Orange\IEWInternet\SessionManager\SessionManager.exe" [2008-09-25 131824]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"USB Storage Toolbox"="c:\program files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 65536]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"NDSTray.exe"="NDSTray.exe" [BU]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-01-18 4349952]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
"DefaultOutboundAction"= 0 (0x0)
"DefaultInboundAction"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{8B50BA2A-8C4C-4FE4-9CF8-01EE69C14190}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{4F2B5B6D-0ABC-4035-A669-4F72DE374CFD}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{9F2DDA66-953B-42F4-9C96-9AB7F4F31777}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= UDP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
"UDP Query User{F8026AC2-11B4-4BF2-A592-32EF8EC4C47F}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= TCP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
"TCP Query User{67FE2105-383F-4114-BADC-46817EBA0DAC}c:\\windows\\system32\\winreg.exe"= UDP:c:\windows\system32\winreg.exe:Winreg
"UDP Query User{D80521F8-DD82-4DF3-A511-CFDE012FD8A4}c:\\windows\\system32\\winreg.exe"= TCP:c:\windows\system32\winreg.exe:Winreg
"{B68DDBB7-5854-462B-B402-C5F3ACDBC88C}"= UDP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{9EFFB496-7C2F-4032-8710-BB85A8EF08EA}"= TCP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{82DC71F7-B5C2-45A1-B0E0-234DF3BA87CD}"= UDP:c:\program files\K-Lite Codec Pack\Filters\ac3config.exe:AC3Filter
"{EBDAD518-3227-42F9-A122-50C2768D80BF}"= TCP:c:\program files\K-Lite Codec Pack\Filters\ac3config.exe:AC3Filter
"{262DEBA5-5EC6-45C9-BCB0-361F421BBF50}"= Disabled:TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{A319C412-4E62-45FB-8E2A-336F43C75A7F}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= UDP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
"UDP Query User{27455208-5C43-4CD0-93E1-AD1F14055FD0}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= TCP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
"{914558EC-E758-4782-A150-46ED41DE140F}"= Disabled:TCP:55000:192.168.1.10:eMule
"TCP Query User{AD667AEE-B323-4F01-B0E7-48ACDABEC428}c:\\program files\\emule\\emule.exe"= Disabled:UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{0FF5DF6B-FEEB-41A4-9404-79DB26C2B876}c:\\program files\\emule\\emule.exe"= Disabled:TCP:c:\program files\emule\emule.exe:eMule
"{2C3F7019-7AEE-4308-A1DA-0B55F698A6DC}"= Disabled:UDP:c:\program files\uTorrent Acceleration Tool\uTorrent Acceleration Tool.exe:uTorrent Acceleration Tool
"{45E6ECE0-4271-45F1-B094-71F76F808742}"= Disabled:TCP:c:\program files\uTorrent Acceleration Tool\uTorrent Acceleration Tool.exe:uTorrent Acceleration Tool
"TCP Query User{F43452C4-0663-481C-B01F-FEFC907ED84A}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{9B68FA2C-070D-4D44-8B0E-70D05B54CECF}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
"{DA5F344F-D127-4A00-BE5B-C3A100B876DD}"= UDP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{0E6ACF05-6898-4EB1-8E68-0A5FA45FC6A0}"= TCP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{4B08FBF3-1E8A-4B45-A181-1DB8AB8C1493}"= UDP:c:\users\start\AppData\Local\Temp\7zSAA62.tmp\SymNRT.exe:Norton Removal Tool
"{E5F59BC3-6818-439B-ABA6-4975CA016D7C}"= TCP:c:\users\start\AppData\Local\Temp\7zSAA62.tmp\SymNRT.exe:Norton Removal Tool

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DefaultOutboundAction"= 0 (0x0)
"DefaultInboundAction"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
"DefaultOutboundAction"= 0 (0x0)
"DefaultInboundAction"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\Orange\\IEWInternet\\Connectivity\\ConnectivityManager.exe"= c:\program files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe:*:enabled:CSS
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [12/01/2009 20:28 114768]
R1 CbFs;CbFs;c:\windows\System32\drivers\cbfs32.sys [12/05/2009 23:10 137384]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [12/01/2009 20:28 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [12/01/2009 20:27 51792]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [15/05/2009 09:04 1153368]
S2 gupdate1c9bb79361eb80b;Service Google Update (gupdate1c9bb79361eb80b);c:\program files\Google\Update\GoogleUpdate.exe [12/04/2009 16:16 133104]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [29/12/2008 15:27 36512]
S3 HDJMidi;Hercules DJ Console MIDI;c:\windows\System32\drivers\HDJMidi.sys [23/02/2008 05:27 41984]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\System32\drivers\ewusbfake.sys [24/03/2009 21:44 100224]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [24/03/2009 21:50 28224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
Contenu du dossier 'Tâches planifiées'

2009-05-31 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-12 14:15]

2009-05-31 c:\windows\Tasks\User_Feed_Synchronization-{3037FDC8-E66C-4A01-909D-DA431392C1D2}.job
- c:\windows\system32\msfeedssync.exe [2009-03-28 11:31]
.
- - - - ORPHELINS SUPPRIMES - - - -

SafeBoot-procexp90.Sys

.
------- Examen supplémentaire -------
.
uStart Page = hxxp://orange.fr/
mWindow Title =
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR
TCP: {F43DE135-7EC4-4234-ADF1-B307F837E77E} = 192.168.1.1
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\users\start\AppData\Roaming\Mozilla\Firefox\Profiles\oxesnv3c.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q=
FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

---- PARAMETRES FIREFOX ----
FF - user.js: network.proxy.type - 0
FF - user.js: browser.shell.checkDefaultBrowser - false
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-31 07:42
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-3943368547-3807070264-3836599413-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D7E3E596-7CB6-9CBF-B075-059EB737B9AC}*]
"bbdgcbaepnokgoaokiffgafpccenoknkoojj"=hex:61,61,00,00
"abdgcbaepnokgoaokiafjghdeibmbocacn"=hex:61,61,00,00

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2009-05-31 7:44
ComboFix-quarantined-files.txt 2009-05-31 05:44

Avant-CF: 28 837 388 288 octets libres
Après-CF: 28 988 780 544 octets libres

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
388 --- E O F --- 2009-05-29 16:02
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses