Aidez moi a enlevé mes virus et trojans svp

Guizo -  
plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,
Mon pc a été infécté par des trojan j'ai donc fait des analyses avec a-squared et spybot j'ai effacé tous les trojans et g nettoyé mon pc avec c-cleaner. Pourtant mon pc rame a fond dans windows et sur internet aussi. J'ai telecharger hijack this (trend micro) et smitfraudFix et je voudrais savoir si vous pouviez m'analyser les rapports??

Config:

Windows vista
Internet explorer 8
Mozilla firefox

MERCI BCP
Configuration: Windows Vista Internet Explorer 8.0

30 réponses

  • 1
  • 2
Résumé de la discussion

Un ordinateur infecté par des trojans rame sous Windows Vista, malgré des analyses avec a-squared et Spybot et des nettoyages répétés, ce qui motive l’examen des rapports HijackThis et SmitfraudFix. Des réponses évoquent des étapes de décontamination, dont ComboFix pour désinstaller des éléments indésirables et Malwarebytes qui a détecté et quarantainé des entrées de registre et des fichiers malveillants. D’autres rapports détaillent des barres d’outils et des éléments système supprimés, confirmant la présence de composants indésirables dans les navigateurs et les tâches planifiées, ainsi que des configurations modifiées. La dernière analyse peut révéler des processus et clés de démarrage ambigus, et en cas de persistance, une réinstallation propre du système pourrait être envisagée pour garantir l’élimination complète des infections.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Guizo
     
    Salut merci pour ton aide. Voila le rapport hijack this.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:02:23, on 29/05/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\msdtc.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\USB Disk Win98 Driver\Res.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynToshiba.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2HiJackFree.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\Users\start\Desktop\HiJackThis\HijackThis.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo!
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
    O3 - Toolbar: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
    O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
    O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
    O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\RunServices: [] Winreg.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://*.mappy.com
    O15 - Trusted Zone: http://*.orange.fr
    O15 - Trusted Zone: http://rw.search.ke.voila.fr
    O15 - Trusted Zone: http://orange.weborama.fr
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F43DE135-7EC4-4234-ADF1-B307F837E77E}: NameServer = 192.168.1.1
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Service Google Update (gupdate1c9bb79361eb80b) (gupdate1c9bb79361eb80b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - C:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    0
  2. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    Tu as une toolbar infectieuse + une autre infection

    Fait ceci :

    # Télécharge ToolbarSD (de Team IDN) sur ton Bureau

    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

    # Lance l'installation du programme en exécutant le fichier téléchargé.

    #clique droit et execute en administrateur sous vista maintenant sur le raccourci de Toolbar-S&D.

    # Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.

    # Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.

    # Poste le rapport généré. (C:\TB.txt)
    0
  3. Guizo
     
    Salut voila le rapport toolbarSD

    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2080 @ 1.73GHz )
    BIOS : Ver 1.00PARTTBL0
    USER : start ( Not Administrator ! )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 2007 (Not Activated)
    Firewall : Norton Internet Security 2007 (Not Activated)
    C:\ (Local Disk) - NTFS - Total:147 Go (Free:18 Go)
    D:\ (USB)
    E:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( 29/05/2009|21:45 )

    [ UAC => 0 ]

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\Gossiper
    C:\Program Files\Gossiper\GossiperToolbarHelper.exe
    C:\Program Files\Gossiper\INSTALL.LOG
    C:\Program Files\Gossiper\tbGoss.dll
    C:\Program Files\Gossiper\toolbar.cfg
    C:\Program Files\Gossiper\UNWISE.EXE
    C:\ProgramData\Kiwee Toolbar
    C:\ProgramData\Kiwee Toolbar\config
    C:\ProgramData\Kiwee Toolbar\images
    C:\ProgramData\Kiwee Toolbar\config\content_a.xml
    C:\ProgramData\Kiwee Toolbar\config\content_ie.xml
    C:\ProgramData\Kiwee Toolbar\config\content_m.xml
    C:\ProgramData\Kiwee Toolbar\config\content_y.xml
    C:\ProgramData\Kiwee Toolbar\config\logger.xml
    C:\ProgramData\Kiwee Toolbar\config\toolbarIE.xml
    C:\ProgramData\Kiwee Toolbar\config\toolbarIM_a.xml
    C:\ProgramData\Kiwee Toolbar\config\toolbarIM_m.xml
    C:\ProgramData\Kiwee Toolbar\config\toolbarIM_y.xml
    C:\ProgramData\Kiwee Toolbar\images\allow.bmp
    C:\ProgramData\Kiwee Toolbar\images\block.bmp
    C:\ProgramData\Kiwee Toolbar\images\dontsend.bmp
    C:\ProgramData\Kiwee Toolbar\images\im_toolbardropdownmenu.bmp
    C:\ProgramData\Kiwee Toolbar\images\im_toolbarsHelprolloverbase.bmp
    C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase.bmp
    C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_bg.bmp
    C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_dp.bmp
    C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm2rolloverbase.bmp
    C:\ProgramData\Kiwee Toolbar\images\im_toolbarstextrollover.bmp
    C:\ProgramData\Kiwee Toolbar\images\send.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_eg.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_emoticons.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_eyeglass.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_gear.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_images.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_kiwee.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_msnlogo.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_news.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_text.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_videos.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_webshots.bmp
    C:\ProgramData\Kiwee Toolbar\images\toolbar_winks.bmp
    C:\ProgramData\Kiwee Toolbar\images\X.bmp
    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar
    C:\Program Files\Kiwee Toolbar
    C:\Program Files\Kiwee Toolbar\2.8.167
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox
    C:\Program Files\Kiwee Toolbar\2.8.167\kiweetoolbar.zip
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\firefox.xpi
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\install.rdf
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome\kiweetoolbar.jar
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.xpt
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.xpt
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\manifest.mf
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.rsa
    C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.sf

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Start Page"="https://www.orange.fr/portail"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Url"="https://www.msn.com/fr-fr/actualite/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
    "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Local Page"="C:\\windows\\system32\\blank.htm"

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\01 - Lloyd - Girls All Around THe World - DJ Felon Remix.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\02 - Shwayze - Corona And Lime.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\03 - Too hort - Blow The Whistle.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\04 - Missy Elliott - Ching A Ling.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\05 - Michael Jackson ft Fergie - Billie Jean 2008 - Kanye West Remix.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\06 - Diddy - Through The Pain.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\07 - Kanye West - Stronger.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\08 - Nelly - Bay Bay Bay.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\09 - E-40 ft Akon - Wake It Up.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\10 - Timbaland ft. Nelly Furtado- Give It To Me.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\11 - ONeal McKnight ft. Jermaine Dupri - Check Your Coat - Jearmaine Remix.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\12 - Madonna ft. Justin Timberlake Timbo - 4 Minutes To Save The World.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\13 - Craig David - Hot Stuff.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\14 - Lil Mama ft T-Pain - Shawty Get Loose.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\15 - The Federation - I Wear My Stunna Glasses At Nite.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\16 - Timbaland - The Way I Are.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\17 - Ludacris - What A Fool Believes - Benny Black Doobie Brothers Remix.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\18 - Nelly Furtado - Say It Right.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\19 - Estelle ft Kanye West - American Boy.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\20 - Three 6 Mafia - Lollipop.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\Distributed by Mininova.txt
    C:\Users\start\Documents\T‚l‚chargement termin‚\Acronis Disk Director 10 FR build 2161 (Partition suite) # Keygen inclus - par Ju#.7z
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007.zip
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\A lire.doc
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\key.txt
    C:\Users\start\Documents\T‚l‚chargement termin‚\Office 2007 Professional Plus SP2 FR\OFF12PPSP1FR\_Extras\Classic Menu for Office 2007 v4.00\keygen.exe
    C:\Users\start\Music\Documents\NI - Traktor Pro 1.0.1\crack

    [ UAC => 1 ]

    1 - "C:\ToolBar SD\TB_1.txt" - 29/05/2009|21:48 - Option : [1]

    -----------\\ Fin du rapport a 21:48:11,29
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    attention au crack !!!

    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007.zip
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\A lire.doc
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\key.txt
    C:\Users\start\Documents\T‚l‚chargement termin‚\Office 2007 Professional Plus SP2 FR\OFF12PPSP1FR\_Extras\Classic Menu for Office 2007 v4.00\keygen.exe
    C:\Users\start\Music\Documents\NI - Traktor Pro 1.0.1\crack

    surtout qu'il existe a la place de microsoft office, open office qui est la meme chose mais gratuit

    * Relance Toolbar-S&D en liquant droit et execute en administrateur sur le raccourci.

    * Tape sur "2" puis valide en appuyant sur "Entrée".

    /!\ Ne ferme pas la fenêtre lors de la suppression /!\

    * Un rapport sera généré, poste son contenu ici.

    * NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.

    puis fait un scan en ligne ici et poste le rapport http://www.bitdefender.fr/scan_fr/scan8/ie.html

    puis

    * Télécharge Malwarebytes
    http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebytes anti malware

    * Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
    * Lance une analyse complète en cliquant sur "Exécuter un examen complet"
    * Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
    * L'analyse peut durer un bon moment.....
    * Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
    * Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
    * Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum

    * Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
    0
    1. Guizo
       
      Salut j'ai fait l'analyse bit defender voila le rapport:

      BitDefender Online Scanner - Rapport virus en temps réel



      Généré à: Sat, May 30, 2009 - 15:08:49


      --------------------------------------------------------------------------------





      Info d'analyse



      Fichiers scannés
      140812

      Infectés Fichiers
      0








      Virus Détectés



      Aucun virus trouvé.











      --------------------------------------------------------------------------------



      Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
      0
  6. Guizo
     
    Salut et encore merci pour ton aide. Voila le rapport toolbar sd apres suppression:

    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2080 @ 1.73GHz )
    BIOS : Ver 1.00PARTTBL0
    USER : start ( Not Administrator ! )
    BOOT : Normal boot
    Antivirus : Norton Internet Security 2007 (Not Activated)
    Firewall : Norton Internet Security 2007 (Not Activated)
    C:\ (Local Disk) - NTFS - Total:147 Go (Free:12 Go)
    D:\ (USB)
    E:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [2] ( 30/05/2009|13:32 )

    [ UAC => 1 ]

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\Gossiper\GossiperToolbarHelper.exe
    Supprime! - C:\Program Files\Gossiper\INSTALL.LOG
    Supprime! - C:\Program Files\Gossiper\tbGoss.dll
    Supprime! - C:\Program Files\Gossiper\toolbar.cfg
    Supprime! - C:\Program Files\Gossiper\UNWISE.EXE
    Supprime! - C:\ProgramData\Kiwee Toolbar\config
    Supprime! - C:\ProgramData\Kiwee Toolbar\images
    Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar
    Supprime! - C:\Program Files\Kiwee Toolbar\2.8.167
    Supprime! - C:\Program Files\Gossiper
    Supprime! - C:\ProgramData\Kiwee Toolbar
    Supprime! - C:\Program Files\Kiwee Toolbar

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\windows\\system32\\blank.htm"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Start Page"="https://www.orange.fr/portail"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Url"="https://www.msn.com/fr-fr/actualite/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://www.msn.com/fr-fr/"
    "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
    "Local Page"="C:\\windows\\system32\\blank.htm"

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\01 - Lloyd - Girls All Around THe World - DJ Felon Remix.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\02 - Shwayze - Corona And Lime.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\03 - Too hort - Blow The Whistle.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\04 - Missy Elliott - Ching A Ling.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\05 - Michael Jackson ft Fergie - Billie Jean 2008 - Kanye West Remix.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\06 - Diddy - Through The Pain.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\07 - Kanye West - Stronger.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\08 - Nelly - Bay Bay Bay.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\09 - E-40 ft Akon - Wake It Up.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\10 - Timbaland ft. Nelly Furtado- Give It To Me.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\11 - ONeal McKnight ft. Jermaine Dupri - Check Your Coat - Jearmaine Remix.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\12 - Madonna ft. Justin Timberlake Timbo - 4 Minutes To Save The World.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\13 - Craig David - Hot Stuff.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\14 - Lil Mama ft T-Pain - Shawty Get Loose.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\15 - The Federation - I Wear My Stunna Glasses At Nite.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\16 - Timbaland - The Way I Are.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\17 - Ludacris - What A Fool Believes - Benny Black Doobie Brothers Remix.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\18 - Nelly Furtado - Say It Right.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\19 - Estelle ft Kanye West - American Boy.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\20 - Three 6 Mafia - Lollipop.mp3
    C:\Users\start\Desktop\Musique\Hip-Hop USA\DJ JP - Get Your Party Crackin ft. Timbaland Lil Wayne Kanye West Akon Nelly Furtado\Distributed by Mininova.txt
    C:\Users\start\Documents\T‚l‚chargement termin‚\Acronis Disk Director 10 FR build 2161 (Partition suite) # Keygen inclus - par Ju#.7z
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007.zip
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\A lire.doc
    C:\Users\start\Documents\T‚l‚chargement termin‚\Keygen Microsoft office FR 2007\key.txt
    C:\Users\start\Documents\T‚l‚chargement termin‚\Office 2007 Professional Plus SP2 FR\OFF12PPSP1FR\_Extras\Classic Menu for Office 2007 v4.00\keygen.exe
    C:\Users\start\Music\Documents\NI - Traktor Pro 1.0.1\crack

    [ UAC => 1 ]

    1 - "C:\ToolBar SD\TB_1.txt" - 29/05/2009|21:48 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 30/05/2009|13:41 - Option : [2]

    -----------\\ Fin du rapport a 13:41:22,01
    0
  7. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    ok passe a malwarebyte et poste le rapport
    0
  8. Guizo
     
    Salut voila le rapport malwarebytes:

    Malwarebytes' Anti-Malware 1.37
    Version de la base de données: 2196
    Windows 6.0.6001 Service Pack 1

    30/05/2009 17:50:44
    mbam-log-2009-05-30 (17-50-44).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|)
    Eléments examinés: 249725
    Temps écoulé: 2 hour(s), 26 minute(s), 39 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Miracle (Rogue.FixTool) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\desktop sms (Worm.P2P) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\Users\start\PerfectOptimizer.exe (Rogue.PerfectOptimizer) -> Quarantined and deleted successfully.
    c:\Windows\Tasks\PerfectOptimzier_OneClick.job (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
    0
  9. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    ok fait attention avec les logiciels de securité ou d'optimisation qui ne sont pas connu fait des recherches avant de les telecharger.

    est ce toi qui as installé ce programme ? PerfectOptimizer,

    fait ceci :

    • Télécharge Random's System Information Tool (RSIT) de Random/Random, et enregistre le sur ton Bureau.
    http://images.malwareremoval.com/random/RSIT.exe

    • clique droit et execute en administrateur sur RSIT.exe pour lancer l'outil.
    • Clique sur "Continue" à l'écran Disclaimer.
    • Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande) et tu devras accepter la licence.
    • Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
    0
    1. Guizo
       
      J'ai essayé de separé le rapport j'espere que c'est bien ça:

      Logfile of random's system information tool 1.06 (written by random/random)
      Run by start at 2009-05-30 18:25:53
      Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
      System drive C: has 12 GB (8%) free of 151 GB
      Total RAM: 1013 MB (17% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 18:26:27, on 30/05/2009
      Platform: Windows Vista SP1 (WinNT 6.00.1905)
      MSIE: Internet Explorer v8.00 (8.00.6001.18702)
      Boot mode: Normal

      Running processes:
      C:\Windows\System32\smss.exe
      C:\Windows\system32\csrss.exe
      C:\Windows\system32\wininit.exe
      C:\Windows\system32\csrss.exe
      C:\Windows\system32\services.exe
      C:\Windows\system32\lsass.exe
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\winlogon.exe
      C:\Windows\system32\svchost.exe
      C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
      C:\Windows\system32\svchost.exe
      C:\Windows\System32\svchost.exe
      C:\Windows\System32\svchost.exe
      C:\Windows\System32\svchost.exe
      C:\Windows\system32\svchost.exe
      C:\Windows\system32\svchost.exe
      C:\Windows\system32\SLsvc.exe
      C:\Windows\system32\svchost.exe
      C:\Windows\system32\svchost.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\svchost.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\Dwm.exe
      C:\Program Files\a-squared Anti-Malware\a2service.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files\Google\Update\GoogleUpdate.exe
      C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Windows\Explorer.EXE
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      C:\Windows\system32\svchost.exe
      C:\Windows\System32\msdtc.exe
      C:\Windows\System32\svchost.exe
      C:\Windows\System32\svchost.exe
      C:\Windows\system32\svchost.exe
      C:\Windows\system32\svchost.exe
      C:\Windows\system32\TODDSrv.exe
      C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
      C:\Windows\system32\UI0Detect.exe
      C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
      C:\Windows\System32\svchost.exe
      C:\Windows\system32\SearchIndexer.exe
      C:\Windows\system32\WUDFHost.exe
      C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\Windows\RtHDVCpl.exe
      C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
      C:\Windows\System32\igfxpers.exe
      C:\Windows\System32\hkcmd.exe
      C:\Program Files\Synaptics\SynTP\SynToshiba.exe
      C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
      C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
      C:\Program Files\a-squared Anti-Malware\a2guard.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\USB Disk Win98 Driver\Res.exe
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Windows\System32\rundll32.exe
      C:\Windows\ehome\ehmsas.exe
      C:\Program Files\OrangeHSS\Launcher\Launcher.exe
      C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
      C:\Program Files\OrangeHSS\systray\systrayapp.exe
      C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
      C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
      C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
      C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
      C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
      C:\Users\start\Desktop\RSIT.exe
      c:\program files\windows defender\MpCmdRun.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Users\start\Desktop\RSIT.exe
      C:\Program Files\trend micro\start.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo!
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
      O1 - Hosts: ::1 localhost
      O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
      O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
      O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
      O3 - Toolbar: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
      O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
      O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
      O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
      O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
      O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
      O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
      O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
      O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
      O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
      O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
      O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
      O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
      O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
      O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
      O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
      O4 - HKLM\..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
      O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
      O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\RunServices: [] Winreg.exe
      O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
      O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
      O13 - Gopher Prefix:
      O15 - Trusted Zone: http://*.mappy.com
      O15 - Trusted Zone: http://*.orange.fr
      O15 - Trusted Zone: http://rw.search.ke.voila.fr
      O15 - Trusted Zone: http://orange.weborama.fr
      O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{F43DE135-7EC4-4234-ADF1-B307F837E77E}: NameServer = 192.168.1.1
      O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
      O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      O23 - Service: Service Google Update (gupdate1c9bb79361eb80b) (gupdate1c9bb79361eb80b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - C:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
      O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
      O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
      O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
      O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
      O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
      0
    2. Guizo
       
      J'te donne la 2ème partie:

      ======Scheduled tasks folder======

      C:\Windows\tasks\Ad-Aware Update (Weekly).job
      C:\Windows\tasks\GoogleUpdateTaskMachine.job
      C:\Windows\tasks\User_Feed_Synchronization-{3037FDC8-E66C-4A01-909D-DA431392C1D2}.job

      ======Registry dump======

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
      &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
      Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
      C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-10-23 96984]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
      Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
      Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{988B07F5-7392-455A-8A1F-64935CB8B6ED}]
      BHO Barre de Confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
      Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-04 259696]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
      Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-04 668656]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
      Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-04 470512]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
      Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-28 35840]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
      SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      {90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-10-23 565960]
      {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
      {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - Barre de confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280]
      {0a452a47-c5a8-4854-a237-4b9b06b376f0}

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
      "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
      "HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2006-11-01 413696]
      "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2006-12-20 411768]
      "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-02-06 509496]
      "NDSTray.exe"=NDSTray.exe []
      "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
      "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-01-17 534648]
      "Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
      "topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-03-02 577536]
      "SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-11-01 438272]
      "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-02 835584]
      "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-28 148888]
      "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-18 4349952]
      "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-01-13 90191]
      "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-01-13 81920]
      "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-01-13 7766016]
      "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
      "Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-05-15 516440]
      "Persistence"=C:\Windows\system32\igfxpers.exe [2006-11-28 81920]
      "IgfxTray"=C:\Windows\system32\igfxtray.exe [2006-11-28 98304]
      "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2006-11-28 106496]
      "Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /a /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll []
      "PLFSet"=C:\Windows\PLFSet.dll [2007-04-24 45056]
      "KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
      "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248]
      "CardDetectorHUAWEI160"=C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe [2008-09-25 274432]
      "BEWINTERNET-FR-DMGP-V2SessionManager"=C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe [2008-09-25 131824]
      "a-squared"=C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe [2009-05-30 2940560]
      "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
      "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
      "USB Storage Toolbox"=C:\Program Files\USB Disk Win98 Driver\Res.EXE [2005-09-14 65536]
      "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
      "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]

      [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
      "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2006-11-13 413696]
      "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
      "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
      "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-04 39408]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
      C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-10-24 107112]

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
      HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
      C:\Windows\system32\igfxdev.dll [2006-11-28 212992]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
      "EnableLUA"=0
      "dontdisplaylastusername"=0
      "legalnoticecaption"=
      "legalnoticetext"=
      "shutdownwithoutlogon"=1
      "undockwithoutlogon"=1
      "FilterAdministratorToken"=1
      "EnableUIADesktopToggle"=0

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
      "C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
      "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1329d651-1873-11de-b9b8-001b38177ab6}]
      shell\AutoRun\command - F:\AutoRunCardDetector.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72740357-e889-11dd-adc9-001b38177ab6}]
      shell\AutoRun\command - F:\start.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dfb19c75-1a6a-11de-a37d-001b38177ab6}]
      shell\AutoRun\command - F:\AutoRunCardDetector.exe


      ======File associations======

      .js - edit - C:\Windows\System32\Notepad.exe %1
      .js - open - C:\Windows\System32\WScript.exe "%1" %*

      ======List of files/folders created in the last 2 months======

      2009-05-30 18:23:26 ----D---- C:\Program Files\trend micro
      2009-05-30 18:23:25 ----D---- C:\rsit
      2009-05-30 15:23:16 ----D---- C:\Users\start\AppData\Roaming\uTorrent
      2009-05-30 15:18:22 ----D---- C:\Users\start\AppData\Roaming\Malwarebytes
      2009-05-30 15:17:53 ----D---- C:\ProgramData\Malwarebytes
      2009-05-30 15:17:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
      2009-05-30 14:01:03 ----D---- C:\Windows\BDOSCAN8
      2009-05-29 21:45:44 ----A---- C:\TB.txt
      2009-05-29 21:44:38 ----D---- C:\ToolBar SD
      2009-05-29 17:35:20 ----D---- C:\Users\start\AppData\Roaming\dvdcss
      2009-05-29 17:34:33 ----D---- C:\Users\start\AppData\Roaming\vlc
      2009-05-29 17:29:32 ----D---- C:\Program Files\VideoLAN
      2009-05-28 15:13:46 ----D---- C:\Users\start\AppData\Roaming\Printer Info Cache
      2009-05-28 15:13:44 ----D---- C:\Users\start\AppData\Roaming\Image Zone Express
      2009-05-22 17:08:14 ----A---- C:\SmitfraudFix new 5.txt
      2009-05-19 14:12:20 ----D---- C:\ProgramData\WEBREG
      2009-05-19 14:11:41 ----D---- C:\Users\start\AppData\Roaming\HP
      2009-05-19 14:10:51 ----D---- C:\ProgramData\HPSSUPPLY
      2009-05-19 14:05:37 ----D---- C:\Program Files\Hewlett-Packard
      2009-05-19 14:05:37 ----D---- C:\Program Files\Common Files\Hewlett-Packard
      2009-05-19 14:05:00 ----D---- C:\Program Files\Common Files\HP
      2009-05-19 14:00:30 ----D---- C:\Program Files\HP
      2009-05-19 13:57:07 ----D---- C:\ProgramData\HP
      2009-05-19 13:56:57 ----A---- C:\Windows\system32\hpzids01.dll
      2009-05-19 13:56:56 ----A---- C:\Windows\system32\hpowiav1.dll
      2009-05-19 13:56:56 ----A---- C:\Windows\system32\hpovst01.dll
      2009-05-19 13:56:56 ----A---- C:\Windows\system32\hpotscl1.dll
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\WS2Fix.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\VCCLSID.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\VACFix.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\swxcacls.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\swsc.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\swreg.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\SrchSTS.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\Process.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\o4Patch.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\IEDFix.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\IEDFix.C.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\dumphive.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\Agent.OMZ.Fix.exe
      2009-05-18 15:23:45 ----A---- C:\Windows\system32\404Fix.exe
      2009-05-18 14:39:35 ----A---- C:\XES37F8.tmp
      2009-05-18 14:39:23 ----A---- C:\XES786.tmp
      2009-05-18 14:28:27 ----A---- C:\Windows\system32\lsdelete.exe
      2009-05-18 06:07:21 ----A---- C:\rapport Smitfraudfix new 3.txt
      2009-05-18 06:04:44 ----A---- C:\rapport Smitfraudfix new 2.txt
      2009-05-18 05:59:48 ----A---- C:\rapport Smitfraudfix new.txt
      2009-05-18 02:44:59 ----A---- C:\rapport Smitfraudfix 4.txt
      2009-05-18 02:27:30 ----A---- C:\rapport Smitfraudfix 3 dernier.txt
      2009-05-17 23:21:20 ----A---- C:\rapport Smitfraudfix 2.txt
      2009-05-17 23:15:38 ----A---- C:\Users\start\AppData\Roaming\SetValue.bat
      2009-05-17 23:15:38 ----A---- C:\Users\start\AppData\Roaming\GetValue.vbs
      2009-05-17 23:08:31 ----A---- C:\rapport Smitfraudfix.txt
      2009-05-17 23:05:26 ----A---- C:\Windows\system32\tmp.txt
      2009-05-17 23:05:22 ----A---- C:\rapport.txt
      2009-05-17 22:36:15 ----A---- C:\index.ini
      2009-05-15 13:12:28 ----D---- C:\Program Files\a-squared Anti-Malware
      2009-05-15 09:18:20 ----HDC---- C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}
      2009-05-15 09:17:08 ----D---- C:\ProgramData\Lavasoft
      2009-05-15 09:17:08 ----D---- C:\Program Files\Lavasoft
      2009-05-15 09:04:43 ----D---- C:\ProgramData\Spybot - Search & Destroy
      2009-05-15 09:04:43 ----D---- C:\Program Files\Spybot - Search & Destroy
      2009-05-15 08:26:17 ----AD---- C:\ProgramData\TEMP
      2009-05-13 23:01:46 ----D---- C:\ProgramData\eMule
      2009-05-13 19:36:00 ----D---- C:\Program Files\Common Files\DESIGNER
      2009-05-13 19:35:31 ----D---- C:\Program Files\Microsoft.NET
      2009-05-13 19:32:47 ----D---- C:\Program Files\Microsoft Visual Studio 8
      2009-05-13 19:31:35 ----D---- C:\Program Files\Microsoft Office
      2009-05-13 19:26:49 ----RHD---- C:\MSOCache
      2009-05-12 23:09:50 ----D---- C:\Program Files\mes données
      2009-05-12 18:35:23 ----D---- C:\Program Files\Webcamfirst
      2009-05-12 17:36:01 ----D---- C:\Windows\SUYIN NB Cam
      2009-05-12 17:35:59 ----A---- C:\Windows\system32\vsnp2uvc.dll
      2009-05-12 17:35:59 ----A---- C:\Windows\system32\rsnp2uvc.dll
      2009-05-12 17:35:59 ----A---- C:\Windows\PLFSet.dll
      2009-05-12 17:35:58 ----D---- C:\Program Files\Common Files\snp2uvc
      2009-05-12 17:35:58 ----A---- C:\Windows\system32\csnp2uvc.dll
      2009-05-12 07:17:39 ----A---- C:\Windows\system32\Autodial2000.dll
      2009-05-12 07:17:24 ----D---- C:\Program Files\OrangeHSS
      2009-05-11 17:38:22 ----D---- C:\Users\start\AppData\Roaming\agi
      2009-05-11 17:37:40 ----D---- C:\Program Files\AGI
      2009-05-11 06:43:51 ----D---- C:\Program Files\psx emulation cheater
      2009-05-11 04:14:09 ----D---- C:\Windows\Recent
      2009-05-11 04:14:08 ----D---- C:\Windows\APPLOG
      2009-05-11 01:50:08 ----A---- C:\Windows\winstart.bat
      2009-05-11 01:50:08 ----A---- C:\Windows\tmpdelis.bat
      2009-05-11 01:50:08 ----A---- C:\Windows\tmpcpyis.bat
      2009-05-11 01:43:15 ----A---- C:\Windows\IsUninst.exe
      2009-05-07 03:30:23 ----D---- C:\Windows\Minidump
      2009-05-03 20:35:44 ----D---- C:\Users\start\AppData\Roaming\fltk.org
      2009-05-03 03:53:07 ----D---- C:\Windows\system32\Adobe
      2009-04-22 14:00:38 ----A---- C:\Windows\system32\GEARAspi.dll
      2009-04-22 13:59:56 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
      2009-04-17 03:01:18 ----D---- C:\Program Files\uTorrent Acceleration Tool
      2009-04-17 02:55:25 ----HD---- C:\Windows\PIF
      2009-04-15 02:36:31 ----A---- C:\Windows\system32\rpcss.dll
      2009-04-15 02:36:31 ----A---- C:\Windows\system32\ntkrnlpa.exe
      2009-04-15 02:36:30 ----A---- C:\Windows\system32\ntoskrnl.exe
      2009-04-15 02:36:27 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
      2009-04-15 02:36:26 ----A---- C:\Windows\system32\sdohlp.dll
      2009-04-15 02:36:26 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
      2009-04-15 02:36:26 ----A---- C:\Windows\system32\iasrecst.dll
      2009-04-15 02:36:26 ----A---- C:\Windows\system32\iasdatastore.dll
      2009-04-15 02:36:25 ----A---- C:\Windows\system32\iashost.exe
      2009-04-15 02:36:25 ----A---- C:\Windows\system32\iasads.dll
      2009-04-15 02:36:21 ----A---- C:\Windows\system32\winhttp.dll
      2009-04-15 02:36:18 ----A---- C:\Windows\system32\xolehlp.dll
      2009-04-15 02:36:18 ----A---- C:\Windows\system32\msdtcprx.dll
      2009-04-15 02:35:39 ----A---- C:\Windows\system32\lsasrv.dll
      2009-04-15 02:35:38 ----A---- C:\Windows\system32\kernel32.dll
      2009-04-15 02:35:37 ----A---- C:\Windows\system32\secur32.dll
      2009-04-15 02:35:36 ----A---- C:\Windows\system32\apilogen.dll
      2009-04-15 02:35:36 ----A---- C:\Windows\system32\amxread.dll
      2009-04-13 02:23:23 ----D---- C:\Program Files\Zone Labs
      2009-04-13 02:19:14 ----D---- C:\ProgramData\CheckPoint
      2009-04-13 02:19:12 ----A---- C:\Windows\system32\vsutil(30).dll
      2009-04-13 02:18:32 ----D---- C:\Windows\Internet Logs
      2009-04-13 01:01:51 ----D---- C:\Program Files\Common Files\Scanner
      2009-04-05 13:34:47 ----D---- C:\Users\start\AppData\Roaming\CamfrogWEB
      2009-04-05 12:42:20 ----SHD---- C:\Users\start\AppData\Roaming\.#
      2009-04-05 10:44:49 ----A---- C:\Windows\system32\Trace.txt
      2009-04-03 19:47:01 ----D---- C:\Program Files\Bonjour
      2009-04-02 18:40:43 ----D---- C:\Program Files\Ask Search Assistant
      2009-04-02 08:31:21 ----D---- C:\ProgramData\AVS4YOU
      2009-04-02 08:31:20 ----D---- C:\Users\start\AppData\Roaming\AVS4YOU
      2009-04-02 08:30:49 ----D---- C:\Program Files\Common Files\AVSMedia
      2009-04-02 08:30:49 ----A---- C:\Windows\system32\msxml3a.dll
      2009-04-02 05:11:49 ----D---- C:\Program Files\uTorrent SpeedUp Pro
      2009-04-02 01:50:54 ----D---- C:\Program Files\iPod
      2009-04-02 01:50:52 ----D---- C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
      2009-04-02 01:50:52 ----D---- C:\Program Files\iTunes
      2009-04-02 01:45:34 ----D---- C:\Program Files\Safari
      2009-04-02 01:44:40 ----D---- C:\Program Files\Bonjour(9)
      2009-04-02 01:43:14 ----D---- C:\Program Files\QuickTime

      ======List of files/folders modified in the last 2 months======

      2009-05-30 18:26:14 ----D---- C:\Windows\Temp
      2009-05-30 18:23:48 ----D---- C:\Windows\Prefetch
      2009-05-30 18:23:26 ----D---- C:\Program Files
      2009-05-30 18:07:26 ----D---- C:\Windows\system32\drivers
      2009-05-30 18:04:40 ----SD---- C:\Users\start\AppData\Roaming\Microsoft
      2009-05-30 18:02:02 ----D---- C:\Windows\System32
      2009-05-30 17:50:44 ----D---- C:\Windows\Tasks
      2009-05-30 15:17:53 ----HD---- C:\ProgramData
      2009-05-30 14:01:06 ----SD---- C:\Windows\Downloaded Program Files
      2009-05-30 14:01:03 ----D---- C:\Windows
      2009-05-30 06:42:34 ----SHD---- C:\System Volume Information
      2009-05-29 23:37:18 ----D---- C:\Program Files\Mozilla Firefox
      2009-05-29 17:55:12 ----D---- C:\Windows\system32\wbem
      2009-05-29 17:54:28 ----D---- C:\Windows\system32\config
      2009-05-29 17:53:56 ----D---- C:\Windows\system32\spool
      2009-05-29 17:53:56 ----D---- C:\Windows\system32\catroot2
      2009-05-29 17:53:56 ----D---- C:\Windows\inf
      2009-05-29 17:53:54 ----D---- C:\Windows\registration
      2009-05-27 22:24:10 ----D---- C:\Windows\winsxs
      2009-05-27 22:24:10 ----D---- C:\Program Files\Internet Explorer
      2009-05-27 18:33:04 ----D---- C:\Windows\system32\catroot
      2009-05-26 20:02:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
      2009-05-26 02:06:40 ----D---- C:\Program Files\uTorrent
      2009-05-25 21:59:07 ----SHD---- C:\Windows\Installer
      2009-05-25 17:47:17 ----D---- C:\ProgramData\Microsoft Help
      2009-05-19 14:11:24 ----A---- C:\Windows\win.ini
      2009-05-19 14:05:45 ----D---- C:\Windows\twain_32
      2009-05-19 14:05:37 ----D---- C:\Program Files\Common Files
      2009-05-19 12:36:08 ----D---- C:\Windows\Downloaded Installations
      2009-05-19 11:43:34 ----D---- C:\Windows\ShellNew
      2009-05-18 15:19:48 ----HD---- C:\Program Files\InstallShield Installation Information
      2009-05-18 14:52:12 ----D---- C:\Program Files\OpenOffice.org 3
      2009-05-18 07:51:34 ----D---- C:\Windows\system32\Tasks
      2009-05-15 09:21:40 ----DC---- C:\Windows\system32\DRVSTORE
      2009-05-15 08:04:14 ----D---- C:\Users\start\AppData\Roaming\OnlineStorage
      2009-05-15 07:47:40 ----D---- C:\Program Files\WinRAR
      2009-05-13 22:41:16 ----D---- C:\Windows\Debug
      2009-05-13 20:33:41 ----RSD---- C:\Windows\Fonts
      2009-05-13 20:31:29 ----D---- C:\Program Files\Common Files\microsoft shared
      2009-05-13 20:30:59 ----D---- C:\Program Files\Common Files\System
      2009-05-13 19:55:00 ----RSD---- C:\Windows\assembly
      2009-05-13 19:36:32 ----D---- C:\Program Files\MSBuild
      2009-05-13 19:35:32 ----SD---- C:\ProgramData\Microsoft
      2009-05-13 03:01:40 ----D---- C:\Program Files\Windows Mail
      2009-05-12 17:41:06 ----D---- C:\Program Files\Camera Assistant Software for Toshiba
      2009-05-12 01:49:13 ----D---- C:\Windows\system32\Msdtc
      2009-05-12 01:47:47 ----D---- C:\Windows\system32\CodeIntegrity
      2009-05-12 01:47:37 ----D---- C:\Users\start\AppData\Roaming\Audacity
      2009-05-12 01:47:25 ----D---- C:\Program Files\Messenger Plus! Live
      2009-05-11 01:50:08 ----A---- C:\Windows\wininit.ini
      2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
      2009-05-04 17:15:18 ----D---- C:\Program Files\Google
      2009-05-03 17:52:20 ----D---- C:\Program Files\CA Yahoo! Anti-Spy
      2009-05-03 04:04:19 ----D---- C:\Users\start\AppData\Roaming\Mozilla
      2009-05-03 03:58:21 ----D---- C:\ProgramData\Google
      2009-05-03 00:54:55 ----D---- C:\Windows\ehome
      2009-04-24 22:50:29 ----A---- C:\Windows\avisplitter.INI
      2009-04-22 13:48:21 ----D---- C:\ProgramData\Adobe
      2009-04-22 13:48:08 ----D---- C:\Program Files\Common Files\Adobe
      2009-04-22 13:48:08 ----D---- C:\Program Files\Adobe
      2009-04-20 19:35:39 ----RD---- C:\Users
      2009-04-15 04:31:15 ----D---- C:\Windows\system32\manifeststore
      2009-04-15 04:31:15 ----D---- C:\Windows\AppPatch
      2009-04-13 10:16:02 ----SHD---- C:\$Recycle.Bin
      2009-04-12 16:18:08 ----D---- C:\Program Files\DivX
      2009-04-12 16:16:51 ----D---- C:\Program Files\Common Files\DivX Shared
      2009-04-12 10:44:18 ----D---- C:\Windows\system32\LogFiles
      2009-04-05 21:59:44 ----D---- C:\Windows\ModemLogs
      2009-04-04 22:11:18 ----A---- C:\Windows\yesmessenger.ini
      2009-04-02 07:02:58 ----D---- C:\Program Files\Windows Media Player
      2009-04-02 02:38:13 ----D---- C:\Users\start\AppData\Roaming\Apple Computer
      2009-04-02 01:50:53 ----D---- C:\Program Files\Common Files\Apple
      2009-04-01 20:38:37 ----D---- C:\Program Files\CDBurnerXP
      2009-04-01 20:36:37 ----D---- C:\Program Files\Synaptics
      2009-04-01 20:36:37 ----D---- C:\Program Files\CCleaner
      2009-04-01 20:28:54 ----D---- C:\Users\start\AppData\Roaming\uTorrent(111)

      ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

      R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
      R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
      R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
      R1 CbFs;CbFs; \??\C:\Windows\system32\drivers\cbfs32.sys [2009-01-21 137384]
      R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080415.002\IDSvix86.sys [2008-02-13 261680]
      R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-02-26 5632]
      R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-10-03 187952]
      R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
      R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
      R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
      R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
      R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
      R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
      R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 1476096]
      R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-18 1729632]
      R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2008-06-27 27072]
      R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
      R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
      R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-02-07 1729152]
      R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-01-12 124464]
      R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-02 182328]
      R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
      R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
      R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
      S3 ASAPIW2K;ASAPIW2K; C:\Windows\System32\Drivers\ASAPIW2K.sys [2003-11-28 11264]
      S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys []
      S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
      S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
      S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
      S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
      S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2008-08-14 36512]
      S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
      S3 HDJAsioK;HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys []
      S3 HDJMidi;Hercules DJ Console MIDI; C:\Windows\system32\DRIVERS\HDJMidi.sys [2007-02-08 41984]
      S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-05-27 101504]
      S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2008-08-20 100224]
      S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 1476096]
      S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
      S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
      S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
      S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
      S3 NETw3v32;Pilote de carte Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
      S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-01-13 4452288]
      S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2008-06-27 28224]
      S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
      S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
      S3 ssm_mdm;SAMSUNG Mobile USB Port II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
      S3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2008-10-03 12848]
      S3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2008-10-03 146096]
      S3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2008-10-03 39984]
      S3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2008-10-03 37936]
      S3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-10-03 27696]
      S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
      S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
      S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
      S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-11-07 32000]
      S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
      S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
      S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
      S3 UVCFTR;UVCFTR; C:\Windows\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
      S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
      S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
      S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
      S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

      ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

      R2 a2AntiMalware;a-squared Anti-Malware Service; C:\Program Files\a-squared Anti-Malware\a2service.exe [2009-05-30 717320]
      R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
      R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
      R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
      R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
      R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
      R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-09-25 69632]
      R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
      R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-05-15 953168]
      R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
      R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
      R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
      R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
      R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-20 428152]
      R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
      R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
      R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
      R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
      R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
      R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
      S2 gupdate1c9bb79361eb80b;Service Google Update (gupdate1c9bb79361eb80b); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-12 133104]
      S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-04 182768]
      S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
      S3 ISPwdSvc;Validation de mot de passe Symantec IS; C:\Program Files\Norton Internet Security\isPwdSvc.exe []
      S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
      S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
      S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
      S4 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
      S4 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
      S4 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
      S4 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2006-10-13 49296]
      S4 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
      S4 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll []
      S4 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-03-12 1251720]
      S4 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-09-20 46736]

      -----------------EOF-----------------
      0
  10. Guizo
     
    Salut oui c'est moi qui est installé perfect optimiser. J'ai fait l'analyse RSIT voila le rapport par contre j'en ai eu qu'un et pas deux:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by start at 2009-05-30 18:25:53
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 12 GB (8%) free of 151 GB
    Total RAM: 1013 MB (17% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:26:27, on 30/05/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\msdtc.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Windows\system32\UI0Detect.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\Synaptics\SynTP\SynToshiba.exe
    C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
    C:\Program Files\a-squared Anti-Malware\a2guard.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\USB Disk Win98 Driver\Res.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
    C:\Users\start\Desktop\RSIT.exe
    c:\program files\windows defender\MpCmdRun.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\start\Desktop\RSIT.exe
    C:\Program Files\trend micro\start.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo!
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
    O3 - Toolbar: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
    O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
    O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
    O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\RunServices: [] Winreg.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://*.mappy.com
    O15 - Trusted Zone: http://*.orange.fr
    O15 - Trusted Zone: http://rw.search.ke.voila.fr
    O15 - Trusted Zone: http://orange.weborama.fr
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F43DE135-7EC4-4234-ADF1-B307F837E77E}: NameServer = 192.168.1.1
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Service Google Update (gupdate1c9bb79361eb80b) (gupdate1c9bb79361eb80b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - C:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    0
  11. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    juste au passage avant la suite Perfetc optimiser est un rogue, c'est un faux logiciel qui est en réalité un virus donc ne t'etonne pas de + le retrouver normalement il a ete supprimé :) , si tu trouve encore des traces de ce logiciel supprime les.

    bon il te reste des cochonnerie :

    Fait un scan en ligne ici et poste le rapport en entier : http://www.bitdefender.fr/scan_fr/scan8/ie.html

    au passage il te reste des traces de NOrton desinstalle le completement avec sa :

    http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924

    ensuite tu as beaucoup d'antispyware pour pas grand chose et en plus il ont tous des des resident ACTIVé ton PC doit ramer a fond !!!

    desactive le TEA timer de spybot (d'ailleur j'aurai te le dire avant) et si tu le remet a la fin de la desinfection accepte TOUTES les modif de registre.

    arrete aussi le resident de a-squared Anti-Malware. tu doit garder 1 guard en temps réel pour ton antivirus et une pour ton antispyware la tu as 4 guard en temps réel qui te fond ramé le PC, qui doivent entré en conflit etc...en plus tu es moins protege.

    Un conseil desinstalle a-squared Anti-Malware completement et arrete le tea timer de spybot en allant dans les options de spybot et decoche utilisé le resident
    0
  12. Guizo
     
    Salut j'ai viré a-squared et ad-aware et g arrété le resident de spybot. Par contre c'es quoi le tea-timer de spybot? J'ai pas trouvé. Sinon j'arrive pas a desinstallé norton meme en suivant ton lien et en plus je n'ai pas le cd de norton. Et une derniere chose je voulais savoir si spybot est un spyware ou un antivirus? La je vais faire l'analyse bit defender et je te poste le rapport. Merci
    0
  13. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    en fait le tea timer de spybot c'est le resident donc apparamment tu m'as desactivé .

    sa doit deja moins ramer, tu feras ceci pour eliminer les traces de desinstallation c'est un nettoyeur :

    telecharge et installe CCleaner DECOCHE L'installation de la yahoo toolbar puis va dans /option/avancé et decoche la premiere case puis va dans onglet registre et fichier temporaire et lance plusieurs nettoyage jusqu'a trouver 0erreur et ne fait pas de sauvegarde des elements.

    en attente du scan en ligne
    0
  14. Guizo
     
    J'ai reussi a viré norton. Voila le rapport bitdefender:

    BitDefender Online Scanner - Rapport virus en temps réel

    Généré à: Sat, May 30, 2009 - 22:55:28

    --------------------------------------------------------------------------------

    Info d'analyse

    Fichiers scannés
    140211

    Infectés Fichiers
    0

    Virus Détectés

    Aucun virus trouvé.

    --------------------------------------------------------------------------------

    Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
    0
  15. g!rly Messages postés 18462 Statut Contributeur 407
     
    _______*#####*
    ____*##########*
    __*##############
    __################
    _##################_________**####*
    __##################_____*##########
    __##################___*#############
    ___#################*_###############*
    ____#################################*
    ______###############################
    _______#############################* __________
    ________*##########################__________
    __________########################
    ___________*####################*
    ____________*##################
    _____________*###############
    _______________#############
    ________________##########
    ________________*#######*
    _________________######
    __________________####
    __________________###
    ___________________#
    0
  16. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    salut g!rly tu vas bien ? :)

    guizo :

    telecharge sur ton BUREAU combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    DESACTIVE ton antivirus et TOUtes tes defence et deconnecte toi d'internet

    lance le suit les indication et ne touche a rien durant le scan meme pas a la souris sous risque de faire bug le PC et poste le rapport a la fin
    0
    1. Guizo
       
      Salut, j'ai passer RSIT:


      Logfile of random's system information tool 1.06 (written by random/random)
      Run by start at 2009-05-31 23:01:59
      Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
      System drive C: has 19 GB (13%) free of 151 GB
      Total RAM: 1013 MB (15% free)

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 23:02:24, on 31/05/2009
      Platform: Windows Vista SP1 (WinNT 6.00.1905)
      MSIE: Internet Explorer v8.00 (8.00.6001.18702)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\Dwm.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Java\jre6\bin\jusched.exe
      C:\Program Files\Synaptics\SynTP\SynToshiba.exe
      C:\Windows\RtHDVCpl.exe
      C:\Windows\System32\igfxpers.exe
      C:\Windows\System32\hkcmd.exe
      C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
      C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\USB Disk Win98 Driver\Res.exe
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Windows\ehome\ehmsas.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\Windows\system32\conime.exe
      C:\Windows\Explorer.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Windows Defender\MSASCui.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\uTorrent\uTorrent.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Users\start\Desktop\RSIT.exe
      C:\Users\start\Desktop\start.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
      O1 - Hosts: ::1 localhost
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
      O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
      O3 - Toolbar: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
      O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
      O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
      O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
      O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
      O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
      O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
      O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
      O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
      O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
      O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
      O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
      O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
      O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
      O4 - HKLM\..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe
      O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
      O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
      O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
      O13 - Gopher Prefix:
      O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/...
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{F43DE135-7EC4-4234-ADF1-B307F837E77E}: NameServer = 192.168.1.1
      O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
      O23 - Service: Service Google Update (gupdate1c9bb79361eb80b) (gupdate1c9bb79361eb80b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
      O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
      O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
      O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
      0
  17. g!rly Messages postés 18462 Statut Contributeur 407
     
    love ya`

                                 |
                             .   |
                                 |
                   \    *        |     *    .  /
                     \        *  |  .        /
                  .    \     ___---___     /    .  
                         \.--         --./     
              ~-_    *  ./               \.   *   _-~
                 ~-_   /    ^         ^    \   _-~     *
            *       ~-/    ___       ___    \-~        
              .      |    (_O_)     (_O_)    |      .
                  * |                         | *     
         -----------|                         |-----------
           .        |    <               >    |        .    
                 *   |    \             /    | *
                    _-\    `.         .'    /-_    *
              .  _-~ . \     `-.___.-'     /   ~-_     
              _-~       `\               /'*      ~-_  
             ~           /`--___   ___--'\           ~
                    *  /        ---     .  \   
                     /     *     |           \   
                   /             |   *         \ 
                              .  |        .
                                 |
    0
  18. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    et ben dit ya une page entiere rempli g!rly :) tu es en forme ce matin

    en plus j'ai vu que tu fait un combat avec chiquitine de celui qui aura le meilleur poste en dessin, chiquitine en a vraiment des pas mal ;)
    0
  19. g!rly Messages postés 18462 Statut Contributeur 407
     
    set vs horus .)
    0
  20. Guizo
     
    Salut et encore merci de continuer de m'aider. J'ai encore beaucoup de saloperies ou pas? J'ai passé comboFix voila le rapport:

    ComboFix 09-05-30.03 - start 31/05/2009 7:38.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.1013.408 [GMT 2:00]
    Lancé depuis: c:\users\start\Desktop\ComboFix.exe
    SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
    SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\users\start\AppData\Roaming\.#
    c:\windows\system32\404Fix.exe
    c:\windows\system32\Agent.OMZ.Fix.exe
    c:\windows\system32\dumphive.exe
    c:\windows\system32\IEDFix.C.exe
    c:\windows\system32\IEDFix.exe
    c:\windows\system32\Ijl11.dll
    c:\windows\system32\o4Patch.exe
    c:\windows\system32\Process.exe
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\tmp.reg
    c:\windows\system32\VACFix.exe
    c:\windows\system32\VCCLSID.exe
    c:\windows\system32\WS2Fix.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-28 au 2009-05-31 ))))))))))))))))))))))))))))))))))))
    .

    2009-05-30 18:11 . 2009-05-30 18:11 -------- d-----w c:\programdata\NortonInstaller
    2009-05-30 16:23 . 2009-05-30 16:26 -------- d-----w c:\program files\trend micro
    2009-05-30 16:23 . 2009-05-30 16:24 -------- d-----w C:\rsit
    2009-05-30 13:23 . 2009-05-31 05:33 -------- d-----w c:\users\start\AppData\Roaming\uTorrent
    2009-05-30 13:18 . 2009-05-30 13:18 -------- d-----w c:\users\start\AppData\Roaming\Malwarebytes
    2009-05-30 13:17 . 2009-05-26 11:20 40160 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2009-05-30 13:17 . 2009-05-30 13:18 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
    2009-05-30 13:17 . 2009-05-30 13:17 -------- d-----w c:\programdata\Malwarebytes
    2009-05-30 13:17 . 2009-05-26 11:19 19096 ----a-w c:\windows\system32\drivers\mbam.sys
    2009-05-30 12:01 . 2009-05-30 19:54 -------- d-----w c:\windows\BDOSCAN8
    2009-05-29 19:44 . 2009-05-30 11:41 -------- d-----w C:\ToolBar SD
    2009-05-29 15:35 . 2009-05-29 15:36 -------- d-----w c:\users\start\AppData\Roaming\dvdcss
    2009-05-29 15:34 . 2009-05-29 15:39 -------- d-----w c:\users\start\AppData\Roaming\vlc
    2009-05-29 15:29 . 2009-05-29 15:29 -------- d-----w c:\program files\VideoLAN
    2009-05-28 13:13 . 2009-05-28 13:13 -------- d-----w c:\users\start\AppData\Roaming\Printer Info Cache
    2009-05-28 13:13 . 2009-05-28 13:13 -------- d-----w c:\users\start\AppData\Roaming\Image Zone Express
    2009-05-26 16:58 . 2009-05-26 16:58 552 ----a-w c:\users\start\AppData\Local\d3d8caps.dat
    2009-05-20 02:34 . 2009-05-20 02:34 -------- d-----w c:\users\start\Jeux de Nes
    2009-05-19 12:12 . 2009-05-19 12:12 -------- d-----w c:\programdata\WEBREG
    2009-05-19 12:11 . 2009-05-25 15:19 -------- d-----w c:\users\start\AppData\Roaming\HP
    2009-05-19 12:10 . 2009-05-19 12:10 -------- d-----w c:\programdata\HPSSUPPLY
    2009-05-19 12:05 . 2009-05-19 12:05 -------- d-----w c:\program files\Hewlett-Packard
    2009-05-19 12:05 . 2009-05-19 12:05 -------- d-----w c:\program files\Common Files\Hewlett-Packard
    2009-05-19 12:05 . 2009-05-19 12:10 -------- d-----w c:\program files\Common Files\HP
    2009-05-19 12:00 . 2009-05-19 12:10 -------- d-----w c:\program files\HP
    2009-05-19 11:57 . 2009-05-19 12:13 164400 ----a-w c:\windows\hpoins19.dat
    2009-05-19 11:57 . 2009-05-19 12:42 -------- d-----w c:\programdata\HP
    2009-05-19 11:56 . 2006-11-20 21:36 258048 ----a-w c:\windows\system32\hpzids01.dll
    2009-05-19 11:56 . 2006-12-16 06:19 675840 ----a-w c:\windows\system32\hpowiav1.dll
    2009-05-19 11:56 . 2006-12-16 06:19 303104 ----a-w c:\windows\system32\hpovst01.dll
    2009-05-19 11:56 . 2006-12-16 06:19 573440 ----a-w c:\windows\system32\hpotscl1.dll
    2009-05-19 11:56 . 2007-03-13 19:55 26952 ----a-w c:\windows\hpomdl19.dat
    2009-05-17 21:15 . 2009-05-22 15:05 35 ----a-w c:\users\start\AppData\Roaming\SetValue.bat
    2009-05-15 11:12 . 2009-05-30 18:01 -------- d-----w c:\program files\a-squared Anti-Malware
    2009-05-15 07:17 . 2009-05-30 17:45 -------- d-----w c:\programdata\Lavasoft
    2009-05-15 07:17 . 2009-05-30 17:45 -------- d-----w c:\program files\Lavasoft
    2009-05-15 07:04 . 2009-05-30 17:33 -------- d-----w c:\programdata\Spybot - Search & Destroy
    2009-05-15 07:04 . 2009-05-15 14:43 -------- d-----w c:\program files\Spybot - Search & Destroy
    2009-05-13 21:01 . 2009-05-13 21:01 -------- d-----w c:\programdata\eMule
    2009-05-13 21:01 . 2009-05-13 21:42 -------- d-----w c:\users\start\AppData\Local\eMule
    2009-05-13 17:35 . 2009-05-13 17:35 -------- d-----w c:\program files\Microsoft.NET
    2009-05-13 17:32 . 2009-05-13 17:32 -------- d-----w c:\program files\Microsoft Visual Studio 8
    2009-05-13 17:26 . 2009-05-13 17:26 -------- d--h--r C:\MSOCache
    2009-05-12 21:10 . 2009-01-21 13:25 137384 ----a-w c:\windows\system32\drivers\cbfs32.sys
    2009-05-12 21:09 . 2009-05-12 21:10 -------- d-----w c:\program files\mes données
    2009-05-12 16:35 . 2009-05-30 17:49 -------- d-----w c:\program files\Webcamfirst
    2009-05-12 15:36 . 2009-05-12 15:36 -------- d-----w c:\windows\SUYIN NB Cam
    2009-05-12 15:35 . 2007-04-24 09:49 45056 ----a-w c:\windows\PLFSet.dll
    2009-05-12 15:35 . 2007-04-02 16:40 172032 ----a-w c:\windows\system32\rsnp2uvc.dll
    2009-05-12 15:35 . 2007-02-07 16:35 1729152 ----a-w c:\windows\system32\drivers\snp2uvc.sys
    2009-05-12 15:35 . 2006-12-28 09:21 27904 ----a-w c:\windows\system32\drivers\sncduvc.sys
    2009-05-12 15:35 . 2006-11-07 13:17 286720 ----a-w c:\windows\system32\vsnp2uvc.dll
    2009-05-12 15:35 . 2009-05-12 15:35 -------- d-----w c:\program files\Common Files\snp2uvc
    2009-05-12 15:35 . 2005-11-23 11:55 53248 ----a-w c:\windows\system32\csnp2uvc.dll
    2009-05-12 05:17 . 2007-12-11 18:22 65536 ----a-w c:\windows\system32\Autodial2000.dll
    2009-05-12 05:17 . 2009-05-12 05:31 -------- d-----w c:\program files\OrangeHSS
    2009-05-11 15:38 . 2009-05-11 15:39 -------- d-----w c:\users\start\AppData\Roaming\agi
    2009-05-11 15:37 . 2009-05-11 15:37 -------- d-----w c:\program files\AGI
    2009-05-11 04:43 . 2009-05-11 04:43 -------- d-----w c:\program files\psx emulation cheater
    2009-05-11 02:14 . 2009-05-11 23:47 -------- d-----w c:\windows\Recent
    2009-05-11 02:14 . 2009-05-11 23:47 -------- d-----w c:\windows\APPLOG
    2009-05-10 23:50 . 2009-05-10 23:50 26 ----a-w c:\windows\winstart.bat
    2009-05-10 23:50 . 2009-05-10 23:50 141 ----a-w c:\windows\tmpcpyis.bat
    2009-05-10 23:50 . 2009-05-10 23:50 122 ----a-w c:\windows\tmpdelis.bat
    2009-05-10 23:43 . 1998-07-30 10:51 305152 ----a-w c:\windows\IsUninst.exe
    2009-05-05 13:19 . 2009-05-15 06:09 90 ----a-w c:\users\start\AppData\Local\kcyss.bat
    2009-05-03 18:35 . 2009-05-03 18:35 -------- d-----w c:\users\start\AppData\Roaming\fltk.org
    2009-05-03 01:53 . 2009-05-03 01:53 -------- d-----w c:\windows\system32\Adobe
    2009-05-03 01:51 . 2009-05-24 11:18 153024 ---ha-w c:\windows\system32\mlfcache.dat
    2009-05-03 01:33 . 2009-05-03 17:12 -------- d-----w c:\users\start\Jeux console

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-30 19:50 . 2008-01-24 19:28 -------- d-----w c:\program files\Yahoo!
    2009-05-30 18:14 . 2007-03-08 10:40 -------- d-----w c:\program files\Common Files\Symantec Shared
    2009-05-26 18:02 . 2006-11-02 15:48 672322 ----a-w c:\windows\system32\perfh00C.dat
    2009-05-26 18:02 . 2006-11-02 15:48 124434 ----a-w c:\windows\system32\perfc00C.dat
    2009-05-26 00:06 . 2008-02-19 14:18 -------- d-----w c:\program files\uTorrent
    2009-05-25 15:58 . 2009-03-28 06:47 1 ----a-w c:\users\start\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
    2009-05-25 15:47 . 2008-02-07 15:53 -------- d-----w c:\programdata\Microsoft Help
    2009-05-22 15:05 . 2009-05-17 21:15 691 ----a-w c:\users\start\AppData\Roaming\GetValue.vbs
    2009-05-18 13:19 . 2007-03-08 09:52 -------- d--h--w c:\program files\InstallShield Installation Information
    2009-05-18 12:53 . 2009-04-01 23:50 -------- d-----w c:\program files\iPod
    2009-05-18 12:52 . 2009-03-28 05:58 -------- d-----w c:\program files\OpenOffice.org 3
    2009-05-18 12:41 . 2009-04-02 03:11 -------- d-----w c:\program files\uTorrent SpeedUp Pro
    2009-05-18 12:39 . 2009-05-18 12:39 0 ----a-w C:\XES37F8.tmp
    2009-05-18 12:39 . 2009-05-18 12:39 0 ----a-w C:\XES786.tmp
    2009-05-15 06:04 . 2009-04-17 01:01 -------- d-----w c:\program files\uTorrent Acceleration Tool
    2009-05-15 06:04 . 2009-03-27 01:28 -------- d-----w c:\users\start\AppData\Roaming\OnlineStorage
    2009-05-13 22:08 . 2009-03-02 15:45 116120 ----a-w c:\windows\system32\GDIPFONTCACHEV1.DAT
    2009-05-13 17:36 . 2006-11-02 12:37 -------- d-----w c:\program files\MSBuild
    2009-05-13 01:01 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
    2009-05-12 21:10 . 2009-05-12 21:09 -------- d-----w c:\program files\mes données
    2009-05-12 15:41 . 2008-01-22 17:01 -------- d-----w c:\program files\Camera Assistant Software for Toshiba
    2009-05-11 23:47 . 2009-03-24 13:19 -------- d-----w c:\users\start\AppData\Roaming\Audacity
    2009-05-11 23:47 . 2009-02-04 01:20 -------- d-----w c:\program files\Messenger Plus! Live
    2009-05-05 12:37 . 2009-03-28 02:54 88 ----a-w c:\users\start\AppData\Local\muqog.bat
    2009-05-04 15:15 . 2009-03-30 19:49 -------- d-----w c:\program files\Google
    2009-05-03 15:52 . 2009-03-30 17:54 -------- d-----w c:\program files\CA Yahoo! Anti-Spy
    2009-04-28 09:19 . 2009-04-28 09:19 -------- d-----w c:\users\Wizgo.PC-DE-GUILLAUME\AppData\Roaming\OnlineStorage
    2009-04-22 12:00 . 2009-04-22 11:59 -------- d-----w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-04-22 12:00 . 2009-04-01 23:50 -------- d-----w c:\program files\iTunes
    2009-04-22 11:55 . 2009-04-22 11:55 75048 ----a-w c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
    2009-04-22 11:48 . 2008-06-18 21:45 -------- d-----w c:\program files\Common Files\Adobe
    2009-04-13 08:24 . 2009-04-13 08:24 -------- d-----w c:\users\Wizgo.PC-DE-GUILLAUME\AppData\Roaming\Yahoo!
    2009-04-13 08:23 . 2009-04-13 08:21 -------- d-----w c:\users\Wizgo.PC-DE-GUILLAUME\AppData\Roaming\uTorrent
    2009-04-13 08:18 . 2009-04-13 08:18 -------- d-----w c:\users\Wizgo.PC-DE-GUILLAUME\AppData\Roaming\DivX
    2009-04-13 08:17 . 2009-04-13 08:17 114568 ----a-w c:\users\Wizgo.PC-DE-GUILLAUME\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-04-13 00:23 . 2009-04-13 00:23 -------- d-----w c:\program files\Zone Labs
    2009-04-13 00:19 . 2009-04-13 00:19 -------- d-----w c:\programdata\CheckPoint
    2009-04-12 23:01 . 2009-04-12 23:01 -------- d-----w c:\program files\Common Files\Scanner
    2009-04-12 14:18 . 2008-01-24 19:28 -------- d-----w c:\program files\DivX
    2009-04-12 14:16 . 2009-03-26 16:26 -------- d-----w c:\program files\Common Files\DivX Shared
    2009-04-05 20:17 . 2009-04-01 23:43 -------- d-----w c:\program files\QuickTime
    2009-04-05 11:39 . 2009-04-05 11:34 -------- d-----w c:\users\start\AppData\Roaming\CamfrogWEB
    2009-04-03 19:06 . 2009-04-02 06:30 -------- d-----w c:\program files\Common Files\AVSMedia
    2009-04-03 17:49 . 2009-04-01 23:45 -------- d-----w c:\program files\Safari
    2009-04-03 17:47 . 2009-04-03 17:47 -------- d-----w c:\program files\Bonjour
    2009-04-02 06:31 . 2009-04-02 06:31 -------- d-----w c:\programdata\AVS4YOU
    2009-04-02 06:31 . 2009-04-02 06:31 -------- d-----w c:\users\start\AppData\Roaming\AVS4YOU
    2009-04-02 05:13 . 2009-04-01 23:44 -------- d-----w c:\program files\Bonjour(9)
    2009-04-02 04:47 . 2008-01-22 16:49 8224 ----a-w c:\users\start\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-04-02 00:38 . 2008-03-21 21:54 -------- d-----w c:\users\start\AppData\Roaming\Apple Computer
    2009-04-01 23:51 . 2009-04-01 23:50 -------- d-----w c:\programdata\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
    2009-04-01 23:50 . 2008-03-21 21:47 -------- d-----w c:\program files\Common Files\Apple
    2009-04-01 18:38 . 2009-03-30 19:34 -------- d-----w c:\program files\CDBurnerXP
    2009-04-01 18:36 . 2009-02-26 01:13 -------- d-----w c:\program files\CCleaner
    2009-04-01 18:36 . 2008-01-22 16:40 -------- d-----w c:\program files\Synaptics
    2009-04-01 18:28 . 2009-03-30 19:09 -------- d-----w c:\users\start\AppData\Roaming\uTorrent(111)
    2009-04-01 18:10 . 2009-03-31 13:33 -------- d-----w c:\users\Wizgo\AppData\Roaming\uTorrent
    2009-03-31 13:17 . 2009-03-31 13:17 114568 ----a-w c:\users\Wizgo\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-03-28 08:07 . 2009-03-28 08:07 410984 ----a-w c:\windows\system32\deploytk.dll
    2009-03-19 14:32 . 2009-04-22 12:00 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
    2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
    2009-03-17 03:38 . 2009-04-15 00:35 13824 ----a-w c:\windows\system32\apilogen.dll
    2009-03-17 03:38 . 2009-04-15 00:35 24064 ----a-w c:\windows\system32\amxread.dll
    2009-03-08 11:34 . 2009-03-28 07:38 914944 ----a-w c:\windows\system32\wininet.dll
    2009-03-08 11:34 . 2009-03-28 07:38 43008 ----a-w c:\windows\system32\licmgr10.dll
    2009-03-08 11:33 . 2009-03-28 07:38 18944 ----a-w c:\windows\system32\corpol.dll
    2009-03-08 11:33 . 2009-03-28 07:38 109056 ----a-w c:\windows\system32\iesysprep.dll
    2009-03-08 11:33 . 2009-03-28 07:38 109568 ----a-w c:\windows\system32\PDMSetup.exe
    2009-03-08 11:33 . 2009-03-28 07:38 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe
    2009-03-08 11:33 . 2009-03-28 07:38 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe
    2009-03-08 11:33 . 2009-03-28 07:38 103936 ----a-w c:\windows\system32\SetDepNx.exe
    2009-03-08 11:33 . 2009-03-28 07:38 132608 ----a-w c:\windows\system32\ieUnatt.exe
    2009-03-08 11:33 . 2009-03-28 07:38 420352 ----a-w c:\windows\system32\vbscript.dll
    2009-03-08 11:32 . 2009-03-28 07:38 72704 ----a-w c:\windows\system32\admparse.dll
    2009-03-08 11:32 . 2009-03-28 07:38 71680 ----a-w c:\windows\system32\iesetup.dll
    2009-03-08 11:32 . 2009-03-28 07:38 66560 ----a-w c:\windows\system32\wextract.exe
    2009-03-08 11:32 . 2009-03-28 07:38 169472 ----a-w c:\windows\system32\iexpress.exe
    2009-03-08 11:31 . 2009-03-28 07:38 34816 ----a-w c:\windows\system32\imgutil.dll
    2009-03-08 11:31 . 2009-03-28 07:38 48128 ----a-w c:\windows\system32\mshtmler.dll
    2009-03-08 11:31 . 2009-03-28 07:38 45568 ----a-w c:\windows\system32\mshta.exe
    2009-03-08 11:22 . 2009-03-28 07:38 156160 ----a-w c:\windows\system32\msls31.dll
    2009-03-03 04:46 . 2009-04-15 00:36 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
    2009-03-03 04:46 . 2009-04-15 00:36 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
    2009-03-03 04:39 . 2009-04-15 00:36 183296 ----a-w c:\windows\system32\sdohlp.dll
    2009-03-03 04:39 . 2009-04-15 00:36 551424 ----a-w c:\windows\system32\rpcss.dll
    2009-03-03 04:39 . 2009-04-15 00:36 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
    2009-03-03 04:37 . 2009-04-15 00:36 98304 ----a-w c:\windows\system32\iasrecst.dll
    2009-03-03 04:37 . 2009-04-15 00:36 44032 ----a-w c:\windows\system32\iasdatastore.dll
    2009-03-03 04:37 . 2009-04-15 00:36 54784 ----a-w c:\windows\system32\iasads.dll
    2009-03-03 03:04 . 2009-04-15 00:36 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
    2009-03-03 02:38 . 2009-04-15 00:36 17408 ----a-w c:\windows\system32\iashost.exe
    2002-03-11 09:06 . 2002-03-11 09:06 1822520 ----a-w c:\program files\instmsiw.exe
    2002-03-11 08:45 . 2002-03-11 08:45 1708856 ----a-w c:\program files\instmsia.exe
    2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
    2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OSDOverLayIcon]
    @="{8129812F-4AF8-4A47-85A5-D995B505880C}"
    [HKEY_CLASSES_ROOT\CLSID\{8129812F-4AF8-4A47-85A5-D995B505880C}]
    2009-04-16 14:32 53248 ----a-w c:\program files\mes données\OSDExtension.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2006-11-13 413696]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-04 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
    "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2006-11-01 413696]
    "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-19 411768]
    "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-02-06 509496]
    "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
    "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-01-17 534648]
    "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-02-19 571024]
    "topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-03-02 577536]
    "SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-11-01 438272]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-02-02 835584]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-28 148888]
    "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-01-13 90191]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-01-13 81920]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-01-13 7766016]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2006-11-28 81920]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-11-28 98304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-11-28 106496]
    "PLFSet"="c:\windows\PLFSet.dll" [2007-04-24 45056]
    "KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
    "ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]
    "CardDetectorHUAWEI160"="c:\program files\CardDetector\HUAWEI160\CardDetector.exe" [2008-09-25 274432]
    "BEWINTERNET-FR-DMGP-V2SessionManager"="c:\program files\Orange\IEWInternet\SessionManager\SessionManager.exe" [2008-09-25 131824]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
    "USB Storage Toolbox"="c:\program files\USB Disk Win98 Driver\Res.EXE" [2005-09-14 65536]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
    "NDSTray.exe"="NDSTray.exe" [BU]
    "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-01-18 4349952]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "FilterAdministratorToken"= 1 (0x1)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "UacDisableNotify"=dword:00000001
    "InternetSettingsDisableNotify"=dword:00000001
    "AutoUpdateDisableNotify"=dword:00000001
    "AntiVirusDisableNotify"="0x00000000"
    "UpdatesDisableNotify"="0x00000000"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
    "DefaultOutboundAction"= 0 (0x0)
    "DefaultInboundAction"= 1 (0x1)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{8B50BA2A-8C4C-4FE4-9CF8-01EE69C14190}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
    "{4F2B5B6D-0ABC-4035-A669-4F72DE374CFD}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
    "TCP Query User{9F2DDA66-953B-42F4-9C96-9AB7F4F31777}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= UDP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
    "UDP Query User{F8026AC2-11B4-4BF2-A592-32EF8EC4C47F}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= TCP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
    "TCP Query User{67FE2105-383F-4114-BADC-46817EBA0DAC}c:\\windows\\system32\\winreg.exe"= UDP:c:\windows\system32\winreg.exe:Winreg
    "UDP Query User{D80521F8-DD82-4DF3-A511-CFDE012FD8A4}c:\\windows\\system32\\winreg.exe"= TCP:c:\windows\system32\winreg.exe:Winreg
    "{B68DDBB7-5854-462B-B402-C5F3ACDBC88C}"= UDP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
    "{9EFFB496-7C2F-4032-8710-BB85A8EF08EA}"= TCP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
    "{82DC71F7-B5C2-45A1-B0E0-234DF3BA87CD}"= UDP:c:\program files\K-Lite Codec Pack\Filters\ac3config.exe:AC3Filter
    "{EBDAD518-3227-42F9-A122-50C2768D80BF}"= TCP:c:\program files\K-Lite Codec Pack\Filters\ac3config.exe:AC3Filter
    "{262DEBA5-5EC6-45C9-BCB0-361F421BBF50}"= Disabled:TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "TCP Query User{A319C412-4E62-45FB-8E2A-336F43C75A7F}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= UDP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
    "UDP Query User{27455208-5C43-4CD0-93E1-AD1F14055FD0}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= TCP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
    "{914558EC-E758-4782-A150-46ED41DE140F}"= Disabled:TCP:55000:192.168.1.10:eMule
    "TCP Query User{AD667AEE-B323-4F01-B0E7-48ACDABEC428}c:\\program files\\emule\\emule.exe"= Disabled:UDP:c:\program files\emule\emule.exe:eMule
    "UDP Query User{0FF5DF6B-FEEB-41A4-9404-79DB26C2B876}c:\\program files\\emule\\emule.exe"= Disabled:TCP:c:\program files\emule\emule.exe:eMule
    "{2C3F7019-7AEE-4308-A1DA-0B55F698A6DC}"= Disabled:UDP:c:\program files\uTorrent Acceleration Tool\uTorrent Acceleration Tool.exe:uTorrent Acceleration Tool
    "{45E6ECE0-4271-45F1-B094-71F76F808742}"= Disabled:TCP:c:\program files\uTorrent Acceleration Tool\uTorrent Acceleration Tool.exe:uTorrent Acceleration Tool
    "TCP Query User{F43452C4-0663-481C-B01F-FEFC907ED84A}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
    "UDP Query User{9B68FA2C-070D-4D44-8B0E-70D05B54CECF}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
    "{DA5F344F-D127-4A00-BE5B-C3A100B876DD}"= UDP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
    "{0E6ACF05-6898-4EB1-8E68-0A5FA45FC6A0}"= TCP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox
    "{4B08FBF3-1E8A-4B45-A181-1DB8AB8C1493}"= UDP:c:\users\start\AppData\Local\Temp\7zSAA62.tmp\SymNRT.exe:Norton Removal Tool
    "{E5F59BC3-6818-439B-ABA6-4975CA016D7C}"= TCP:c:\users\start\AppData\Local\Temp\7zSAA62.tmp\SymNRT.exe:Norton Removal Tool

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)
    "DefaultOutboundAction"= 0 (0x0)
    "DefaultInboundAction"= 1 (0x1)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
    "DefaultOutboundAction"= 0 (0x0)
    "DefaultInboundAction"= 1 (0x1)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "c:\\Program Files\\Orange\\IEWInternet\\Connectivity\\ConnectivityManager.exe"= c:\program files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe:*:enabled:CSS
    "c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

    R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [12/01/2009 20:28 114768]
    R1 CbFs;CbFs;c:\windows\System32\drivers\cbfs32.sys [12/05/2009 23:10 137384]
    R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [12/01/2009 20:28 20560]
    R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [12/01/2009 20:27 51792]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [15/05/2009 09:04 1153368]
    S2 gupdate1c9bb79361eb80b;Service Google Update (gupdate1c9bb79361eb80b);c:\program files\Google\Update\GoogleUpdate.exe [12/04/2009 16:16 133104]
    S3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [29/12/2008 15:27 36512]
    S3 HDJMidi;Hercules DJ Console MIDI;c:\windows\System32\drivers\HDJMidi.sys [23/02/2008 05:27 41984]
    S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\System32\drivers\ewusbfake.sys [24/03/2009 21:44 100224]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [24/03/2009 21:50 28224]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
    c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
    .
    Contenu du dossier 'Tâches planifiées'

    2009-05-31 c:\windows\Tasks\GoogleUpdateTaskMachine.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-12 14:15]

    2009-05-31 c:\windows\Tasks\User_Feed_Synchronization-{3037FDC8-E66C-4A01-909D-DA431392C1D2}.job
    - c:\windows\system32\msfeedssync.exe [2009-03-28 11:31]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    SafeBoot-procexp90.Sys

    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://orange.fr/
    mWindow Title =
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR
    TCP: {F43DE135-7EC4-4234-ADF1-B307F837E77E} = 192.168.1.1
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    FF - ProfilePath - c:\users\start\AppData\Roaming\Mozilla\Firefox\Profiles\oxesnv3c.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr
    FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA2&q=
    FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
    FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
    FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
    FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

    ---- PARAMETRES FIREFOX ----
    FF - user.js: network.proxy.type - 0
    FF - user.js: browser.shell.checkDefaultBrowser - false
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-31 07:42
    Windows 6.0.6001 Service Pack 1 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-3943368547-3807070264-3836599413-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D7E3E596-7CB6-9CBF-B075-059EB737B9AC}*]
    "bbdgcbaepnokgoaokiffgafpccenoknkoojj"=hex:61,61,00,00
    "abdgcbaepnokgoaokiafjghdeibmbocacn"=hex:61,61,00,00

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u004\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Heure de fin: 2009-05-31 7:44
    ComboFix-quarantined-files.txt 2009-05-31 05:44

    Avant-CF: 28 837 388 288 octets libres
    Après-CF: 28 988 780 544 octets libres

    Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
    388 --- E O F --- 2009-05-29 16:02
    0
  • 1
  • 2