Virus IE et mozilla

Résolu
tidochouse Messages postés 266 Statut Membre -  
tidochouse Messages postés 266 Statut Membre -
Bonjour,et bonne année a tous

Il m'arrive un truc assez bizzare que ce soit avec IE ou mozilla firefox. Je m'explique lorsque j'effectue une recherche sur google,et que je clique sur un lien sa m'envoi directos ds un autre site.A chaque fois.
Exemple si je tape dans google Comment ca marche il va me proposer comment sa marche comunauté informatique.... des que je clique dessus sa menvoi vers un autre site qui n'a rien a voir et ceci avec tout et tt le temps.Du coup je suis obliger de taper tt ds la bare d'adresse alor quand c'est pour un recherche cela devient impossible.

Que dois-je faire.??
merci de votre aide
Configuration: Windows XP
Internet Explorer 7.0

13 réponses

  1. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    Bienvenue sur le forum d’entraide de CommentCaMarche.net

    Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
    De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
    Merci de votre compréhension.

    Télécharge HijackThis ici:
    http://telechargement.zebulon.fr/138-hijackthis-1991.html

    Dézippe le dans un dossier prévu à cet effet.
    Par exemple C:\hijackthis < Enregistre-le bien dans c : !
    Démo : (Merci a Balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/balltrap34/Hijenr.gif

    Lance le puis:
    Clique sur "do a system scan and save logfile" (cf démo)
    Faire un copier coller du log entier sur le forum

    Démo : (Merci a Balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/balltrap34/demohijack.htm

    Bon courage

    A+
    0
  2. tidochouse Messages postés 266 Statut Membre 23
     
    Merci pour votre aide.

    Voila ce que vous avez demander:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:09:35, on 01/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\SatSrv.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe
    C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Fichiers communs\System\$sys$explorer.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
    C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Rar$EX01.813\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Messenger\msmsgs.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
    O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SSS2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe"
    O4 - HKLM\..\Run: [SSS2007 HotKeys] "C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe"
    O4 - HKLM\..\Run: [SSS2007 File Redirection Starter] "C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{438904B9-AAAF-44E1-A08E-D6E490DEF698}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{55AE282E-0E86-4F0E-8C38-255DDE167419}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7E7E9677-783F-40D7-80C9-186283C66C98}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O17 - HKLM\System\CS1\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O17 - HKLM\System\CS2\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Explorer - Unknown owner - C:\Program Files\Fichiers communs\System\$sys$explorer.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\\SatSrv.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    0
  3. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    OK

    Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    et sauvegarde le sur ton bureau et pas ailleurs!

    Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
    Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

    Copie/colle un nouveau rapport HiJackThis avec.
    0
  4. tidochouse Messages postés 266 Statut Membre 23
     
    Voila pour combofix

    ComboFix 07-12-31.4 - Nicolas 2008-01-01 20:10:31.3 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.442 [GMT 1:00]
    Running from: C:\Documents and Settings\Nicolas\Bureau\ComboFix.exe
    .
    /wow section - STAGE 3
    /wow section - STAGE 4
    /wow section - STAGE 4
    /wow section - STAGE 6
    /wow section - STAGE 7
    /wow section - STAGE 8
    /wow section - STAGE 9
    /wow section - STAGE 10
    /wow section - STAGE 13
    /wow section - STAGE 19
    /wow section - STAGE 8
    /wow section - STAGE 9
    /wow section - STAGE 10
    /wow section - STAGE 13
    /wow section - STAGE 19
    /wow section - STAGE 20
    /wow section - STAGE 28
    /wow section - STAGE 30
    /wow section - STAGE 34A
    /wow section - STAGE 36
    /wow section non terminée

    /wow section non terminée

    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-01 to 2008-01-01 ))))))))))))))))))))))))))))))))))))
    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-01 to 2008-01-01 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-01 19:22 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-01 14:14 . 2008-01-01 14:14 <REP> d-------- C:\Program Files\MSXML 6.0
    2008-01-01 14:12 . 2008-01-01 14:18 <REP> d-------- C:\Program Files\Microsoft SQL Server
    2008-01-01 14:01 . 2008-01-01 14:09 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
    2008-01-01 14:01 . 2008-01-01 17:52 <REP> d-------- C:\Program Files\Fichiers communs\Merge Modules
    2008-01-01 13:33 . 2008-01-01 13:33 357 --a------ C:\Documents and Settings\Nicolas\.cb_layout.bin
    2008-01-01 12:30 . 2008-01-01 13:33 <REP> d-------- C:\Documents and Settings\Nicolas\.CodeBlocks
    2008-01-01 12:29 . 2008-01-01 12:30 <REP> d-------- C:\Program Files\CodeBlocks
    2007-12-31 22:40 . 2007-12-31 22:40 1,158 --a------ C:\WINDOWS\mozver.dat
    2007-12-30 21:49 . 2007-12-30 21:49 <REP> d-------- C:\Program Files\Veoh Networks
    2007-12-30 21:48 . 2007-12-30 21:48 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-12-30 19:12 . 2007-12-30 19:13 <REP> d-------- C:\Program Files\Steganos Security Suite 2007
    2007-12-30 01:07 . 2007-12-30 01:07 268 --ah----- C:\sqmdata11.sqm
    2007-12-30 01:07 . 2007-12-30 01:07 244 --ah----- C:\sqmnoopt11.sqm
    2007-12-30 00:51 . 2007-12-30 00:51 <REP> d-------- C:\Documents and Settings\MI6\Application Data\Nero
    2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
    2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\Program Files\SAMSUNG
    2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
    2007-12-30 00:33 . 2004-08-09 05:04 73,728 --a------ C:\WINDOWS\system32\ISUSPM.cpl
    2007-12-30 00:33 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
    2007-12-28 17:31 . 2007-12-28 17:31 244 --ah----- C:\sqmnoopt10.sqm
    2007-12-28 17:31 . 2007-12-28 17:31 232 --ah----- C:\sqmdata10.sqm
    2007-12-27 18:35 . 2007-12-27 18:35 <REP> d--h----- C:\WINDOWS\PIF
    2007-12-27 18:13 . 2007-12-27 18:13 <REP> d-------- C:\Program Files\NeroInstall.bak
    2007-12-27 18:12 . 2007-10-26 08:04 3,945,768 --a------ C:\WINDOWS\system32\AdvrCntr3D6E0B790.dll
    2007-12-27 16:30 . 2007-12-27 16:30 <REP> d-------- C:\Program Files\Nero
    2007-12-27 16:30 . 2007-12-27 16:33 <REP> d-------- C:\Program Files\Fichiers communs\Nero
    2007-12-27 14:51 . 2007-12-27 14:51 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\vlc
    2007-12-26 23:58 . 2008-01-01 17:59 69 --a------ C:\WINDOWS\NeroDigital.ini
    2007-12-26 22:51 . 2007-12-26 22:51 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Ashampoo
    2007-12-26 22:49 . 2007-12-26 22:49 <REP> d-------- C:\Program Files\Ashampoo
    2007-12-26 22:49 . 2007-12-26 22:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ashampoo
    2007-12-26 21:57 . 2007-12-26 21:57 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Nero
    2007-12-26 21:50 . 2007-12-27 16:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nero
    2007-12-26 20:10 . 2007-12-26 20:10 <REP> d-------- C:\WINDOWS\Sun
    2007-12-26 18:58 . 2007-12-26 18:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
    2007-12-26 18:53 . 2007-12-26 18:53 <REP> d-------- C:\Program Files\Bonjour
    2007-12-26 18:46 . 2007-03-08 00:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll
    2007-12-26 18:46 . 2007-03-08 00:51 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
    2007-12-26 18:46 . 2007-03-08 00:51 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2007-12-26 18:45 . 2007-12-26 18:47 <REP> d-------- C:\Program Files\Winamp
    2007-12-26 18:45 . 2007-12-26 18:48 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Winamp
    2007-12-26 18:42 . 2007-12-26 18:42 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
    2007-12-26 18:02 . 2007-12-26 18:02 244 --ah----- C:\sqmnoopt09.sqm
    2007-12-26 18:02 . 2007-12-26 18:02 232 --ah----- C:\sqmdata09.sqm
    2007-12-26 14:10 . 2007-12-26 14:10 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\InterVideo
    2007-12-26 00:39 . 2007-12-26 00:39 268 --ah----- C:\sqmdata08.sqm
    2007-12-26 00:39 . 2007-12-26 00:39 244 --ah----- C:\sqmnoopt08.sqm
    2007-12-26 00:37 . 2007-12-26 18:16 <REP> d-------- C:\Documents and Settings\MI6\Application Data\Desktop Sidebar
    2007-12-26 00:26 . 2008-01-01 20:03 45 --a------ C:\TEST.XML
    2007-12-26 00:11 . 2007-12-26 00:11 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Talkback
    2007-12-25 23:18 . 2007-12-25 23:18 <REP> d-------- C:\Program Files\Microsoft Works
    2007-12-25 23:18 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
    2007-12-25 23:13 . 2007-12-25 23:14 <REP> d-------- C:\WINDOWS\SHELLNEW
    2007-12-25 19:27 . 2004-08-10 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
    2007-12-25 18:54 . 2007-12-25 18:54 <REP> d-------- C:\WINDOWS\system32\AlertModule
    2007-12-25 18:54 . 2004-08-23 14:49 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
    2007-12-25 18:54 . 2005-10-06 14:55 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
    2007-12-25 18:52 . 2007-12-25 18:52 <REP> d-------- C:\Program Files\Securitoo
    2007-12-25 15:53 . 2007-12-25 15:53 <REP> d-------- C:\Program Files\uTorrent
    2007-12-25 12:46 . 2007-12-25 12:47 <REP> d-------- C:\WINDOWS\system32\fr-fr
    2007-12-25 12:37 . 2007-10-11 00:49 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
    2007-12-25 12:37 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2007-12-25 12:37 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2007-12-25 12:37 . 2007-10-11 00:49 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2007-12-25 12:37 . 2007-10-11 00:49 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2007-12-25 12:37 . 2007-10-11 00:49 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
    2007-12-25 12:37 . 2007-10-11 00:49 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
    2007-12-25 12:37 . 2007-10-11 00:49 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2007-12-25 12:37 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-12-25 12:36 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
    2007-12-23 23:21 . 2007-12-23 23:32 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Desktop Sidebar
    2007-12-23 23:20 . 2007-12-23 23:20 <REP> d-------- C:\Program Files\Desktop Sidebar
    2007-12-23 22:43 . 2008-01-01 17:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2007-12-23 22:42 . 2007-12-23 22:42 <REP> d-------- C:\Program Files\MSECache
    2007-12-23 22:23 . 2007-12-23 22:23 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\AdobeUM
    2007-12-23 21:47 . 2008-01-01 20:07 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\uTorrent
    2007-12-23 20:25 . 2007-12-23 20:25 268 --ah----- C:\sqmdata07.sqm
    2007-12-23 20:25 . 2007-12-23 20:25 244 --ah----- C:\sqmnoopt07.sqm
    2007-12-23 20:16 . 2007-12-23 20:16 0 --a------ C:\WINDOWS\WB.ini
    2007-12-23 19:58 . 2007-12-23 19:58 <REP> d-------- C:\Program Files\Stardock
    2007-12-23 19:58 . 2007-07-11 15:06 42,672 --a------ C:\WINDOWS\system32\wbsys.dll
    2007-12-22 19:54 . 2007-12-22 19:54 244 --ah----- C:\sqmnoopt06.sqm
    2007-12-22 19:54 . 2007-12-22 19:54 232 --ah----- C:\sqmdata06.sqm
    2007-12-22 19:44 . 2007-12-22 19:50 <REP> d-------- C:\Program Files\@stake
    2007-12-22 19:44 . 2002-02-05 10:59 599,800 --a------ C:\WINDOWS\system32\Cfx4032.ocx
    2007-12-22 19:44 . 2001-10-08 08:46 136,976 --a------ C:\WINDOWS\system32\SfxBar.dll
    2007-12-22 19:40 . 2007-12-22 19:40 244 --ah----- C:\sqmnoopt05.sqm
    2007-12-22 19:40 . 2007-12-22 19:40 232 --ah----- C:\sqmdata05.sqm
    2007-12-22 19:33 . 2007-12-22 19:33 244 --ah----- C:\sqmnoopt04.sqm
    2007-12-22 19:33 . 2007-12-22 19:33 232 --ah----- C:\sqmdata04.sqm
    2007-12-22 19:29 . 2007-12-22 19:29 244 --ah----- C:\sqmnoopt03.sqm
    2007-12-22 19:29 . 2007-12-22 19:29 244 --ah----- C:\sqmnoopt02.sqm
    2007-12-22 19:29 . 2007-12-22 19:29 232 --ah----- C:\sqmdata03.sqm
    2007-12-22 19:29 . 2007-12-22 19:29 232 --ah----- C:\sqmdata02.sqm
    2007-12-22 19:11 . 2007-12-22 21:29 <REP> d-------- C:\Documents and Settings\MI6\Application Data\uTorrent
    2007-12-22 19:07 . 2007-12-22 19:07 244 --ah----- C:\sqmnoopt01.sqm
    2007-12-22 19:07 . 2007-12-22 19:07 232 --ah----- C:\sqmdata01.sqm
    2007-12-22 18:59 . 2007-12-22 18:59 <REP> d-------- C:\Program Files\TGTSoft
    2007-12-22 18:51 . 2007-12-22 18:51 244 --ah----- C:\sqmnoopt00.sqm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-01 13:16 --------- d-----w C:\Program Files\Microsoft.NET
    2008-01-01 12:33 357 ----a-w C:\Documents and Settings\Nicolas\.cb_layout.bin
    2007-12-30 20:50 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-29 23:33 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-12-28 17:35 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2007-12-23 22:38 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2007-12-23 20:34 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Symantec
    2007-12-22 21:43 --------- d-----w C:\Program Files\X10 Hardware
    2007-12-22 21:43 --------- d-----w C:\Program Files\Windows Plus
    2007-12-22 21:43 --------- d-----w C:\Program Files\Windows Desktop Search
    2007-12-22 21:43 --------- d-----w C:\Program Files\Toshiba
    2007-12-22 21:42 --------- d-----w C:\Program Files\Synaptics
    2007-12-22 21:42 --------- d-----w C:\Program Files\Symantec
    2007-12-22 21:41 --------- d---a-w C:\Program Files\Offre Wanadoo
    2007-12-22 21:41 --------- d-----w C:\Program Files\Sonic
    2007-12-22 21:41 --------- d-----w C:\Program Files\Services en ligne
    2007-12-22 21:41 --------- d-----w C:\Program Files\Realtek
    2007-12-22 21:41 --------- d-----w C:\Program Files\Norton Internet Security
    2007-12-22 21:40 --------- d-----w C:\Program Files\MSN Toolbar Suite
    2007-12-22 21:40 --------- d-----w C:\Program Files\microsoft frontpage
    2007-12-22 21:40 --------- d-----w C:\Program Files\ltmoh
    2007-12-22 21:40 --------- d-----w C:\Program Files\InterVideo
    2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
    2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\ODBC
    2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
    2007-12-22 21:37 --------- d-----w C:\Program Files\Fichiers communs\Java
    2007-12-22 21:37 --------- d-----w C:\Program Files\Fichiers communs\InterVideo
    2007-12-22 21:37 --------- d-----w C:\Program Files\Common Files
    2007-12-22 21:30 --------- d-----w C:\Documents and Settings\LocalService\Application Data\X10 Commander
    2007-12-22 21:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Windows Desktop Search
    2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\toshiba
    2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Sonic
    2007-12-22 16:11 87,952 ------w C:\WINDOWS\system32\drivers\bdfndisf.sys
    2007-12-22 16:11 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll
    2007-12-22 14:28 --------- d-----w C:\Program Files\Intel
    2007-10-23 13:20 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
    2007-10-22 07:51 972,072 ----a-w C:\WINDOWS\UNRecode.exe
    2007-10-20 18:17 39,424 ----a-w C:\WINDOWS\runtime.exe
    2007-10-19 17:43 491,520 ----a-w C:\WINDOWS\dependencies.exe
    2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-01-01_19.43.37.01 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-01-01 18:35:21 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    + 2008-01-01 19:09:34 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1427A821-7B93-4F08-9A34-9FA03A3D93DB}]
    2007-05-21 10:11 20480 --a------ C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}
    {C4069E3A-68F1-403E-B40E-20066696354B}
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
    {381FFDE8-2394-4F90-B10D-FC6124A40F8C}
    {D0943516-5076-4020-A3B5-AEFAF26AB263}

    [HKEY_CLASSES_ROOT\clsid\{381ffde8-2394-4f90-b10d-fc6124a40f8c}]
    [HKEY_CLASSES_ROOT\BitDefender Toolbar]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 13:00 15360]
    "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 15:08 65536]
    "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
    "STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 19:31 1372160]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-10-23 14:18 202024]
    "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2007-12-19 16:31 3477504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 12:34 64512]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-05-01 21:04 7557120]
    "nwiz"="nwiz.exe" [2006-05-01 21:04 1519616 C:\WINDOWS\system32\nwiz.exe]
    "NVRotateSysTray"="C:\WINDOWS\system32\nvsysrot.dll" [2006-05-01 21:04 49152]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 00:02 761948]
    "RTHDCPL"="RTHDCPL.EXE" [2006-05-05 14:59 16206848 C:\WINDOWS\RTHDCPL.exe]
    "LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2004-08-18 11:37 184320]
    "AGRSMMSG"="AGRSMMSG.exe" [2005-12-13 15:50 88204 C:\WINDOWS\agrsmmsg.exe]
    "THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2006-08-25 12:47 356352]
    "TPSMain"="TPSMain.exe" [2005-08-03 15:09 266240 C:\WINDOWS\system32\TPSMain.exe]
    "NDSTray.exe"="NDSTray.exe" []
    "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 12:11 73728]
    "SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2005-05-17 08:24 118784]
    "TFncKy"="TFncKy.exe" []
    "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-10-06 04:20 122940]
    "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-09-16 23:27 52848]
    "IS CfgWiz"="C:\Program Files\Norton Internet Security\cfgwiz.exe" [2005-09-29 21:33 120464]
    "SSC_UserPrompt"="C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-10 10:57 218240]
    "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 00:38 802816]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 00:32 696320]
    "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-12-22 17:11 319488]
    "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-12-22 17:11 61440]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
    "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-12-20 16:16 37376]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 12:03 36975]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
    "SSS2007 PasswordManagerFFAutoFill"="C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe" [2007-05-21 10:11 21504]
    "SSS2007 HotKeys"="C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe" [2007-05-21 10:11 25088]
    "SSS2007 File Redirection Starter"="C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe" [2007-05-15 15:18 53248]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2006-03-26 21:44:08]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 12:11 233472]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
    C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-12-23 20:01 229376 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=wbsys.dll

    R1 bdftdif;bdftdif;C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys [2007-12-22 17:11]
    R1 SLEE_15_DRIVER;Steganos Live Encryption Engine 15 [Driver];C:\WINDOWS\system32\drivers\Sleen15.sys [2007-02-21 12:33]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3;C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 08:51]
    R2 SQLWriter;Enregistreur VSS SQL Server;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 05:29]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-12-22 17:11]
    R3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2007-08-02 17:03]
    R3 BDSelfPr;BDSelfPr;C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2007-08-08 14:12]
    R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-10 13:00]
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 09:45]
    S2 Explorer;Explorer;"C:\Program Files\Fichiers communs\System\$sys$explorer.exe" [2007-12-23 19:57]
    S3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 13:47]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan

    *Newly Created Service* - COMHOST
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-01 18:20:00 C:\WINDOWS\Tasks\Check Updates for MSN Search Toolbar.job"
    - C:\Program Files\MSN Toolbar Suite\MSNTBUP.EXE
    "2007-12-22 14:25:43 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2007-12-22 14:25:44 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2006-09-22 12:11:50 C:\WINDOWS\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-01 20:13:06
    Windows 5.1.2600 Service Pack 2 NTFS

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-01 20:13:06
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr]
    "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
    .
    Completion time: 2008-01-01 20:13:38
    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-01 19:13:35
    C:\qoobox\ComboFix2.txt 2008-01-01 18:43:58
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. tidochouse Messages postés 266 Statut Membre 23
     
    et pour hjjackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:17:45, on 01/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\SatSrv.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe
    C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe
    C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\Fichiers communs\System\$sys$explorer.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Rar$EX00.719\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
    O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SSS2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe"
    O4 - HKLM\..\Run: [SSS2007 HotKeys] "C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe"
    O4 - HKLM\..\Run: [SSS2007 File Redirection Starter] "C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{438904B9-AAAF-44E1-A08E-D6E490DEF698}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{55AE282E-0E86-4F0E-8C38-255DDE167419}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7E7E9677-783F-40D7-80C9-186283C66C98}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O17 - HKLM\System\CS1\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O17 - HKLM\System\CS2\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Explorer - Unknown owner - C:\Program Files\Fichiers communs\System\$sys$explorer.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\\SatSrv.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    0
  7. tidochouse Messages postés 266 Statut Membre 23
     
    alors?
    0
  8. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    Alors? On est bénévole je te le rappelle.

    Je te rappelle qu'aussi, il faut laisser finir le scan avant, alors que la, tu as copier coller le rapport combofix alors qu'il n'avait pas terminé...

    A+
    0
  9. tidochouse Messages postés 266 Statut Membre 23
     
    :-( desolé :-( Faut dire que cette histoire m'ennerve un peu.

    ComboFix 07-12-31.4 - Nicolas 2008-01-02 16:38:00.4 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.302 [GMT 1:00]
    Running from: C:\Documents and Settings\Nicolas\Bureau\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-02 to 2008-01-02 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-01 19:22 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-01 14:14 . 2008-01-01 14:14 <REP> d-------- C:\Program Files\MSXML 6.0
    2008-01-01 14:12 . 2008-01-01 14:18 <REP> d-------- C:\Program Files\Microsoft SQL Server
    2008-01-01 14:01 . 2008-01-01 14:09 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
    2008-01-01 14:01 . 2008-01-01 17:52 <REP> d-------- C:\Program Files\Fichiers communs\Merge Modules
    2008-01-01 13:33 . 2008-01-01 13:33 357 --a------ C:\Documents and Settings\Nicolas\.cb_layout.bin
    2008-01-01 12:30 . 2008-01-01 13:33 <REP> d-------- C:\Documents and Settings\Nicolas\.CodeBlocks
    2008-01-01 12:29 . 2008-01-01 12:30 <REP> d-------- C:\Program Files\CodeBlocks
    2007-12-31 22:40 . 2007-12-31 22:40 1,158 --a------ C:\WINDOWS\mozver.dat
    2007-12-30 21:49 . 2007-12-30 21:49 <REP> d-------- C:\Program Files\Veoh Networks
    2007-12-30 21:48 . 2007-12-30 21:48 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2007-12-30 19:12 . 2007-12-30 19:13 <REP> d-------- C:\Program Files\Steganos Security Suite 2007
    2007-12-30 01:07 . 2007-12-30 01:07 268 --ah----- C:\sqmdata11.sqm
    2007-12-30 01:07 . 2007-12-30 01:07 244 --ah----- C:\sqmnoopt11.sqm
    2007-12-30 00:51 . 2007-12-30 00:51 <REP> d-------- C:\Documents and Settings\MI6\Application Data\Nero
    2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
    2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\Program Files\SAMSUNG
    2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
    2007-12-30 00:33 . 2004-08-09 05:04 73,728 --a------ C:\WINDOWS\system32\ISUSPM.cpl
    2007-12-30 00:33 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
    2007-12-28 17:31 . 2007-12-28 17:31 244 --ah----- C:\sqmnoopt10.sqm
    2007-12-28 17:31 . 2007-12-28 17:31 232 --ah----- C:\sqmdata10.sqm
    2007-12-27 18:35 . 2007-12-27 18:35 <REP> d--h----- C:\WINDOWS\PIF
    2007-12-27 18:13 . 2007-12-27 18:13 <REP> d-------- C:\Program Files\NeroInstall.bak
    2007-12-27 18:12 . 2007-10-26 08:04 3,945,768 --a------ C:\WINDOWS\system32\AdvrCntr3D6E0B790.dll
    2007-12-27 16:30 . 2007-12-27 16:30 <REP> d-------- C:\Program Files\Nero
    2007-12-27 16:30 . 2007-12-27 16:33 <REP> d-------- C:\Program Files\Fichiers communs\Nero
    2007-12-27 14:51 . 2007-12-27 14:51 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\vlc
    2007-12-26 23:58 . 2008-01-01 20:47 69 --a------ C:\WINDOWS\NeroDigital.ini
    2007-12-26 22:51 . 2007-12-26 22:51 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Ashampoo
    2007-12-26 22:49 . 2007-12-26 22:49 <REP> d-------- C:\Program Files\Ashampoo
    2007-12-26 22:49 . 2007-12-26 22:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ashampoo
    2007-12-26 21:57 . 2007-12-26 21:57 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Nero
    2007-12-26 21:50 . 2007-12-27 16:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nero
    2007-12-26 20:10 . 2007-12-26 20:10 <REP> d-------- C:\WINDOWS\Sun
    2007-12-26 18:58 . 2007-12-26 18:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
    2007-12-26 18:53 . 2007-12-26 18:53 <REP> d-------- C:\Program Files\Bonjour
    2007-12-26 18:46 . 2007-03-08 00:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll
    2007-12-26 18:46 . 2007-03-08 00:51 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
    2007-12-26 18:46 . 2007-03-08 00:51 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2007-12-26 18:45 . 2007-12-26 18:47 <REP> d-------- C:\Program Files\Winamp
    2007-12-26 18:45 . 2007-12-26 18:48 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Winamp
    2007-12-26 18:42 . 2007-12-26 18:42 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
    2007-12-26 18:02 . 2007-12-26 18:02 244 --ah----- C:\sqmnoopt09.sqm
    2007-12-26 18:02 . 2007-12-26 18:02 232 --ah----- C:\sqmdata09.sqm
    2007-12-26 14:10 . 2007-12-26 14:10 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\InterVideo
    2007-12-26 00:39 . 2007-12-26 00:39 268 --ah----- C:\sqmdata08.sqm
    2007-12-26 00:39 . 2007-12-26 00:39 244 --ah----- C:\sqmnoopt08.sqm
    2007-12-26 00:37 . 2007-12-26 18:16 <REP> d-------- C:\Documents and Settings\MI6\Application Data\Desktop Sidebar
    2007-12-26 00:26 . 2008-01-02 01:04 45 --a------ C:\TEST.XML
    2007-12-26 00:11 . 2007-12-26 00:11 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Talkback
    2007-12-25 23:18 . 2007-12-25 23:18 <REP> d-------- C:\Program Files\Microsoft Works
    2007-12-25 23:18 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
    2007-12-25 23:13 . 2007-12-25 23:14 <REP> d-------- C:\WINDOWS\SHELLNEW
    2007-12-25 19:27 . 2004-08-10 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
    2007-12-25 18:54 . 2007-12-25 18:54 <REP> d-------- C:\WINDOWS\system32\AlertModule
    2007-12-25 18:54 . 2004-08-23 14:49 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
    2007-12-25 18:54 . 2005-10-06 14:55 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
    2007-12-25 18:52 . 2007-12-25 18:52 <REP> d-------- C:\Program Files\Securitoo
    2007-12-25 15:53 . 2007-12-25 15:53 <REP> d-------- C:\Program Files\uTorrent
    2007-12-25 12:46 . 2007-12-25 12:47 <REP> d-------- C:\WINDOWS\system32\fr-fr
    2007-12-25 12:37 . 2007-10-11 00:49 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
    2007-12-25 12:37 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2007-12-25 12:37 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2007-12-25 12:37 . 2007-10-11 00:49 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2007-12-25 12:37 . 2007-10-11 00:49 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2007-12-25 12:37 . 2007-10-11 00:49 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
    2007-12-25 12:37 . 2007-10-11 00:49 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
    2007-12-25 12:37 . 2007-10-11 00:49 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2007-12-25 12:37 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-12-25 12:36 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
    2007-12-23 23:21 . 2007-12-23 23:32 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Desktop Sidebar
    2007-12-23 23:20 . 2007-12-23 23:20 <REP> d-------- C:\Program Files\Desktop Sidebar
    2007-12-23 22:43 . 2008-01-01 17:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2007-12-23 22:42 . 2007-12-23 22:42 <REP> d-------- C:\Program Files\MSECache
    2007-12-23 22:23 . 2007-12-23 22:23 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\AdobeUM
    2007-12-23 21:47 . 2008-01-02 00:40 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\uTorrent
    2007-12-23 20:25 . 2007-12-23 20:25 268 --ah----- C:\sqmdata07.sqm
    2007-12-23 20:25 . 2007-12-23 20:25 244 --ah----- C:\sqmnoopt07.sqm
    2007-12-23 20:16 . 2007-12-23 20:16 0 --a------ C:\WINDOWS\WB.ini
    2007-12-23 19:58 . 2007-12-23 19:58 <REP> d-------- C:\Program Files\Stardock
    2007-12-23 19:58 . 2007-07-11 15:06 42,672 --a------ C:\WINDOWS\system32\wbsys.dll
    2007-12-22 19:54 . 2007-12-22 19:54 244 --ah----- C:\sqmnoopt06.sqm
    2007-12-22 19:54 . 2007-12-22 19:54 232 --ah----- C:\sqmdata06.sqm
    2007-12-22 19:44 . 2007-12-22 19:50 <REP> d-------- C:\Program Files\@stake
    2007-12-22 19:44 . 2002-02-05 10:59 599,800 --a------ C:\WINDOWS\system32\Cfx4032.ocx
    2007-12-22 19:44 . 2001-10-08 08:46 136,976 --a------ C:\WINDOWS\system32\SfxBar.dll
    2007-12-22 19:40 . 2007-12-22 19:40 244 --ah----- C:\sqmnoopt05.sqm
    2007-12-22 19:40 . 2007-12-22 19:40 232 --ah----- C:\sqmdata05.sqm
    2007-12-22 19:33 . 2007-12-22 19:33 244 --ah----- C:\sqmnoopt04.sqm
    2007-12-22 19:33 . 2007-12-22 19:33 232 --ah----- C:\sqmdata04.sqm
    2007-12-22 19:29 . 2007-12-22 19:29 244 --ah----- C:\sqmnoopt03.sqm
    2007-12-22 19:29 . 2007-12-22 19:29 244 --ah----- C:\sqmnoopt02.sqm
    2007-12-22 19:29 . 2007-12-22 19:29 232 --ah----- C:\sqmdata03.sqm
    2007-12-22 19:29 . 2007-12-22 19:29 232 --ah----- C:\sqmdata02.sqm
    2007-12-22 19:11 . 2007-12-22 21:29 <REP> d-------- C:\Documents and Settings\MI6\Application Data\uTorrent
    2007-12-22 19:07 . 2007-12-22 19:07 244 --ah----- C:\sqmnoopt01.sqm
    2007-12-22 19:07 . 2007-12-22 19:07 232 --ah----- C:\sqmdata01.sqm
    2007-12-22 18:59 . 2007-12-22 18:59 <REP> d-------- C:\Program Files\TGTSoft
    2007-12-22 18:51 . 2007-12-22 18:51 244 --ah----- C:\sqmnoopt00.sqm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-01 13:16 --------- d-----w C:\Program Files\Microsoft.NET
    2008-01-01 12:33 357 ----a-w C:\Documents and Settings\Nicolas\.cb_layout.bin
    2007-12-30 20:50 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-29 23:33 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2007-12-28 17:35 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2007-12-23 22:38 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2007-12-23 20:34 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Symantec
    2007-12-22 21:43 --------- d-----w C:\Program Files\X10 Hardware
    2007-12-22 21:43 --------- d-----w C:\Program Files\Windows Plus
    2007-12-22 21:43 --------- d-----w C:\Program Files\Windows Desktop Search
    2007-12-22 21:43 --------- d-----w C:\Program Files\Toshiba
    2007-12-22 21:42 --------- d-----w C:\Program Files\Synaptics
    2007-12-22 21:42 --------- d-----w C:\Program Files\Symantec
    2007-12-22 21:41 --------- d---a-w C:\Program Files\Offre Wanadoo
    2007-12-22 21:41 --------- d-----w C:\Program Files\Sonic
    2007-12-22 21:41 --------- d-----w C:\Program Files\Services en ligne
    2007-12-22 21:41 --------- d-----w C:\Program Files\Realtek
    2007-12-22 21:41 --------- d-----w C:\Program Files\Norton Internet Security
    2007-12-22 21:40 --------- d-----w C:\Program Files\MSN Toolbar Suite
    2007-12-22 21:40 --------- d-----w C:\Program Files\microsoft frontpage
    2007-12-22 21:40 --------- d-----w C:\Program Files\ltmoh
    2007-12-22 21:40 --------- d-----w C:\Program Files\InterVideo
    2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
    2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\ODBC
    2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
    2007-12-22 21:37 --------- d-----w C:\Program Files\Fichiers communs\Java
    2007-12-22 21:37 --------- d-----w C:\Program Files\Fichiers communs\InterVideo
    2007-12-22 21:37 --------- d-----w C:\Program Files\Common Files
    2007-12-22 21:30 --------- d-----w C:\Documents and Settings\LocalService\Application Data\X10 Commander
    2007-12-22 21:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Windows Desktop Search
    2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\toshiba
    2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Sonic
    2007-12-22 16:11 87,952 ------w C:\WINDOWS\system32\drivers\bdfndisf.sys
    2007-12-22 16:11 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll
    2007-12-22 14:28 --------- d-----w C:\Program Files\Intel
    2007-10-23 13:20 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
    2007-10-22 07:51 972,072 ----a-w C:\WINDOWS\UNRecode.exe
    2007-10-20 18:17 39,424 ----a-w C:\WINDOWS\runtime.exe
    2007-10-19 17:43 491,520 ----a-w C:\WINDOWS\dependencies.exe
    2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-01-01_19.43.37.01 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-01-01 19:29:56 589,824 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\EnvDTE\f710b1a7f8f7df4aa680b05165d092e8\EnvDTE.ni.dll
    + 2008-01-01 19:30:00 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\EnvDTE80\bc9a9dfb52609542bdd7538a4d9e573c\EnvDTE80.ni.dll
    + 2008-01-01 19:30:09 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\[u]0[/u]75b49a466e75e4fb7ef859ecbad7766\Microsoft.VisualStudio.CommonIDE.ni.dll
    + 2008-01-01 19:30:26 376,832 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1b54c9f370b3d642a8223e61ebaeecf7\Microsoft.VisualStudio.Shell.Interop.8.0.ni.dll
    + 2008-01-01 19:30:14 23,040 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2f5a200a2679dd4f849225e38e89968c\Microsoft.VisualStudio.Designer.Interfaces.ni.dll
    + 2008-01-01 19:30:24 905,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\517ba54ce6a9224b903b6f8a7369fd3a\Microsoft.VisualStudio.Shell.ni.dll
    + 2008-01-01 19:30:13 1,196,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\68568423b81cb347b34f1d8fe4387315\Microsoft.VisualStudio.Design.ni.dll
    + 2008-01-01 19:30:23 319,488 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6dc57aec54819546a376830390045b81\Microsoft.VisualStudio.OLE.Interop.ni.dll
    + 2008-01-01 19:30:26 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\76e5aea496854243bb10797213717c90\Microsoft.VisualStudio.Shell.Design.ni.dll
    + 2008-01-01 19:30:28 868,352 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9658d81461304f45b65a570093ec0837\Microsoft.VisualStudio.Windows.Forms.ni.dll
    + 2008-01-01 19:30:04 708,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9bfba24ad73942469da84cc4c4f578a8\Microsoft.VisualStudio.ni.dll
    + 2008-01-01 19:30:23 4,059,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\df4aa0ff9f19d54c970226541516674f\Microsoft.VisualStudio.Editors.ni.dll
    + 2008-01-01 19:30:11 241,664 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\eb09d7576ac5af43bd91c9dbb47d1340\Microsoft.VisualStudio.Configuration.ni.dll
    + 2008-01-01 19:29:59 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\[u]0[/u]ec1761463175b4bb1d1163cd16ee8a3\System.Configuration.Install.ni.dll
    + 2008-01-01 19:29:58 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\4c8ddf69471bf64f8e0fdf822cc9a5ee\System.ServiceProcess.ni.dll
    + 2008-01-01 19:30:29 118,784 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VSLangProj\fc43b1def4623146a0f8ab73b51befdc\VSLangProj.ni.dll
    - 2008-01-01 18:35:21 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    + 2008-01-02 00:08:11 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1427A821-7B93-4F08-9A34-9FA03A3D93DB}]
    2007-05-21 10:11 20480 --a------ C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}
    {C4069E3A-68F1-403E-B40E-20066696354B}
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
    {381FFDE8-2394-4F90-B10D-FC6124A40F8C}
    {D0943516-5076-4020-A3B5-AEFAF26AB263}

    [HKEY_CLASSES_ROOT\clsid\{381ffde8-2394-4f90-b10d-fc6124a40f8c}]
    [HKEY_CLASSES_ROOT\BitDefender Toolbar]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 13:00 15360]
    "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 15:08 65536]
    "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
    "STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 19:31 1372160]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-10-23 14:18 202024]
    "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2007-12-19 16:31 3477504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 12:34 64512]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-05-01 21:04 7557120]
    "nwiz"="nwiz.exe" [2006-05-01 21:04 1519616 C:\WINDOWS\system32\nwiz.exe]
    "NVRotateSysTray"="C:\WINDOWS\system32\nvsysrot.dll" [2006-05-01 21:04 49152]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 00:02 761948]
    "RTHDCPL"="RTHDCPL.EXE" [2006-05-05 14:59 16206848 C:\WINDOWS\RTHDCPL.exe]
    "LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2004-08-18 11:37 184320]
    "AGRSMMSG"="AGRSMMSG.exe" [2005-12-13 15:50 88204 C:\WINDOWS\agrsmmsg.exe]
    "THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2006-08-25 12:47 356352]
    "TPSMain"="TPSMain.exe" [2005-08-03 15:09 266240 C:\WINDOWS\system32\TPSMain.exe]
    "NDSTray.exe"="NDSTray.exe" []
    "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 12:11 73728]
    "SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2005-05-17 08:24 118784]
    "TFncKy"="TFncKy.exe" []
    "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-10-06 04:20 122940]
    "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-09-16 23:27 52848]
    "IS CfgWiz"="C:\Program Files\Norton Internet Security\cfgwiz.exe" [2005-09-29 21:33 120464]
    "SSC_UserPrompt"="C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-10 10:57 218240]
    "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 00:38 802816]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 00:32 696320]
    "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-12-22 17:11 319488]
    "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-12-22 17:11 61440]
    "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
    "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-12-20 16:16 37376]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 12:03 36975]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
    "SSS2007 PasswordManagerFFAutoFill"="C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe" [2007-05-21 10:11 21504]
    "SSS2007 HotKeys"="C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe" [2007-05-21 10:11 25088]
    "SSS2007 File Redirection Starter"="C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe" [2007-05-15 15:18 53248]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2006-03-26 21:44:08]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 12:11 233472]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
    C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-12-23 20:01 229376 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=wbsys.dll

    R1 bdftdif;bdftdif;C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys [2007-12-22 17:11]
    R1 SLEE_15_DRIVER;Steganos Live Encryption Engine 15 [Driver];C:\WINDOWS\system32\drivers\Sleen15.sys [2007-02-21 12:33]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3;C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 08:51]
    R2 SQLWriter;Enregistreur VSS SQL Server;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 05:29]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-12-22 17:11]
    R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-10 13:00]
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 09:45]
    S2 Explorer;Explorer;"C:\Program Files\Fichiers communs\System\$sys$explorer.exe" [2007-12-23 19:57]
    S3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2007-08-02 17:03]
    S3 BDSelfPr;BDSelfPr;C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2007-08-08 14:12]
    S3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 13:47]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan

    *Newly Created Service* - COMHOST
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-02 14:20:00 C:\WINDOWS\Tasks\Check Updates for MSN Search Toolbar.job"
    - C:\Program Files\MSN Toolbar Suite\MSNTBUP.EXE
    "2007-12-22 14:25:43 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2007-12-22 14:25:44 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2006-09-22 12:11:50 C:\WINDOWS\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-02 16:41:57
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr]
    "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
    .
    Completion time: 2008-01-02 16:42:43
    C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 15:42:33
    C:\qoobox\ComboFix2.txt 2008-01-01 19:13:39
    C:\qoobox\ComboFix3.txt 2008-01-01 18:43:58
    0
  10. tidochouse Messages postés 266 Statut Membre 23
     
    Voila Hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:46:17, on 02/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe
    C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\SatSrv.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\WINDOWS\explorer.exe
    C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Rar$EX00.031\HijackThis.exe
    C:\Program Files\Messenger\msmsgs.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
    O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SSS2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe"
    O4 - HKLM\..\Run: [SSS2007 HotKeys] "C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe"
    O4 - HKLM\..\Run: [SSS2007 File Redirection Starter] "C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{438904B9-AAAF-44E1-A08E-D6E490DEF698}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{55AE282E-0E86-4F0E-8C38-255DDE167419}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7E7E9677-783F-40D7-80C9-186283C66C98}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O17 - HKLM\System\CS1\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O17 - HKLM\System\CS2\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Explorer - Unknown owner - C:\Program Files\Fichiers communs\System\$sys$explorer.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\\SatSrv.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    0
  11. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    Re,

    Télécharge le FixWareout sur le bureau:
    http://download.bleepingcomputer.com/lonny/Fixwareout.exe

    Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
    Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

    Quand ton système aura redémarré, suis les invites des messages. Ensuite lance HijackThis. Clique sur Scan et coche les lignes suivantes:

    O17 - HKLM\System\CCS\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{438904B9-AAAF-44E1-A08E-D6E490DEF698}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{55AE282E-0E86-4F0E-8C38-255DDE167419}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7E7E9677-783F-40D7-80C9-186283C66C98}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O17 - HKLM\System\CS1\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
    O17 - HKLM\System\CS2\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147

    Clique sur Fix Checked. Ferme HijackThis et clique sur OK pour continuer la procédure.

    A la fin du fix, tu auras peut-être encore besoin de redémarrer le PC.

    Au final, poste le contenu de C:\fixwareout\report.txt avec un nouveau rapport HijackThis.

    A+
    0
  12. tidochouse Messages postés 266 Statut Membre 23
     
    Ca y'est par contre je n'est pas trouver de lignes commencant par 017 rien de rien donc voila le raport fix

    Username "Nicolas" - 02/01/2008 21:38:26 [Fixwareout edited 9/01/2007]

    ~~~~~ Prerun check

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
    "nameserver"="85.255.116.102 85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}
    "nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{438904B9-AAAF-44E1-A08E-D6E490DEF698}
    "nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{55AE282E-0E86-4F0E-8C38-255DDE167419}
    "nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7E7E9677-783F-40D7-80C9-186283C66C98}
    "nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91}
    "nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}
    "nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}
    "nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}
    "DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{438904B9-AAAF-44E1-A08E-D6E490DEF698}
    "DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7E7E9677-783F-40D7-80C9-186283C66C98}
    "DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{AE5E0CCE-E9FD-4EE8-8B3A-6069C30DBCC0}
    "DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}
    "DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.
    HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}
    "DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.

    Cache de résolution DNS vidé.

    System was rebooted successfully.

    ~~~~~ Postrun check
    HKLM\SOFTWARE\~\Winlogon\ "system"=""
    ....
    ....
    ~~~~~ Misc files.
    ....
    ~~~~~ Checking for older varients.
    ....

    ~~~~~ Current runs (hklm hkcu "run" Keys Only)
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
    "ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /installquiet /keeploaded /nodetect"
    "NVRotateSysTray"="rundll32.exe C:\\WINDOWS\\system32\\nvsysrot.dll,Enable"
    "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
    "LtMoh"="C:\\Program Files\\ltmoh\\Ltmoh.exe"
    "THotkey"="C:\\Program Files\\Toshiba\\Toshiba Applet\\thotkey.exe"
    "TPSMain"="TPSMain.exe"
    "Tvs"="C:\\Program Files\\TOSHIBA\\Tvs\\TvsTray.exe"
    "SmoothView"="C:\\Program Files\\TOSHIBA\\Utilitaire de zoom TOSHIBA\\SmoothView.exe"
    "DLA"="C:\\WINDOWS\\System32\\DLA\\DLACTRLW.EXE"
    "ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
    "IS CfgWiz"="C:\\Program Files\\Norton Internet Security\\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE \"REBOOT\""
    "SSC_UserPrompt"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\Security Center\\UsrPrmpt.exe\""
    "IntelZeroConfig"="\"C:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\""
    "IntelWireless"="\"C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless"
    "BDAgent"="\"C:\\Program Files\\BitDefender\\BitDefender 2008\\bdagent.exe\""
    "BitDefender Antiphishing Helper"="\"C:\\Program Files\\BitDefender\\BitDefender 2008\\IEShow.exe\""
    "WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
    "WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\GestMaj.exe TaskBarIcon.exe"
    "WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\""
    "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
    "NBKeyScan"="\"C:\\Program Files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""
    "NeroFilterCheck"="C:\\Program Files\\Fichiers communs\\Nero\\Lib\\NeroCheck.exe"
    "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
    "SSS2007 PasswordManagerFFAutoFill"="\"C:\\Program Files\\Steganos Security Suite 2007\\PasswordManagerFFAutoFill.exe\""
    "SSS2007 HotKeys"="\"C:\\Program Files\\Steganos Security Suite 2007\\SteganosHotKeyService.exe\""
    "SSS2007 File Redirection Starter"="\"C:\\Program Files\\Steganos Security Suite 2007\\fredirstarter.exe\""

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "WOOKIT"="C:\\PROGRA~1\\Wanadoo\\Shell.exe appLaunchClientZone.shl|PARAM= cnx"
    "STYLEXP"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
    "msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Fichiers communs\\Nero\\Lib\\NMBgMonitor.exe\""
    "Veoh"="\"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe\" /VeohHide"
    "TOSCDSPD"="C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
    ....
    Hosts file was reset, If you use a custom hosts file please replace it...
    ~~~~~ End report ~~~~~

    et le rapport HIjackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:48:43, on 02/01/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\SatSrv.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe
    C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe
    C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
    C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Rar$EX00.703\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll
    O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
    O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
    O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SSS2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe"
    O4 - HKLM\..\Run: [SSS2007 HotKeys] "C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe"
    O4 - HKLM\..\Run: [SSS2007 File Redirection Starter] "C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Explorer - Unknown owner - C:\Program Files\Fichiers communs\System\$sys$explorer.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\\SatSrv.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    0
  13. Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 349
     
    Fais un test avec une recherche.

    Par contre, tu as plusieurs antivirus, bitdefender, norton, n'en gardes qu un seul et supprime les autres.
    0
  14. tidochouse Messages postés 266 Statut Membre 23
     
    ok

    je pense garder bit defender kan meme.

    Ba ecoute oune grade MERCI a tu mi amigo.lol

    nan serieu merci pour ton "BENEVOLAT"et je tien a tedire a toi et o autre que c super d'aider les gens comme sa sans rien demander en retour.

    enfin ceci di si ta un probleme de clim un jour demande moi ;-)
    0