Probleme virus / trojan security toolbar 7.1

patxi64btz -  
pierletop Messages postés 1 Statut Membre -
Bonjour,
depuis 2 jours une toolbar s'est installé sur mon ordinateur et plusieurs fenetres pop up n'arretent pas de s'afficher m'alertant d'un virus .
j'ai fait enormement de scan avc plusieurs logiciel mais impossible de m'en debarasser . ma page d'acceuil internet a aussi été changer . voici le rapport de scan hijack :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:03, on 28/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Alibaba\TRADEM~1\TradeManager.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\WildTangent\Apps\GameChannel.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\X'nBeep 1.1\XnBeep.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\yduhbqam.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang FR
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TradeManager] C:\PROGRA~1\Alibaba\TRADEM~1\TradeManager -hideframe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [swcpshell] C:\Windows\System32\csharpshell.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [WindowsHive] C:\WINDOWS\system32\rpcc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [3885af5e] rundll32.exe "C:\WINDOWS\system32\eauymkil.dll",b
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [csharpshell] C:\Windows\System32\csharpshell.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [X'nBeep] C:\Program Files\X'nBeep 1.1\XnBeep.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [userinit] C:\WINDOWS\system32\ntos.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: yesmessenger.lnk = C:\Program Files\YesMessenger\YesMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.c(...)
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00D2911.dat
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10885 bytes



merci de m'aider si possible car je suis vraiment desesperé ....

merci a tous

bye
A voir également:

4 réponses

Réponse 1 / 4
mucho 1 Messages postés 306 Statut Membre 8
 
Bonsoir,

dans un premier temps
Télécharge SDFix (créé par AndyManchesta) sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier sur le Bureau.

Redémarre ton PC en mode sans échec :
http://forum.telecharger.01net.com/forum/high-tech/SECURITE/Securite/redemarrer-mode-echec-sujet_1526_1.htm

Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.

Appuie sur Y pour commencer le processus de nettoyage et laisse le travailler et suis les instruction..
puis il va te demander d'appuyer sur une touche pour redémarrer. Appuie sur une touche pour redémarrer le PC.

Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau. Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

fais un copier/coller et poste le.

@+
0
Réponse 2 / 4
patxi64btz
 
merci pour votre réponse
voici le rapport de sdfix qui apparemment ne trouve pas de trojan


SDFix: Version 1.112

Run by jhjk on 28/10/2007 at 22:07

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\PATRIC~1\Bureau\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found

merci pour votre aide car jesuis vraiment desespéré
0
Réponse 3 / 4
mucho 1 Messages postés 306 Statut Membre 8
 
Télécharge Navilog1 (de IL.MAFIOSO) http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
- Double clique sur navilog1.exe pour lancer l'installation.
- Une fois l'installation terminée, le fix s'exécutera automatiquement.
- Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau.

Laisse-toi guider. Au menu principal, choisis l'option 1 et valide par [Entrée]
/*\ Ne fais pas le choix 2,3 ou 4 sans avis ou accord /*\
Patiente jusqu'au message : « Analyse terminée le .... »
Appuie sur une touche comme demandé, le Bloc-Notes va s'ouvrir.
Copie-colle l'intégralité du rapport dans ta prochaine réponse.

Attention!: Il est possible que ton antivirus refuse de laisser télécharger Navilog1, il suffit de le désactiver. N'oublie pas de le réactiver par la suite!
0
Réponse 4 / 4
pierletop Messages postés 1 Statut Membre
 
Bonjour,

J"ai moi aussi un problème de virus ou trojan avec FOTOMOTO & SECURITY TOOLBAR....je vous envoi mes copies/coller de mes scan ( HJT - VUNDO - COMBO MIX ) en espérant que l"un de vous pourra m'aider...je suis entrain de faire une petite dépression...




Logfile of HijackThis v1.99.1
Scan saved at 12:19:40, on 2007-11-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\sofhtupt.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Moi\Mes documents\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.canoe.qc.ca/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ttfkuhmo.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/controls/msnchat45.cab
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: DomainService - - C:\WINDOWS\system32\sofhtupt.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Documents and Settings\Moi\Mes documents\Spy Doctor\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Documents and Settings\Moi\Mes documents\Spy Doctor\Spyware Doctor\swdsvc.exe




VundoFix V6.5.4

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 11:50:03 2007-11-12

Listing files found while scanning....

No infected files were found.


VundoFix V6.5.4

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 11:52:07 2007-11-12

Listing files found while scanning....

No infected files were found.


Beginning removal...



ComboFix 07-11-08.1 - Moi 2007-11-12 11:55:54.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.147 [GMT -5:00]
Running from: C:\Documents and Settings\Moi\Mes documents\Trojan Remover\Combo Fix\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Autres\Favoris\Online Security Guide.lnk
C:\Favoris\Online Security Guide.lnk
C:\Program Files\Fichiers communs\{38C96~1
C:\Program Files\Fichiers communs\{48C96~1
C:\Program Files\Fichiers communs\{48C96~1\system.dll
C:\Program Files\Fichiers communs\{48C96~2
C:\Program Files\Fichiers communs\{48C96~2\system.dll
C:\Program Files\Fichiers communs\{48C96~3
C:\Program Files\Fichiers communs\{48C96~3\system.dll
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\History\search
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\fCOe
C:\Temp\fCOe\tOasF.log
C:\WINDOWS\cookies.ini
C:\WINDOWS\hosts
C:\WINDOWS\system32\a3
C:\WINDOWS\system32\bdeeg.bak1
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\dccdd.ini
C:\WINDOWS\system32\dccdd.ini2
C:\WINDOWS\system32\ddcyv.dll
C:\WINDOWS\system32\ddeeg.bak1
C:\WINDOWS\system32\ddeeg.ini
C:\WINDOWS\system32\ddeeg.ini2
C:\WINDOWS\system32\ddeeg.tmp
C:\WINDOWS\system32\djgelmeo.ini
C:\WINDOWS\system32\djgelmeo.ini2
C:\WINDOWS\system32\g1
C:\WINDOWS\system32\g1\caws83122.exe
C:\WINDOWS\system32\geedd.dll
C:\WINDOWS\system32\ghngiykk.dllbox
C:\WINDOWS\system32\hhkmp.bak1
C:\WINDOWS\system32\hhkmp.ini2
C:\WINDOWS\system32\hhkmp.tmp
C:\WINDOWS\system32\jkijgegm.dllbox
C:\WINDOWS\system32\klnmp.bak1
C:\WINDOWS\system32\klnmp.bak2
C:\WINDOWS\system32\klnmp.ini2
C:\WINDOWS\system32\oTt04e
C:\WINDOWS\system32\oTt04e\oTt04e1080.exe
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\qrqss.bak1
C:\WINDOWS\system32\qrqss.ini
C:\WINDOWS\system32\qtutv.bak1
C:\WINDOWS\system32\qtutv.bak2
C:\WINDOWS\system32\qtutv.ini2
C:\WINDOWS\system32\qtutv.tmp
C:\WINDOWS\system32\vxtspwjj.dllbox
C:\WINDOWS\system32\wpjemapw.dllbox
C:\WINDOWS\system32\z1
C:\WINDOWS\TTC-4444.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_CLIENT_IP-IPX
-------\LEGACY_DOMAINSERVICE
-------\DomainService


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-12 to 2007-11-12 ))))))))))))))))))))))))))))))))))))
.

2007-11-12 11:53 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-12 11:50 <REP> d-------- C:\VundoFix Backups
2007-11-12 11:34 89,664 --------- C:\WINDOWS\system32\qgtjnlda.dll
2007-11-12 11:32 81,472 --a------ C:\WINDOWS\system32\wcvibfvc.dll
2007-11-12 03:11 89,664 --------- C:\WINDOWS\system32\dleefhwo.dll
2007-11-12 03:09 81,472 --a------ C:\WINDOWS\system32\ccfusygv.dll
2007-11-12 01:32 71,232 --a------ C:\WINDOWS\system32\vcsxstcn.exe
2007-11-12 01:31 71,232 --a------ C:\WINDOWS\system32\trbiwmbw.exe
2007-11-11 22:03 79,936 --a------ C:\WINDOWS\system32\yqnempbn.dll
2007-11-11 18:46 79,936 --a------ C:\WINDOWS\system32\xrvpmvgr.dll
2007-11-11 06:46 79,936 --a------ C:\WINDOWS\system32\agopldcc.dll
2007-11-10 21:19 81,472 --a------ C:\WINDOWS\system32\bfagdupj.dll
2007-11-10 21:13 85,056 --a------ C:\WINDOWS\system32\lidytmib.dll
2007-11-10 21:04 81,472 --a------ C:\WINDOWS\system32\yaypcoxb.dll
2007-11-10 20:39 <REP> d-------- C:\Program Files\MSN Messenger
2007-11-09 16:00 <REP> d-------- C:\Documents and Settings\Moi\Application Data\PC Tools
2007-11-08 21:38 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-11-08 21:38 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-11-08 21:38 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-11-08 21:38 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-11-07 22:38 79,936 --a------ C:\WINDOWS\system32\brsidabn.dll
2007-11-07 22:36 86,080 --a------ C:\WINDOWS\system32\oemlegjd.dll
2007-11-07 22:17 86,080 --a------ C:\WINDOWS\system32\vbwkjnos.dll
2007-11-07 22:17 79,936 --a------ C:\WINDOWS\system32\dakfkjrt.dll
2007-11-07 19:45 79,936 --a------ C:\WINDOWS\system32\vcxnvoor.dll
2007-11-07 15:35 79,936 --a------ C:\WINDOWS\system32\oipeasjf.dll
2007-11-07 15:26 79,936 --a------ C:\WINDOWS\system32\lodapwoy.dll
2007-11-07 15:25 79,936 --a------ C:\WINDOWS\system32\vhimpobu.dll
2007-11-07 15:25 79,936 --a------ C:\WINDOWS\system32\kihcqdmh.dll
2007-11-07 15:23 79,936 --a------ C:\WINDOWS\system32\ivuacrhe.dll
2007-11-07 15:22 79,936 --a------ C:\WINDOWS\system32\rnhtsoev.dll
2007-11-07 14:58 86,080 --a------ C:\WINDOWS\system32\najwcfsj.dll
2007-11-05 23:39 83,008 --a------ C:\WINDOWS\system32\gutiijwi.dll
2007-11-05 23:10 83,008 --a------ C:\WINDOWS\system32\qdeidnbm.dll
2007-11-05 23:07 85,568 --a------ C:\WINDOWS\system32\edsvyusl.dll
2007-11-05 21:50 83,008 --a------ C:\WINDOWS\system32\sgkctvgc.dll
2007-11-05 20:24 83,008 --a------ C:\WINDOWS\system32\jdcotouo.dll
2007-11-05 16:38 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-11-05 16:36 <REP> d-------- C:\Documents and Settings\Moi\Application Data\Simply Super Software
2007-11-05 16:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2007-11-05 16:36 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2007-11-05 16:36 153,088 --a------ C:\WINDOWS\system32\unrar3.dll
2007-11-05 16:36 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2007-11-05 16:36 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2007-11-05 14:37 269 --a------ C:\WINDOWS\system32\4496.bat
2007-11-05 14:36 <REP> d--hs---- C:\WINDOWS\UGllcnJlIExhdXJlbmRlYXU
2007-11-05 14:36 <REP> d-------- C:\Temp
2007-11-05 14:36 35,328 --a------ C:\WINDOWS\system32\ssqqqnk.dll
2007-11-05 14:36 0 --a------ C:\WINDOWS\system32\taskkill.exe
2007-11-05 13:28 <REP> d-------- C:\Program Files\Acoustica Mixcraft
2007-10-30 14:49 <REP> dr------- C:\Documents and Settings\LocalService\Favoris
2007-10-30 00:09 <REP> d-------- C:\Program Files\Fichiers communs\SureThing Shared
2007-10-24 22:48 <REP> d-------- C:\Program Files\MSXML 4.0
2007-10-23 15:00 <REP> d-------- C:\Program Files\Fichiers communs\MAGIX Shared
2007-10-23 15:00 85,504 --a------ C:\WINDOWS\system32\HtmlWH.dll
2007-10-23 15:00 49,152 --a------ C:\WINDOWS\system32\INETWH32.dll
2007-10-23 14:59 <REP> d-------- C:\WINDOWS\system32\MAGIX
2007-10-23 14:59 643,072 --a------ C:\WINDOWS\system32\mgxoschk.dll
2007-10-23 13:19 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-10-15 23:53 58,904 --a------ C:\WINDOWS\system32\is4tray.dll
2007-10-15 21:06 <REP> d-------- C:\EPSON
2007-10-15 14:30 <REP> d-------- C:\Documents and Settings\Moi\Application Data\Smart Panel
2007-10-15 14:27 <REP> d-------- C:\Program Files\Fichiers communs\Python
2007-10-15 14:27 708,696 --a------ C:\WINDOWS\system32\python21.dll
2007-10-15 14:27 290,919 --a------ C:\WINDOWS\system32\pythoncom21.dll
2007-10-15 14:27 57,344 --a------ C:\WINDOWS\system32\PyWinTypes21.dll
2007-10-15 14:25 <REP> d-------- C:\Program Files\SEIKO EPSON Corp
2007-10-15 14:25 96,768 --a------ C:\WINDOWS\SlantAdj.dll
2007-10-15 14:25 73,216 --a------ C:\WINDOWS\ADE.DLL
2007-10-15 14:25 3,136 --a------ C:\WINDOWS\Ade001.bin

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-12 05:08 --------- d-----w C:\Program Files\Macromedia
2007-11-12 04:58 --------- d-----w C:\Program Files\Fichiers communs\Macromedia
2007-11-10 14:21 --------- d-----w C:\Documents and Settings\Moi\Application Data\LimeWire
2007-11-09 04:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-09 04:05 --------- d-----w C:\Program Files\Services en ligne
2007-11-07 02:48 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-11-07 02:47 --------- d-----w C:\Program Files\Shockwave.com
2007-11-07 02:37 --------- d-----w C:\Program Files\BoontyGames
2007-11-05 21:38 --------- d-----w C:\Documents and Settings\Moi\Application Data\GetRightToGo
2007-11-05 21:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-05 19:39 147,456 ----a-w C:\WINDOWS\system32\vbzip10.dll
2007-10-30 20:00 69,632 ----a-w C:\WINDOWS\AutoUpdateWin31.dll
2007-10-30 19:59 32,768 ----a-w C:\WINDOWS\AutoUpdateWin33.exe
2007-10-23 19:57 --------- d-----w C:\Documents and Settings\Moi\Application Data\RagTime
2007-10-16 02:16 --------- d-----w C:\Documents and Settings\Moi\Application Data\EPSON
2007-10-16 00:50 --------- d-----w C:\Program Files\Smart Panel
2007-10-15 19:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-02 15:47 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
2007-10-02 15:47 --------- d-----w C:\Program Files\Logitech
2007-10-02 15:45 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2007-10-02 04:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Banner Maker Pro for Flash
2007-09-27 13:25 --------- d-----w C:\Documents and Settings\Moi\Application Data\U3
2007-09-27 13:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2007-09-25 02:59 --------- d-----w C:\Documents and Settings\Moi\Application Data\AntsSoft
2007-09-24 19:01 --------- d-----w C:\Program Files\Google
2007-09-24 18:58 --------- d-----w C:\Program Files\EPSON
2007-09-23 03:57 --------- d-----w C:\Program Files\Java
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-02 13:43 282,624 ----a-w C:\Program Files\TTC.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D6EA07D-A1ED-4549-B912-590053C71F14}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2010EFE0-92C4-4EBE-A5B8-FFD8515B2E0E}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3DCDF84A-1C7C-4D3C-9866-53E65DC5EB74}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{535d468c-fe83-4d70-80cd-4d473177bc6d}]
2007-11-12 11:32 81472 --a------ C:\WINDOWS\system32\wcvibfvc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B07562B6-C85E-449D-877F-86AD2740988E}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B5E03107-4AD4-4378-B93A-2A8C0C053147}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BCC73622-F72D-4277-803C-D65565A0947F}]
2007-11-05 14:36 35328 --a------ C:\WINDOWS\system32\ssqqqnk.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F042A021-0724-4BF7-A1A3-0DFCD14558BA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"48c96f37"="C:\WINDOWS\system32\qgtjnlda.dll" [2007-11-12 11:34]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{BCC73622-F72D-4277-803C-D65565A0947F}"= C:\WINDOWS\system32\ssqqqnk.dll [2007-11-05 14:36 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqqqnk]
ssqqqnk.dll 2007-11-05 14:36 35328 C:\WINDOWS\system32\ssqqqnk.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\geedd.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^taskmgr.VIR]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinZip Quick Pick.lnk]
backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^YourScreen.lnk]
backup=C:\WINDOWS\pss\YourScreen.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Moi^Menu Démarrer^Programmes^Démarrage^Event Reminder.lnk]
backup=C:\WINDOWS\pss\Event Reminder.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\[u]0[/u]mcamcap]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\48c96f37]
rundll32.exe "C:\WINDOWS\system32\oemlegjd.dll",b

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AltnetPointsManager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CommandosBELSetup.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\CTFMON.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Evidence Eliminator]
C:\Documents and Settings\Moi\Mes documents\Utilitaires\Evidence Eliminator\Evidence Eliminator\ee.exe /m

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
HDAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon04]
C:\WINDOWS\system32\hphmon04.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD04]
"C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstaFinderK]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InteliSys]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Invisible Secrets 4]
C:\DOCUME~1\Moi\MESDOC~1\UTILIT~1\INVISI~1\INVISI~1\invtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Documents and Settings\Moi\Mes documents\Utilitaires\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KAZAA]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KazaaBooster]
aaDisabled

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
Logi_MwX.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2P Networking]
p2pnetworking.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCShield]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PopUpStopperFreeEdition]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ReJf5vH]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Security]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SemanticInsight]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\shell]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
"C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Street_Legal_Racing_Redline.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfAccuracy]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTray]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TacticalOpsSetup.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tbon]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trickler]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\trioService]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updater]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zBrowser Launcher]
C:\Program Files\Logitech\iTouch\iTouch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ze Calculator]
C:\Documents and Settings\Moi\Mes documents\Utilitaires\Argent Convertisseur\Calculator.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NVSvc"=2 (0x2)
"Boonty Games"=3 (0x3)
"iPodService"=3 (0x3)
"IDriverT"=3 (0x3)

R3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\Drivers\LCcFltr.Sys
S3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);C:\WINDOWS\system32\DRIVERS\alcan5ln.sys
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"

.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-12 12:08:45
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-12 12:10:48 - machine was rebooted
.
--- E O F ---

Merci d'avance de votre aide

Pierletop
0

Discussions similaires

SecurityHealth est a désactiver ou pas au démarrage de W10 Pro 64 ?
Walti55 -
Walti55 -

2 réponses
Security boot fail lors du démarrage
Steu -
Thiecoss -

5 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Analyse de l'appli "AI SECURITY"
cl06 -
CCMBot -

1 réponse
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses