Sujet Précédent Sujet Suivant

Bloqué une page web avec un logiciel?

Fermé
silverius Messages postés 229 Date d'inscription jeudi 19 novembre 2009 Statut Membre Dernière intervention 1 février 2024 - 21 nov. 2009 à 11:25
kalimusic Messages postés 14014 Date d'inscription samedi 7 novembre 2009 Statut Contributeur sécurité Dernière intervention 20 novembre 2015 - 24 nov. 2009 à 20:24
Bonjour,
J'expose mon problème.
N'ayant pas trouver de forum plus précis sur le fait, j'aimerais simplement savoir s'il existe un logiciel qui permet de bloqué une page web précise.
Je ne parle pas d'anti-popup qui sont pour la plupart un ramaci d'arnaque et de problèmes.
Par exemple je prend le lien de https://www.commentcamarche.net/ l'on imagine que ce lien s'ouvre toute les 3 minutes sur mon ordinateur comment puis-je faire pour empêcher ce lien de s'ouvrir.
J'espère avoir était assez clair dans la description du problème que je rencontre.
(PS: pour les personnes qui ont le même soucis que moi une solution provisoire est de faire planté d'explorer comment je ne sais pas mais de le faire planter...).
Merci pour votre aide précieuse.
A voir également:

7 réponses

Réponse 1 / 7
barnabe0057 Messages postés 14454 Date d'inscription lundi 2 mars 2009 Statut Contributeur Dernière intervention 30 novembre 2024 4 919
21 nov. 2009 à 11:35
Bonjour,
A ma connaissance à part les anti-popups il n'existe pas de logiciel qui permet de bloquer juste une page web bien précise, par contre tu peux bloquer des sites entiers à l'aide de ton fichier hosts.
Voir explications ici :
https://www.commentcamarche.net/faq/5993-modifier-son-fichier-hosts

C'est vrai que généralement les anti-popups pour Internet Explorer ne sont pas efficaces du tout tandis qu'avec Firefox c'est très facile de bloquer ce que l'on veut si l'on a installé les bonnes extensions.
0
Réponse 2 / 7
messmechii Messages postés 15 Date d'inscription mardi 22 janvier 2008 Statut Membre Dernière intervention 18 janvier 2010 25
21 nov. 2009 à 11:35
bonjour
je souhaite que je compris votre desir:
essayer avec ce lienhttp: //www.commentcamarche.net/telecharger/telecharger-34058437-web-security-navigator
b journée
0
Réponse 3 / 7
cddu33 Messages postés 1269 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 8 septembre 2015 256
21 nov. 2009 à 11:36
le lien souvre avec internet explorer ou firefox?
0
Réponse 4 / 7
kalimusic Messages postés 14014 Date d'inscription samedi 7 novembre 2009 Statut Contributeur sécurité Dernière intervention 20 novembre 2015 3 027
21 nov. 2009 à 11:39
Salut,

Tu édites le fichier HOSTS et tu rajoutes une ligne :

127.0.0.1 www.siteabloquer.fr

Si tu as toujours le fichier original de Windows, profites en pour mettre en place un vrai fichier HOSTS

https://winhelp2002.mvps.org/hosts.htm

Si le site que tu veux bloquer n'y est pas, pareil tu édites et tu rajoutes une ligne.

+ d'infos ici : http://speedweb1.free.fr/frames2.php?page=securite10

A +

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
silverius Messages postés 229 Date d'inscription jeudi 19 novembre 2009 Statut Membre Dernière intervention 1 février 2024 47
22 nov. 2009 à 00:44
Je viens d'essayer l'idée reçu des fichiers hosts.
Et sa marche !!! Très bien même... un peu trop même car tellement que je n'ai pratiquement plus eu internet...
Je m'explique lorsque j'ai élaboré la technique du fichier HOST j'ai suivi la manipulation du site
https://www.commentcamarche.net/faq/5993-modifier-son-fichier-hosts­ichier-hosts
Surtout ne pas télécharger le fichier où se trouve les 23000 liens popup... ceci est l'erreur que j'ai commis sa ma couter 3heures de connexion forte heuresement pour moi j'ai un peu de jugote.
Au cas où cela vous arrives aller simplement renomer le nom du fichier host qui se trouve dans c\windows\system32\divers\etc\host .
Mise à part cette hypothèse j'ai un autre soucis.
Car le popup que j'ai ne s'affiche plus, mais à ma grande surprise c'est un virus (je pense) qui à du se loger dans mon programme.
La page s'affiche hors connexion et la page est vierge ou avec la mention internet explorer n'a pas pu ouvrir le lien....
LE lien du site est le suivant http://www.dwrfslsqpdfqfwy.net/2206354b
J'ai pu voir que certaines personnes auraient la possibilité de m'aider à trouver le virus en détaillant les activités de mon ordinateurs. Voici ce que cela donne.


Logfile of random's system information tool 1.06 (written by random/random)
Run by stephane at 2009-11-19 18:34:48
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 3
System drive C: has 40 GB (9%) free of 466 GB
Total RAM: 3326 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:01, on 19/11/2009
Platform: Windows Vista SP3 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\Users\stephane\Documents\task.exe
C:\Users\stephane\Documents\Live Microsoft Update.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\explorer.exe
C:\Windows\system32\conime.exe
C:\Users\stephane\Desktop\ced\viral\RSIT.exe
C:\Program Files\trend micro\stephane.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Task Menu] C:\Users\stephane\Documents\task.exe
O4 - HKCU\..\Run: [Windows Live Updater] C:\Users\stephane\Documents\Live Microsoft Update.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: PES2010_widget4256769472.lnk = stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}: NameServer = 213.36.80.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1ca11d294080fbb) (gupdate1ca11d294080fbb) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
End of file - 13278 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Maintenance en 1 clic.job
C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - stephane.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}]
IE 4.x-6.x BHO for Internet Download Accelerator - C:\PROGRA~1\IDA\idaiehlp.dll [2008-02-14 152576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll [2007-08-24 316784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2008-10-04 116088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24 316784]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-09-26 352256]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-10-14 863688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-03 6266880]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-04-07 54936]
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]
""= []
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2008-06-02 178712]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-04-30 13781536]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
"NPSStartup"= []
"CrocPopup+ "=C:\PROGRA~1\CROCPO~1\CROCPO~1.exe [2005-01-07 1007616]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
""= []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2008-01-18 49664]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]
"BitComet"=C:\Program Files\BitComet\BitComet.exe [2008-08-22 2567992]
"Task Menu"=C:\Users\stephane\Documents\task.exe [2009-10-26 421517]
"Windows Live Updater"=C:\Users\stephane\Documents\Live Microsoft Update.exe [2009-10-26 421517]
"PopUpStopperFreeEdition"=C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe [2005-03-17 536576]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe [2008-08-22 2567992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe [2009-09-03 3342336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-08-05 1644088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\hp\support\hpsysdrv.exe [2007-04-18 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Internet Download Accelerator]
C:\Program Files\IDA\ida.exe [2008-02-14 2179072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2009-12-03 306088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-09-29 21755688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ssyiu]
c:\users\stephane\appdata\local\ssyiu.exe [2009-05-20 291328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2009-10-24 1217808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2008-09-26 3660848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WiFi Station.lnk]
C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE [2007-06-11 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^stephane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enregistrement de .lnk]
C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe /remind /language=FRA /PRNM=Electronic Arts Product []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^stephane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ImpulseNow.lnk]
C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE [2009-07-29 365872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^stephane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk]
C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE [2007-12-07 101440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^stephane^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-08-18 384000]

C:\Users\stephane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
PES2010_widget4256769472.lnk - C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoViewContextMenu"=0
"NoRun"=0
"NoFind"=0
"NoDesktop"=0
"HideClock"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30d3676c-9370-11dd-ba2e-806e6f6e6963}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fceb596e-a987-11dd-8f6a-001e8cc5a021}]
shell\AutoRun\command - F:\Autorun.exe


======List of files/folders created in the last 1 months======

2009-11-19 18:34:57 ----D---- C:\Program Files\trend micro
2009-11-19 18:34:48 ----D---- C:\rsit
2009-11-19 14:31:15 ----A---- C:\Windows\system32\aswBoot.exe
2009-11-19 14:31:13 ----D---- C:\Program Files\Alwil Software
2009-11-19 14:25:06 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-11-19 14:25:06 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-19 14:16:45 ----D---- C:\Program Files\Panicware
2009-11-19 14:09:51 ----D---- C:\Program Files\crocpopup+
2009-11-19 12:42:52 ----D---- C:\Program Files\KONAMI
2009-11-19 12:42:51 ----D---- C:\ProgramData\KONAMI
2009-11-18 20:24:23 ----D---- C:\Program Files\Windows Portable Devices
2009-11-17 23:58:18 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-17 23:58:17 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-17 23:58:17 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-17 23:57:51 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-17 23:57:51 ----A---- C:\Windows\system32\cdd.dll
2009-11-17 23:57:50 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-17 23:57:50 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-17 23:57:50 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-17 23:57:50 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-17 23:57:49 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\FntCache.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\dxgi.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-17 23:57:49 ----A---- C:\Windows\system32\DWrite.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\d3d11.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\d3d10.dll
2009-11-17 23:57:49 ----A---- C:\Windows\system32\d2d1.dll
2009-11-17 23:57:19 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-17 23:57:19 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-17 23:57:19 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-17 23:57:16 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-17 23:57:11 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-17 23:55:52 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-17 23:55:52 ----A---- C:\Windows\system32\oleacc.dll
2009-11-17 23:55:51 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-15 22:02:57 ----D---- C:\Program Files\MarkAny
2009-11-15 20:46:08 ----D---- C:\Users\stephane\AppData\Roaming\PC Suite
2009-11-15 20:46:08 ----D---- C:\ProgramData\PC Suite
2009-11-15 20:05:06 ----A---- C:\Windows\system32\nmwcdcls.dll
2009-11-15 20:05:04 ----D---- C:\Program Files\DIFX
2009-11-15 19:24:57 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2009-11-15 18:29:53 ----A---- C:\Windows\system32\FsUsbExService.Exe
2009-11-15 18:29:53 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2009-11-15 18:29:21 ----D---- C:\Users\stephane\AppData\Roaming\Samsung
2009-11-15 18:28:32 ----D---- C:\Program Files\PC Connectivity Solution
2009-11-15 18:27:45 ----D---- C:\Program Files\Samsung
2009-11-15 17:37:59 ----D---- C:\Program Files\iPod
2009-11-15 17:37:58 ----D---- C:\Program Files\iTunes
2009-11-11 11:49:35 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-09 19:15:35 ----D---- C:\Games
2009-11-06 07:44:38 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-06 07:44:17 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-11-06 07:40:58 ----D---- C:\Program Files\Microsoft
2009-11-06 07:40:47 ----D---- C:\Program Files\Windows Live SkyDrive
2009-11-06 07:36:48 ----D---- C:\Program Files\Common Files\Windows Live
2009-11-04 21:13:19 ----D---- C:\Program Files\Rockstar Games
2009-11-04 10:23:33 ----A---- C:\Windows\system32\javaws.exe
2009-11-04 10:23:33 ----A---- C:\Windows\system32\javaw.exe
2009-11-04 10:23:33 ----A---- C:\Windows\system32\java.exe
2009-11-04 09:54:55 ----A---- C:\Windows\system32\wups2.dll
2009-11-04 09:54:55 ----A---- C:\Windows\system32\wucltux.dll
2009-11-04 09:54:55 ----A---- C:\Windows\system32\wuaueng.dll
2009-11-04 09:54:55 ----A---- C:\Windows\system32\wuauclt.exe
2009-11-04 09:54:39 ----A---- C:\Windows\system32\wups.dll
2009-11-04 09:54:39 ----A---- C:\Windows\system32\wudriver.dll
2009-11-04 09:54:39 ----A---- C:\Windows\system32\wuapi.dll
2009-11-04 09:54:33 ----A---- C:\Windows\system32\wuwebv.dll
2009-11-04 09:54:33 ----A---- C:\Windows\system32\wuapp.exe
2009-11-03 16:03:14 ----D---- C:\Users\stephane\AppData\Roaming\OpenOffice.org
2009-11-03 15:57:44 ----D---- C:\Program Files\JRE
2009-11-03 15:57:40 ----D---- C:\Program Files\OpenOffice.org 3
2009-11-03 08:56:42 ----A---- C:\Windows\system32\mshtml.dll
2009-11-01 20:37:54 ----D---- C:\ProgramData\FLEXnet
2009-11-01 20:19:53 ----D---- C:\Program Files\Adobe Media Player
2009-11-01 20:17:55 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-11-01 20:13:25 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-11-01 16:36:15 ----D---- C:\Users\stephane\AppData\Roaming\ArchiFacile
2009-11-01 14:46:56 ----D---- C:\Program Files\EDraw Max
2009-10-31 11:05:17 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2009-10-30 23:02:17 ----D---- C:\Users\stephane\AppData\Roaming\gtk-2.0
2009-10-29 15:39:36 ----D---- C:\Users\stephane\AppData\Roaming\Audacity
2009-10-29 15:27:48 ----D---- C:\Program Files\Audacity 1.3 Beta (Unicode)
2009-10-28 22:17:24 ----D---- C:\Program Files\Blender Foundation
2009-10-27 20:18:25 ----D---- C:\Users\stephane\AppData\Roaming\SecondLife
2009-10-27 20:17:40 ----D---- C:\Program Files\SecondLife
2009-10-27 19:45:07 ----A---- C:\Windows\system32\wmp.dll
2009-10-27 19:45:05 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-27 19:45:03 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-25 00:09:41 ----D---- C:\Users\stephane\AppData\Roaming\Ubisoft
2009-10-24 23:45:43 ----D---- C:\Program Files\Anno1404
2009-10-24 23:42:01 ----D---- C:\Program Files\Anno 1404 Bonus
2009-10-24 22:55:08 ----D---- C:\ProgramData\Tages

======List of files/folders modified in the last 1 months======

2009-11-19 18:35:51 ----D---- C:\Windows\Prefetch
2009-11-19 18:35:43 ----D---- C:\Windows\Temp
2009-11-19 18:34:57 ----RD---- C:\Program Files
2009-11-19 18:15:53 ----D---- C:\Windows\System32
2009-11-19 18:15:53 ----D---- C:\Windows\inf
2009-11-19 18:15:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-19 18:14:39 ----D---- C:\Program Files\Mozilla Firefox
2009-11-19 15:27:07 ----D---- C:\Program Files\Warcraft III
2009-11-19 14:31:42 ----D---- C:\Windows\system32\drivers
2009-11-19 14:25:06 ----HD---- C:\ProgramData
2009-11-19 14:09:37 ----D---- C:\Windows\system32\Tasks
2009-11-19 14:08:56 ----D---- C:\Downloads
2009-11-19 12:50:13 ----SHD---- C:\Windows\Installer
2009-11-19 12:50:12 ----HD---- C:\Config.Msi
2009-11-19 12:49:01 ----SHD---- C:\System Volume Information
2009-11-18 20:43:06 ----D---- C:\Windows\rescache
2009-11-18 20:24:32 ----D---- C:\Windows
2009-11-18 20:24:25 ----D---- C:\Windows\system32\fr-FR
2009-11-18 20:24:23 ----D---- C:\Windows\system32\wbem
2009-11-18 20:24:21 ----D---- C:\Windows\system32\zh-HK
2009-11-18 20:24:21 ----D---- C:\Windows\system32\uk-UA
2009-11-18 20:24:21 ----D---- C:\Windows\system32\tr-TR
2009-11-18 20:24:21 ----D---- C:\Windows\system32\th-TH
2009-11-18 20:24:21 ----D---- C:\Windows\system32\sv-SE
2009-11-18 20:24:21 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-18 20:24:21 ----D---- C:\Windows\system32\sl-SI
2009-11-18 20:24:21 ----D---- C:\Windows\system32\pt-PT
2009-11-18 20:24:21 ----D---- C:\Windows\system32\pt-BR
2009-11-18 20:24:21 ----D---- C:\Windows\system32\pl-PL
2009-11-18 20:24:21 ----D---- C:\Windows\system32\nl-NL
2009-11-18 20:24:21 ----D---- C:\Windows\system32\ko-KR
2009-11-18 20:24:21 ----D---- C:\Windows\system32\it-IT
2009-11-18 20:24:21 ----D---- C:\Windows\system32\hu-HU
2009-11-18 20:24:21 ----D---- C:\Windows\system32\hr-HR
2009-11-18 20:24:21 ----D---- C:\Windows\system32\he-IL
2009-11-18 20:24:21 ----D---- C:\Windows\system32\fi-FI
2009-11-18 20:24:21 ----D---- C:\Windows\system32\el-GR
2009-11-18 20:24:21 ----D---- C:\Windows\system32\bg-BG
2009-11-18 20:24:20 ----D---- C:\Windows\system32\zh-TW
2009-11-18 20:24:20 ----D---- C:\Windows\system32\zh-CN
2009-11-18 20:24:20 ----D---- C:\Windows\system32\sk-SK
2009-11-18 20:24:20 ----D---- C:\Windows\system32\ru-RU
2009-11-18 20:24:20 ----D---- C:\Windows\system32\ro-RO
2009-11-18 20:24:20 ----D---- C:\Windows\system32\nb-NO
2009-11-18 20:24:20 ----D---- C:\Windows\system32\lv-LV
2009-11-18 20:24:20 ----D---- C:\Windows\system32\lt-LT
2009-11-18 20:24:20 ----D---- C:\Windows\system32\ja-JP
2009-11-18 20:24:20 ----D---- C:\Windows\system32\et-EE
2009-11-18 20:24:20 ----D---- C:\Windows\system32\es-ES
2009-11-18 20:24:20 ----D---- C:\Windows\system32\en-US
2009-11-18 20:24:20 ----D---- C:\Windows\system32\de-DE
2009-11-18 20:24:20 ----D---- C:\Windows\system32\da-DK
2009-11-18 20:24:20 ----D---- C:\Windows\system32\cs-CZ
2009-11-18 20:24:20 ----D---- C:\Windows\system32\ar-SA
2009-11-17 23:58:24 ----D---- C:\Windows\winsxs
2009-11-17 23:58:23 ----D---- C:\Windows\system32\catroot
2009-11-17 23:58:09 ----D---- C:\Windows\system32\catroot2
2009-11-17 12:12:44 ----D---- C:\Program Files\Steam
2009-11-17 07:59:07 ----D---- C:\Program Files\Common Files\Steam
2009-11-15 22:05:02 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-15 22:03:37 ----DC---- C:\Windows\system32\DRVSTORE
2009-11-15 21:58:48 ----D---- C:\ProgramData\HPSSUPPLY
2009-11-15 17:37:59 ----D---- C:\Program Files\Common Files\Apple
2009-11-13 16:54:12 ----D---- C:\Windows\pss
2009-11-12 13:06:20 ----D---- C:\ProgramData\Adobe
2009-11-12 13:06:11 ----D---- C:\Program Files\Common Files\Adobe
2009-11-12 13:06:11 ----D---- C:\Program Files\Adobe
2009-11-12 12:17:26 ----D---- C:\Program Files\Windows Mail
2009-11-11 23:07:36 ----D---- C:\ProgramData\Microsoft Help
2009-11-08 00:02:26 ----RSD---- C:\Windows\assembly
2009-11-06 18:16:55 ----D---- C:\Windows\Microsoft.NET
2009-11-06 17:10:16 ----A---- C:\Windows\vbaddin.ini
2009-11-06 17:09:32 ----A---- C:\Windows\win.ini
2009-11-06 17:06:19 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-06 07:44:18 ----D---- C:\Program Files\Common Files\System
2009-11-06 07:43:37 ----D---- C:\Program Files\Windows Live
2009-11-06 07:36:48 ----D---- C:\Program Files\Common Files
2009-11-06 07:36:47 ----SD---- C:\ProgramData\Microsoft
2009-11-05 18:36:21 ----A---- C:\Windows\system32\mrt.exe
2009-11-04 10:34:45 ----D---- C:\Users\stephane\AppData\Roaming\Adobe
2009-11-04 10:23:31 ----D---- C:\Program Files\Java
2009-11-03 15:57:53 ----RSD---- C:\Windows\Fonts
2009-11-03 15:51:33 ----SD---- C:\Users\stephane\AppData\Roaming\Microsoft
2009-11-03 08:59:33 ----D---- C:\ProgramData\HP
2009-11-02 21:20:29 ----D---- C:\ProgramData\Hewlett-Packard
2009-11-02 21:20:11 ----D---- C:\Windows\twain_32
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-11-01 18:40:22 ----D---- C:\Windows\Minidump
2009-11-01 18:37:55 ----D---- C:\Program Files\Deep Silver
2009-10-31 11:05:16 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-10-28 09:51:16 ----D---- C:\Program Files\Windows Media Player
2009-10-24 23:35:44 ----D---- C:\temp
2009-10-24 23:08:35 ----D---- C:\Program Files\Ubisoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-09-15 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-09-15 52368]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-09-17 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20081127.002\IDSvix86.sys [2008-09-26 270384]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2008-09-05 447024]
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-02-19 24112]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2009-02-19 184496]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-10-24 281760]
R2 CO_Mon;CO_Mon; \??\C:\Windows\system32\drivers\CO_Mon.sys [2007-08-08 36056]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-10-24 25888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-09-17 99376]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-03 2152088]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20081201.041\NAVENG.SYS [2008-11-20 89104]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20081201.041\NAVEX15.SYS [2008-11-20 876112]
R3 netr73;Hercules Wireless USB Dongle Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 256000]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-04-30 9850016]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2009-02-19 13616]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-01-09 124464]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2009-02-19 96560]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2009-02-19 22320]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 adipfusb;ADI USB RNDIS Compatible Network Device - AD6489; C:\Windows\system32\DRIVERS\adipfusb.sys [2005-05-12 28182]
S3 afb0uj0b;afb0uj0b; C:\Windows\system32\drivers\afb0uj0b.sys []
S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-18 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-18 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-18 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-10-03 99840]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 Automatic LiveUpdate Scheduler;Planificateur LiveUpdate automatique; c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-31 243064]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 HPBtnSrv;HP Chasis Button Service; c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-06-02 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-03-17 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-04-30 211488]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2008-10-04 1251720]
S2 gupdate1ca11d294080fbb;Service Google Update (gupdate1ca11d294080fbb); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-31 133104]
S3 comHost;COM Host; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-08-21 55640]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-11-01 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-11-12 320760]
S4 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2009-07-17 250616]
S4 LiveUpdate Notice;LiveUpdate Notice; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S4 LiveUpdate;LiveUpdate; c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2007-08-23 3192184]
S4 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-03-07 360192]
S4 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-03-07 603904]

-----------------EOF-----------------


Merci de votre soutient elle m'est d'une grande aide.
0
tompie95
23 nov. 2009 à 20:04
Bonjour votre pc est infecté .
Faite ceci désactiver TeaTimer qui ne sert à rien et peut faire échouer une désinfection:!
Affiche d'abord le Mode Avancé dans Spybot

Options Avancées :
menu Mode
Mode Avancé. Une colonne de menus apparaît dans la partie gauche :
clique sur Outils
clique sur Résident
Dans Résident :
décoche Résident "TeaTimer" pour le désactiver.
-------------------------------------------------
Ensuite vous aller passer cette outil
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3


Lance l'installation du programme en exécutant le fichier téléchargé.

Double-clique maintenant sur le raccourci de Toolbar-S&D.(Clique droit -> "lancer en tant qu'administrateur" si sous Vista)

Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.

Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.

Poste le rapport généré. (C:\TB.txt)

Relance Toolbar-S&D en double-cliquant sur le raccourci (Clique droit -> "lancer en tant qu'administrateur" si sous Vista).



Choisis cette fois l'option 2 puis valide en appuyant sur Entrée.
/!\ Ne ferme pas la fenêtre lors de la suppression /!\

Un rapport sera généré
poste son contenu ici
puis un nouveau rapport HijackThis.


Si ton bureau ne réapparait pas
fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau

A vous lire
0
Réponse 6 / 7
silverius Messages postés 229 Date d'inscription jeudi 19 novembre 2009 Statut Membre Dernière intervention 1 février 2024 47
24 nov. 2009 à 18:33
Bonsoir,
Je viens de faire l'analyse et voici ce que cela donne


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2009-11-24 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi
2009-11-10 Includes\AdwareC.sbi
2009-01-22 Includes\Cookies.sbi
2009-11-03 Includes\Dialer.sbi
2009-10-13 Includes\DialerC.sbi
2009-01-22 Includes\HeavyDuty.sbi
2009-05-26 Includes\Hijackers.sbi
2009-11-17 Includes\HijackersC.sbi
2009-10-20 Includes\Keyloggers.sbi
2009-10-20 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2009-11-10 Includes\Malware.sbi
2009-11-18 Includes\MalwareC.sbi
2009-03-25 Includes\PUPS.sbi
2009-11-17 Includes\PUPSC.sbi
2009-01-22 Includes\Revision.sbi
2009-01-13 Includes\Security.sbi
2009-11-10 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2009-11-03 Includes\Spyware.sbi
2009-11-10 Includes\SpywareC.sbi
2009-06-08 Includes\Tracks.uti
2009-11-17 Includes\Trojans.sbi
2009-11-17 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll


--- System information ---
Windows Vista (Build: 6002) Service Pack 3 (6.0.6002)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)


--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 392845E8D49B5F0E81AAC4D795000A8C

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304

Located: HK_LM:Run, ccApp
command: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: c:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 51048
MD5: B01902E9451B3D39DC5CAFDC9B9B398C

Located: HK_LM:Run, GrooveMonitor
command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C

Located: HK_LM:Run, IAAnotif
command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2

Located: HK_LM:Run, KBD
command: C:\HP\KBD\KbdStub.EXE
file: C:\HP\KBD\KbdStub.EXE
size: 65536
MD5: 7088B136BB58A5F95CF0DE8386CA6C0F

Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot)
command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
size: 1312080
MD5: C5FCC0B761069FABD59E41B7C3280DDF

Located: HK_LM:Run, NPSStartup
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\NvCpl.dll
size: 13781536
MD5: 274631707A40398B8773CCB6DB3C2A81

Located: HK_LM:Run, OsdMaestro
command: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
file: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240

Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E

Located: HK_LM:Run, SunJavaUpdateReg
command: "C:\Windows\system32\jureg.exe"
file: C:\Windows\system32\jureg.exe
size: 54936
MD5: 4F89DD4EA74C66916E15A6E7D74A50B5

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0

Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E

Located: HK_CU:Run,
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, BitComet
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\BitComet\BitComet.exe" /tray
file: C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0

Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C

Located: HK_CU:Run, msnmsgr
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F

Located: HK_CU:Run, Sidebar
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4

Located: HK_CU:Run, Speech Recognition
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
file: C:\Windows\Speech\Common\sapisvr.exe
size: 49664
MD5: 105A4D87C8DCF2CF5DB042830B203E5F

Located: HK_CU:Run, Task Menu
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\task.exe
file: C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B

Located: HK_CU:Run, Windows Live Updater
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\Live Microsoft Update.exe
file: C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B

Located: HK_CU:Run, WMPNSCFG
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D

Located: Démarrage (désactivé), HP Digital Imaging Monitor (DISABLED)
command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
size: 214360
MD5: CF03C8F6F6B0D71F6E5BCE167FCF7CA6

Located: Démarrage (désactivé), WiFi Station (DISABLED)
command: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE -s
file: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE
size: 98304
MD5: BD009223C9C4AF53F67EBB4D5E9B790C

Located: Démarrage (désactivé), Enregistrement de (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe /remind /language=FRA /PRNM="Electronic Arts Product"
file: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: Démarrage (désactivé), ImpulseNow (DISABLED)
command: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
file: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
size: 365872
MD5: 4CD21FD02727AC6276B427B213D02100

Located: Démarrage (désactivé), OneNote 2007 - Capture d'écran et lancement (DISABLED)
command: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE /tsr
file: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE
size: 101440
MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681

Located: Démarrage (désactivé), OpenOffice.org 3.1 (DISABLED)
command: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
file: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
size: 384000
MD5: C047C9C6CD8E134AFDFDB374E80547E5

Located: Démarrage (désactivé), PES2010_widget4256769472 (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
file: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{053F9267-DC04-4294-A72C-58F732D338C0} (HP Print Clips)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: HP Print Clips
Path: C:\Program Files\HP\Smart Web Printing\
Long name: hpswp_framework.dll
Short name: HPSWP_~3.DLL
Date (created): 02/03/2007 16:52:08
Date (last access): 17/03/2009 22:04:26
Date (last write): 02/03/2007 16:52:08
Filesize: 177768
Attributes: readonly archive
MD5: A40456DE4EF7E318104955361C72AC9D
CRC32: 6F06AAE2
Version: 2.15.7.0

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Aide pour le lien d'Adobe PDF Reader
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: https://get2.adobe.com/reader/otherversions/
info source: TonyKlein
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 22/10/2006 23:08:42
Date (last access): 12/11/2009 13:06:24
Date (last write): 22/10/2006 23:08:42
Filesize: 62080
Attributes: archive
MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
CRC32: E388508F
Version: 8.0.0.456

{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet ClickCapture)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: BitComet ClickCapture
CLSID name: BitComet Helper
Path: C:\Program Files\BitComet\tools\
Long name: BitCometBHO_1.2.8.7.dll
Short name: BITCOM~2.DLL
Date (created): 11/08/2008 09:12:14
Date (last access): 04/10/2008 13:50:12
Date (last write): 11/08/2008 09:12:14
Filesize: 656696
Attributes: archive
MD5: F5508AC38274799624B53798F8BA7EE6
CRC32: AB441D08
Version: 1.2.8.7

{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 19/11/2009 14:25:08
Date (last access): 19/11/2009 14:25:08
Date (last write): 26/01/2009 15:31:02
Filesize: 1879896
Attributes: archive
MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
CRC32: 5BA24007
Version: 1.6.2.14

{5C255C8A-E604-49b4-9D64-90988571CECB} ()
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name:

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (NCO 2.0 IE BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: NCO 2.0 IE BHO
CLSID name:
Path: c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\
Long name: CoIEPlg.dll
Short name:
Date (created): 24/08/2007 14:51:00
Date (last access): 20/03/2008 10:33:06
Date (last write): 24/08/2007 14:51:00
Filesize: 316784
Attributes: archive
MD5: 6BC066FCC66BB0EE33A618EBC65683D5
CRC32: D7E3A9BB
Version: 2008.2.0.84

{6D53EC84-6AAE-4787-AEEE-F4628F01010C} (Symantec Intrusion Prevention)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Symantec Intrusion Prevention
CLSID name: Symantec Intrusion Prevention
Path: C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
Long name: IPSBHO.dll
Short name:
Date (created): 20/03/2008 10:32:50
Date (last access): 04/10/2008 13:45:10
Date (last write): 04/10/2008 13:45:10
Filesize: 116088
Attributes: archive
MD5: FA3E00177B57D5B2BF058D560931D750
CRC32: DF9D41CC
Version: 8.2.0.86

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Groove GFS Browser Helper
Path: C:\Program Files\Microsoft Office\Office12\
Long name: GrooveShellExtensions.dll
Short name: GRA8E1~1.DLL
Date (created): 24/08/2007 07:01:22
Date (last access): 06/11/2009 17:06:52
Date (last write): 24/08/2007 07:01:22
Filesize: 2212224
Attributes: archive
MD5: 32C4927E013C018A13D8DFBDA4148812
CRC32: 9A9F3D8B
Version: 12.0.6211.1000

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 17/02/2009 16:11:04
Date (last access): 05/03/2009 13:59:18
Date (last write): 17/02/2009 16:11:04
Filesize: 408440
Attributes: archive
MD5: 1A82C1B9BB43385695EFC3A84F6756A2
CRC32: 75E558CA
Version: 5.0.818.6

{DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Java(tm) Plug-In 2 SSV Helper
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2ssv.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2009 04:18:20
Date (last write): 11/10/2009 04:17:30
Filesize: 41760
Attributes: archive
MD5: C9EDE29F223A27873E187D9FB6045EA6
CRC32: 5951C3E0
Version: 6.0.170.4



--- ActiveX list ---
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\Windows\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_01
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4

{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: jp2iexp.dll
Short name:
Date (created): 26/09/2009 13:42:10
Date (last access): 11/10/2073 04:18:18
Date (last write): 11/10/2009 04:17:30
Filesize: 100128
Attributes: archive
MD5: 048369C957BCE15E4628FDEB65820BE8
CRC32: C8C19051
Version: 6.0.170.4

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_17
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_17.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2009 02:14:36
Date (last access): 11/10/2073 04:18:30
Date (last write): 11/10/2009 04:17:30
Filesize: 136992
Attributes: archive
MD5: 3D58770680F268A23A8CE1F14B49AA2F
CRC32: 6091A816
Version: 6.0.170.4



--- Process list ---
PID: 3704 (1100) C:\Windows\system32\Dwm.exe
size: 81920
MD5: 01DD1004181FD46ECDC3628228EB269D
PID: 3744 (3696) C:\Windows\Explorer.EXE
size: 2926592
MD5: D07D4C3038F3578FFCE1C0237F2A1253
PID: 3948 (1112) C:\Windows\system32\taskeng.exe
size: 169984
MD5: E5BBFC283D6F5D69B41E464676361020
PID: 2512 (3744) C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
PID: 1876 (3744) C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E
PID: 1728 (3744) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240
PID: 3832 ( 752) C:\Windows\system32\schtasks.exe
size: 151552
MD5: 1F171553F1138DC0062A71A7D275055A
PID: 532 (3744) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2
PID: 3996 (3812) c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
size: 149352
MD5: 2F237AAB91497AAA03AF48EAE68758FC
PID: 4032 (3744) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C
PID: 4084 (3744) C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0
PID: 2828 (3744) C:\Program Files\Alwil Software\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304
PID: 1572 (3744) C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
PID: 1776 (3744) C:\Windows\ehome\ehtray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C
PID: 3904 ( 880) C:\Windows\ehome\ehmsas.exe
size: 37376
MD5: 0F4195B9B348DE5CF9B822F81704B20E
PID: 6064 ( 880) C:\Windows\System32\mobsync.exe
size: 95744
MD5: 9B89B3BB79EA1ACF041F40A7B6FC5827
PID: 4756 (3744) C:\Program Files\Windows Media Player\wmpnscfg.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
PID: 5660 (3744) C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0
PID: 5696 (3744) C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
PID: 5764 (3744) C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B
PID: 5792 (3744) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F
PID: 5752 (3588) C:\hp\kbd\kbd.exe
size: 67128
MD5: 7CAC10A1C258DFCB5ADE563BAE6D2F15
PID: 2068 ( 880) C:\Program Files\Windows Live\Contacts\wlcomm.exe
size: 26464
MD5: ADC11749E6698FC30C603DFCCC4F98F2
PID: 3544 (5336) C:\Windows\system32\conime.exe
size: 69120
MD5: 6080A176D09435FC8E6E800996656E18
PID: 2652 (1112) C:\Windows\system32\taskeng.exe
size: 169984
MD5: E5BBFC283D6F5D69B41E464676361020
PID: 6020 (2240) C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
size: 1457064
MD5: 8A7D05395EF04AA6616F4C1B9F763D2D
PID: 4620 (3744) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 5365592
MD5: 0477C2F9171599CA5BC3307FDFBA8D89
PID: 4628 (4484) C:\Program Files\Internet Explorer\IEUser.exe
size: 299520
MD5: A8986E339A9215B9410484814224531E
PID: 3524 (4972) C:\Windows\system32\cmd.exe
size: 318976
MD5: 74F26FC01B180D4A99A168ED69C30A53
PID: 4488 (4628) C:\Program Files\Internet Explorer\iexplore.exe
size: 636080
MD5: 2C5168C856455CC43C4B4E1CC1920001
PID: 4724 (3524) C:\Windows\system32\cmd.exe
size: 318976
MD5: 74F26FC01B180D4A99A168ED69C30A53
PID: 4680 (4724) C:\Windows\system32\findstr.exe
size: 60928
MD5: 186954438DE3DDBF0B46F895B7936DE3
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 488 ( 4) smss.exe
size: 64000
PID: 564 ( 552) csrss.exe
size: 6144
PID: 624 ( 552) wininit.exe
size: 96768
PID: 636 ( 616) csrss.exe
size: 6144
PID: 672 ( 624) services.exe
size: 279552
PID: 684 ( 624) lsass.exe
size: 9728
PID: 696 ( 624) lsm.exe
size: 229888
PID: 796 ( 616) winlogon.exe
size: 314368
PID: 880 ( 672) svchost.exe
size: 21504
PID: 944 ( 672) nvvsvc.exe
size: 211488
PID: 972 ( 672) svchost.exe
size: 21504
PID: 1032 ( 672) svchost.exe
size: 21504
PID: 1064 ( 672) svchost.exe
size: 21504
PID: 1100 ( 672) svchost.exe
size: 21504
PID: 1112 ( 672) svchost.exe
size: 21504
PID: 1192 (1064) audiodg.exe
size: 88576
PID: 1220 ( 672) SLsvc.exe
size: 3408896
PID: 1256 ( 672) svchost.exe
size: 21504
PID: 1392 ( 672) svchost.exe
size: 21504
PID: 1584 ( 944) nvvsvc.exe
size: 211488
PID: 1684 ( 672) aswUpdSv.exe
PID: 1700 ( 672) ashServ.exe
PID: 2008 ( 672) spoolsv.exe
size: 127488
PID: 2032 ( 672) CCSVCHST.EXE
PID: 496 ( 672) svchost.exe
size: 21504
PID: 2368 ( 672) HPBtnSrv.exe
PID: 2500 ( 672) svchost.exe
size: 21504
PID: 2528 ( 672) IAANTmon.exe
PID: 2564 ( 672) LSSrvc.exe
PID: 2620 ( 672) svchost.exe
size: 21504
PID: 2780 ( 672) svchost.exe
size: 21504
PID: 2792 ( 672) svchost.exe
size: 21504
PID: 2816 ( 672) svchost.exe
size: 21504
PID: 2852 ( 672) svchost.exe
size: 21504
PID: 2880 ( 672) SearchIndexer.exe
size: 441344
PID: 3164 ( 672) SDWinSec.exe
size: 1153368
MD5: 794D4B48DFB6E999537C7C3947863463
PID: 3372 (1100) WUDFHost.exe
size: 142336
PID: 3816 (1112) taskeng.exe
size: 169984
PID: 6028 ( 672) ashMaiSv.exe
PID: 3480 ( 672) ashWebSv.exe
PID: 5620 ( 672) wmpnetwk.exe
PID: 5824 ( 672) AluSchedulerSvc.exe
PID: 5280 ( 672) HPHC_Service.exe
PID: 5368 ( 672) PresentationFontCache.exe


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 24/11/2009 16:26:06

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: MSAFD Tcpip [TCP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 4: MSAFD Tcpip [UDP/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 5: MSAFD Tcpip [RAW/IPv6]
GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IPv6 protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 6: Fournisseur de services RSVP TCPv6
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 7: Fournisseur de services RSVP TCP
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 8: Fournisseur de services RSVP UDPv6
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 9: Fournisseur de services RSVP UDP
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 15
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 10
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] SEQPACKET 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{C9A2E87E-A1BB-41BB-918E-196F9D129081}] DATAGRAM 13
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{4B49286F-0136-4B17-8A9C-05D83A2F44B0}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] SEQPACKET 18
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{EB1EBC5B-54EB-4874-97F2-D41CA8386C55}] DATAGRAM 18
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] SEQPACKET 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{53CEB202-5E71-4201-A526-4B2FEEB512EE}] DATAGRAM 16
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 32: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] SEQPACKET 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 33: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7BC966C3-E2E3-4E25-ABCF-F0EF2EC0B1CD}] DATAGRAM 14
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 34: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] SEQPACKET 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 35: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AED35E26-6A34-4CF2-BB53-DDB305B40402}] DATAGRAM 12
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 36: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] SEQPACKET 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 37: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{9E4E2DF7-DAB2-4444-95F5-79EAE79EB1A1}] DATAGRAM 11
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 38: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 39: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{46DEBCCF-8358-46D3-8C56-C7581F8F99DC}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 40: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 41: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1F47B3B0-9BCA-42B2-8348-55FF9DE2AFCA}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 42: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 43: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A37B2FC7-982D-4634-BAA1-6F046F18F5C4}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 44: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 45: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{1AEEBF4A-31A0-4624-A6D2-227D76F90088}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Espace de noms NLAv1 (Network Location Awareness Legacy)
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename:
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace

Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:

Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Namespace Provider 4: mdnsNSP
GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
Filename: C:\Program Files\Bonjour\mdnsNSP.dll
Description: Apple Rendezvous protocol
DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
DB protocol: mdnsNSP

Namespace Provider 5: TCP/IP
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename:
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 6: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS





Et voici avec la seconde étape :


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2009-11-24 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi
2009-11-10 Includes\AdwareC.sbi
2009-01-22 Includes\Cookies.sbi
2009-11-03 Includes\Dialer.sbi
2009-10-13 Includes\DialerC.sbi
2009-01-22 Includes\HeavyDuty.sbi
2009-05-26 Includes\Hijackers.sbi
2009-11-17 Includes\HijackersC.sbi
2009-10-20 Includes\Keyloggers.sbi
2009-10-20 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2009-11-10 Includes\Malware.sbi
2009-11-18 Includes\MalwareC.sbi
2009-03-25 Includes\PUPS.sbi
2009-11-17 Includes\PUPSC.sbi
2009-01-22 Includes\Revision.sbi
2009-01-13 Includes\Security.sbi
2009-11-10 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2009-11-03 Includes\Spyware.sbi
2009-11-10 Includes\SpywareC.sbi
2009-06-08 Includes\Tracks.uti
2009-11-17 Includes\Trojans.sbi
2009-11-17 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll


--- System information ---
Windows Vista (Build: 6002) Service Pack 3 (6.0.6002)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)


--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 392845E8D49B5F0E81AAC4D795000A8C

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 81000
MD5: 28E9092D50AE450662EEA4719E5AA304

Located: HK_LM:Run, ccApp
command: "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: c:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 51048
MD5: B01902E9451B3D39DC5CAFDC9B9B398C

Located: HK_LM:Run, GrooveMonitor
command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 33648
MD5: 35DCD380D4D579D8B8EA91D5D8AE444C

Located: HK_LM:Run, IAAnotif
command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
size: 178712
MD5: 1992E7E8BC448CEBA62DC698098C0BD2

Located: HK_LM:Run, KBD
command: C:\HP\KBD\KbdStub.EXE
file: C:\HP\KBD\KbdStub.EXE
size: 65536
MD5: 7088B136BB58A5F95CF0DE8386CA6C0F

Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot)
command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
size: 1312080
MD5: C5FCC0B761069FABD59E41B7C3280DDF

Located: HK_LM:Run, NPSStartup
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\NvCpl.dll
size: 13781536
MD5: 274631707A40398B8773CCB6DB3C2A81

Located: HK_LM:Run, OsdMaestro
command: "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
file: C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
size: 118784
MD5: B1361669BDC6ED612C35B7C67ADA2240

Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 6266880
MD5: D93985F5D87DF1A119E939EADB5C4B9E

Located: HK_LM:Run, SunJavaUpdateReg
command: "C:\Windows\system32\jureg.exe"
file: C:\Windows\system32\jureg.exe
size: 54936
MD5: 4F89DD4EA74C66916E15A6E7D74A50B5

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 149280
MD5: 3A0647BDED81DBE0BCBB51D70B22C9E0

Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E

Located: HK_CU:Run,
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, BitComet
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\BitComet\BitComet.exe" /tray
file: C:\Program Files\BitComet\BitComet.exe
size: 2567992
MD5: AC13C3F37D94401C3DAAC39A207BACC0

Located: HK_CU:Run, ehTray.exe
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C

Located: HK_CU:Run, msnmsgr
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
file: C:\Program Files\Windows Live\Messenger\msnmsgr.exe
size: 3883856
MD5: 18B4B12358EFCF68D76812058A26181F

Located: HK_CU:Run, Sidebar
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4

Located: HK_CU:Run, Speech Recognition
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
file: C:\Windows\Speech\Common\sapisvr.exe
size: 49664
MD5: 105A4D87C8DCF2CF5DB042830B203E5F

Located: HK_CU:Run, Task Menu
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\task.exe
file: C:\Users\stephane\Documents\task.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B

Located: HK_CU:Run, Windows Live Updater
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Users\stephane\Documents\Live Microsoft Update.exe
file: C:\Users\stephane\Documents\Live Microsoft Update.exe
size: 421517
MD5: 133DEB10641BF017962BEC85206D037B

Located: HK_CU:Run, WMPNSCFG
where: S-1-5-21-2014506545-1587375794-4220175357-1000...
command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D

Located: Démarrage (désactivé), HP Digital Imaging Monitor (DISABLED)
command: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
file: C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
size: 214360
MD5: CF03C8F6F6B0D71F6E5BCE167FCF7CA6

Located: Démarrage (désactivé), WiFi Station (DISABLED)
command: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE -s
file: C:\PROGRA~1\Hercules\WIFIST~1\WIFIST~1.EXE
size: 98304
MD5: BD009223C9C4AF53F67EBB4D5E9B790C

Located: Démarrage (désactivé), Enregistrement de (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe /remind /language=FRA /PRNM="Electronic Arts Product"
file: C:\Users\stephane\AppData\Local\Temp\MagicISO_01C9BD1F8DC709D7\EAregister.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: Démarrage (désactivé), ImpulseNow (DISABLED)
command: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
file: C:\PROGRA~1\Stardock\Impulse\Now\IMPULS~1.EXE
size: 365872
MD5: 4CD21FD02727AC6276B427B213D02100

Located: Démarrage (désactivé), OneNote 2007 - Capture d'écran et lancement (DISABLED)
command: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE /tsr
file: C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE
size: 101440
MD5: 9D0EEBDA40D5C33BC63FB8BB984F7681

Located: Démarrage (désactivé), OpenOffice.org 3.1 (DISABLED)
command: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
file: C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE
size: 384000
MD5: C047C9C6CD8E134AFDFDB374E80547E5

Located: Démarrage (désactivé), PES2010_widget4256769472 (DISABLED)
command: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
file: C:\Users\stephane\AppData\Local\Temp\Rar$EX00.932\PES2010_widget.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- Browser helper object list ---
{053F9267-DC04-4294-A72C-58F732D338C0} (HP Print Clips)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: HP Print Clips
Path: C:\Program Files\HP\Smart Web Printing\
Long name: hpswp_framework.dll
Short name: HPSWP_~3.DLL
Date (created): 02/03/2007 16:52:08
Date (last access): 17/03/2009 22:04:26
Date (last write): 02/03/2007 16:52:08
Filesize: 177768
Attributes: readonly archive
MD5: A40456DE4EF7E318104955361C72AC9D
CRC32: 6F06AAE2
Version: 2.15.7.0

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Aide pour le lien d'Adobe PDF Reader
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: https://get2.adobe.com/reader/otherversions/
info source: TonyKlein
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 22/10/2006 23:08:42
Date (last access): 12/11/2009 13:06:24
Date (last write): 22/10/2006 23:08:42
Filesize: 62080
Attributes: archive
MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A
CRC32: E388508F
Version: 8.0.0.456

{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet ClickCapture)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: BitComet ClickCapture
CLSID name: BitComet Helper
Path: C:\Program Files\BitComet\tools\
Long name: BitCometBHO_1.2.8.7.dll
Short name: BITCOM~2
0
Réponse 7 / 7
kalimusic Messages postés 14014 Date d'inscription samedi 7 novembre 2009 Statut Contributeur sécurité Dernière intervention 20 novembre 2015 3 027
24 nov. 2009 à 20:24
Bonsoir,

Tu es infecté, ton rapport Spybot S&D n'apporte rien => suis la procédure indiquée par tompie95 stp !

https://forums.commentcamarche.net/forum/affich-15289337-bloque-une-page-web-avec-un-logiciel#6

A +

0