virus IE et mozilla Résolu

Question

Bonjour,et bonne année a tous

Il m'arrive un truc assez bizzare que ce soit avec IE ou mozilla firefox. Je m'explique lorsque j'effectue une recherche sur google,et que je clique sur un lien sa m'envoi directos ds un autre site.A chaque fois.
Exemple si je tape dans google Comment ca marche il va me proposer comment sa marche comunauté informatique.... des que je clique dessus sa menvoi vers un autre site qui n'a rien a voir et ceci avec tout et tt le temps.Du coup je suis obliger de taper tt ds la bare d'adresse alor quand c'est pour un recherche cela devient impossible.

Que dois-je faire.??
merci de votre aide

Regis59 · Answer

Bienvenue sur le forum d’entraide de CommentCaMarche.net 

Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.

Télécharge HijackThis ici: 
http://telechargement.zebulon.fr/138-hijackthis-1991.html 

Dézippe le dans un dossier prévu à cet effet. 
Par exemple C:\hijackthis < Enregistre-le bien dans c : ! 
Démo : (Merci a Balltrap34 pour cette réalisation)   
http://pageperso.aol.fr/balltrap34/Hijenr.gif 
	
Lance le puis: 
Clique sur "do a system scan and save logfile" (cf démo) 
Faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)   
http://pageperso.aol.fr/balltrap34/demohijack.htm
	
Bon courage

A+

tidochouse · Answer

Merci pour votre aide.

Voila ce que vous avez demander:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:09:35, on 01/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\SatSrv.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32undll32.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe
C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Fichiers communs\System\$sys$explorer.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Rar$EX01.813\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32
vsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SSS2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe"
O4 - HKLM\..\Run: [SSS2007 HotKeys] "C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SSS2007 File Redirection Starter] "C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{438904B9-AAAF-44E1-A08E-D6E490DEF698}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{55AE282E-0E86-4F0E-8C38-255DDE167419}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E7E9677-783F-40D7-80C9-186283C66C98}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O17 - HKLM\System\CS1\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O17 - HKLM\System\CS2\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Explorer - Unknown owner - C:\Program Files\Fichiers communs\System\$sys$explorer.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\SatSrv.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

Regis59 · Answer

OK

Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

Copie/colle un nouveau rapport HiJackThis avec.

tidochouse · Answer

Voila pour combofix

ComboFix 07-12-31.4 - Nicolas 2008-01-01 20:10:31.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.442 [GMT 1:00]
Running from: C:\Documents and Settings\Nicolas\Bureau\ComboFix.exe
.
/wow section - STAGE 3
/wow section - STAGE 4
/wow section - STAGE 4
/wow section - STAGE 6
/wow section - STAGE 7
/wow section - STAGE 8
/wow section - STAGE 9
/wow section - STAGE 10
/wow section - STAGE 13
/wow section - STAGE 19
/wow section - STAGE 8
/wow section - STAGE 9
/wow section - STAGE 10
/wow section - STAGE 13
/wow section - STAGE 19
/wow section - STAGE 20
/wow section - STAGE 28
/wow section - STAGE 30
/wow section - STAGE 34A
/wow section - STAGE 36
/wow section non terminée

/wow section non terminée

((((((((((((((((((((((((((((( Fichiers créés 2007-12-01 to 2008-01-01 ))))))))))))))))))))))))))))))))))))
.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-01 to 2008-01-01 ))))))))))))))))))))))))))))))))))))
.

2008-01-01 19:22 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-01 14:14 . 2008-01-01 14:14 <REP> d-------- C:\Program Files\MSXML 6.0
2008-01-01 14:12 . 2008-01-01 14:18 <REP> d-------- C:\Program Files\Microsoft SQL Server
2008-01-01 14:01 . 2008-01-01 14:09 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-01-01 14:01 . 2008-01-01 17:52 <REP> d-------- C:\Program Files\Fichiers communs\Merge Modules
2008-01-01 13:33 . 2008-01-01 13:33 357 --a------ C:\Documents and Settings\Nicolas\.cb_layout.bin
2008-01-01 12:30 . 2008-01-01 13:33 <REP> d-------- C:\Documents and Settings\Nicolas\.CodeBlocks
2008-01-01 12:29 . 2008-01-01 12:30 <REP> d-------- C:\Program Files\CodeBlocks
2007-12-31 22:40 . 2007-12-31 22:40 1,158 --a------ C:\WINDOWS\mozver.dat
2007-12-30 21:49 . 2007-12-30 21:49 <REP> d-------- C:\Program Files\Veoh Networks
2007-12-30 21:48 . 2007-12-30 21:48 <REP> d-------- C:\WINDOWS\Downloaded Installations
2007-12-30 19:12 . 2007-12-30 19:13 <REP> d-------- C:\Program Files\Steganos Security Suite 2007
2007-12-30 01:07 . 2007-12-30 01:07 268 --ah----- C:\sqmdata11.sqm
2007-12-30 01:07 . 2007-12-30 01:07 244 --ah----- C:\sqmnoopt11.sqm
2007-12-30 00:51 . 2007-12-30 00:51 <REP> d-------- C:\Documents and Settings\MI6\Application Data\Nero
2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\Program Files\SAMSUNG
2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2007-12-30 00:33 . 2004-08-09 05:04 73,728 --a------ C:\WINDOWS\system32\ISUSPM.cpl
2007-12-30 00:33 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
2007-12-28 17:31 . 2007-12-28 17:31 244 --ah----- C:\sqmnoopt10.sqm
2007-12-28 17:31 . 2007-12-28 17:31 232 --ah----- C:\sqmdata10.sqm
2007-12-27 18:35 . 2007-12-27 18:35 <REP> d--h----- C:\WINDOWS\PIF
2007-12-27 18:13 . 2007-12-27 18:13 <REP> d-------- C:\Program Files\NeroInstall.bak
2007-12-27 18:12 . 2007-10-26 08:04 3,945,768 --a------ C:\WINDOWS\system32\AdvrCntr3D6E0B790.dll
2007-12-27 16:30 . 2007-12-27 16:30 <REP> d-------- C:\Program Files\Nero
2007-12-27 16:30 . 2007-12-27 16:33 <REP> d-------- C:\Program Files\Fichiers communs\Nero
2007-12-27 14:51 . 2007-12-27 14:51 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\vlc
2007-12-26 23:58 . 2008-01-01 17:59 69 --a------ C:\WINDOWS\NeroDigital.ini
2007-12-26 22:51 . 2007-12-26 22:51 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Ashampoo
2007-12-26 22:49 . 2007-12-26 22:49 <REP> d-------- C:\Program Files\Ashampoo
2007-12-26 22:49 . 2007-12-26 22:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ashampoo
2007-12-26 21:57 . 2007-12-26 21:57 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Nero
2007-12-26 21:50 . 2007-12-27 16:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-12-26 20:10 . 2007-12-26 20:10 <REP> d-------- C:\WINDOWS\Sun
2007-12-26 18:58 . 2007-12-26 18:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-12-26 18:53 . 2007-12-26 18:53 <REP> d-------- C:\Program Files\Bonjour
2007-12-26 18:46 . 2007-03-08 00:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-12-26 18:46 . 2007-03-08 00:51 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-12-26 18:46 . 2007-03-08 00:51 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-12-26 18:45 . 2007-12-26 18:47 <REP> d-------- C:\Program Files\Winamp
2007-12-26 18:45 . 2007-12-26 18:48 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Winamp
2007-12-26 18:42 . 2007-12-26 18:42 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2007-12-26 18:02 . 2007-12-26 18:02 244 --ah----- C:\sqmnoopt09.sqm
2007-12-26 18:02 . 2007-12-26 18:02 232 --ah----- C:\sqmdata09.sqm
2007-12-26 14:10 . 2007-12-26 14:10 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\InterVideo
2007-12-26 00:39 . 2007-12-26 00:39 268 --ah----- C:\sqmdata08.sqm
2007-12-26 00:39 . 2007-12-26 00:39 244 --ah----- C:\sqmnoopt08.sqm
2007-12-26 00:37 . 2007-12-26 18:16 <REP> d-------- C:\Documents and Settings\MI6\Application Data\Desktop Sidebar
2007-12-26 00:26 . 2008-01-01 20:03 45 --a------ C:\TEST.XML
2007-12-26 00:11 . 2007-12-26 00:11 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Talkback
2007-12-25 23:18 . 2007-12-25 23:18 <REP> d-------- C:\Program Files\Microsoft Works
2007-12-25 23:18 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-12-25 23:13 . 2007-12-25 23:14 <REP> d-------- C:\WINDOWS\SHELLNEW
2007-12-25 19:27 . 2004-08-10 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2007-12-25 18:54 . 2007-12-25 18:54 <REP> d-------- C:\WINDOWS\system32\AlertModule
2007-12-25 18:54 . 2004-08-23 14:49 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2007-12-25 18:54 . 2005-10-06 14:55 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2007-12-25 18:52 . 2007-12-25 18:52 <REP> d-------- C:\Program Files\Securitoo
2007-12-25 15:53 . 2007-12-25 15:53 <REP> d-------- C:\Program Files\uTorrent
2007-12-25 12:46 . 2007-12-25 12:47 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-12-25 12:37 . 2007-10-11 00:49 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-12-25 12:37 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-12-25 12:37 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-12-25 12:37 . 2007-10-11 00:49 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-12-25 12:37 . 2007-10-11 00:49 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-12-25 12:37 . 2007-10-11 00:49 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-12-25 12:37 . 2007-10-11 00:49 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2007-12-25 12:37 . 2007-10-11 00:49 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-12-25 12:37 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-25 12:36 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2007-12-23 23:21 . 2007-12-23 23:32 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Desktop Sidebar
2007-12-23 23:20 . 2007-12-23 23:20 <REP> d-------- C:\Program Files\Desktop Sidebar
2007-12-23 22:43 . 2008-01-01 17:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-23 22:42 . 2007-12-23 22:42 <REP> d-------- C:\Program Files\MSECache
2007-12-23 22:23 . 2007-12-23 22:23 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\AdobeUM
2007-12-23 21:47 . 2008-01-01 20:07 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\uTorrent
2007-12-23 20:25 . 2007-12-23 20:25 268 --ah----- C:\sqmdata07.sqm
2007-12-23 20:25 . 2007-12-23 20:25 244 --ah----- C:\sqmnoopt07.sqm
2007-12-23 20:16 . 2007-12-23 20:16 0 --a------ C:\WINDOWS\WB.ini
2007-12-23 19:58 . 2007-12-23 19:58 <REP> d-------- C:\Program Files\Stardock
2007-12-23 19:58 . 2007-07-11 15:06 42,672 --a------ C:\WINDOWS\system32\wbsys.dll
2007-12-22 19:54 . 2007-12-22 19:54 244 --ah----- C:\sqmnoopt06.sqm
2007-12-22 19:54 . 2007-12-22 19:54 232 --ah----- C:\sqmdata06.sqm
2007-12-22 19:44 . 2007-12-22 19:50 <REP> d-------- C:\Program Files\@stake
2007-12-22 19:44 . 2002-02-05 10:59 599,800 --a------ C:\WINDOWS\system32\Cfx4032.ocx
2007-12-22 19:44 . 2001-10-08 08:46 136,976 --a------ C:\WINDOWS\system32\SfxBar.dll
2007-12-22 19:40 . 2007-12-22 19:40 244 --ah----- C:\sqmnoopt05.sqm
2007-12-22 19:40 . 2007-12-22 19:40 232 --ah----- C:\sqmdata05.sqm
2007-12-22 19:33 . 2007-12-22 19:33 244 --ah----- C:\sqmnoopt04.sqm
2007-12-22 19:33 . 2007-12-22 19:33 232 --ah----- C:\sqmdata04.sqm
2007-12-22 19:29 . 2007-12-22 19:29 244 --ah----- C:\sqmnoopt03.sqm
2007-12-22 19:29 . 2007-12-22 19:29 244 --ah----- C:\sqmnoopt02.sqm
2007-12-22 19:29 . 2007-12-22 19:29 232 --ah----- C:\sqmdata03.sqm
2007-12-22 19:29 . 2007-12-22 19:29 232 --ah----- C:\sqmdata02.sqm
2007-12-22 19:11 . 2007-12-22 21:29 <REP> d-------- C:\Documents and Settings\MI6\Application Data\uTorrent
2007-12-22 19:07 . 2007-12-22 19:07 244 --ah----- C:\sqmnoopt01.sqm
2007-12-22 19:07 . 2007-12-22 19:07 232 --ah----- C:\sqmdata01.sqm
2007-12-22 18:59 . 2007-12-22 18:59 <REP> d-------- C:\Program Files\TGTSoft
2007-12-22 18:51 . 2007-12-22 18:51 244 --ah----- C:\sqmnoopt00.sqm

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-01 13:16 --------- d-----w C:\Program Files\Microsoft.NET
2008-01-01 12:33 357 ----a-w C:\Documents and Settings\Nicolas\.cb_layout.bin
2007-12-30 20:50 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-29 23:33 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-12-28 17:35 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-23 22:38 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-12-23 20:34 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Symantec
2007-12-22 21:43 --------- d-----w C:\Program Files\X10 Hardware
2007-12-22 21:43 --------- d-----w C:\Program Files\Windows Plus
2007-12-22 21:43 --------- d-----w C:\Program Files\Windows Desktop Search
2007-12-22 21:43 --------- d-----w C:\Program Files\Toshiba
2007-12-22 21:42 --------- d-----w C:\Program Files\Synaptics
2007-12-22 21:42 --------- d-----w C:\Program Files\Symantec
2007-12-22 21:41 --------- d---a-w C:\Program Files\Offre Wanadoo
2007-12-22 21:41 --------- d-----w C:\Program Files\Sonic
2007-12-22 21:41 --------- d-----w C:\Program Files\Services en ligne
2007-12-22 21:41 --------- d-----w C:\Program Files\Realtek
2007-12-22 21:41 --------- d-----w C:\Program Files\Norton Internet Security
2007-12-22 21:40 --------- d-----w C:\Program Files\MSN Toolbar Suite
2007-12-22 21:40 --------- d-----w C:\Program Files\microsoft frontpage
2007-12-22 21:40 --------- d-----w C:\Program Files\ltmoh
2007-12-22 21:40 --------- d-----w C:\Program Files\InterVideo
2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-12-22 21:37 --------- d-----w C:\Program Files\Fichiers communs\Java
2007-12-22 21:37 --------- d-----w C:\Program Files\Fichiers communs\InterVideo
2007-12-22 21:37 --------- d-----w C:\Program Files\Common Files
2007-12-22 21:30 --------- d-----w C:\Documents and Settings\LocalService\Application Data\X10 Commander
2007-12-22 21:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Windows Desktop Search
2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\toshiba
2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Sonic
2007-12-22 16:11 87,952 ------w C:\WINDOWS\system32\drivers\bdfndisf.sys
2007-12-22 16:11 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll
2007-12-22 14:28 --------- d-----w C:\Program Files\Intel
2007-10-23 13:20 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
2007-10-22 07:51 972,072 ----a-w C:\WINDOWS\UNRecode.exe
2007-10-20 18:17 39,424 ----a-w C:\WINDOWS\runtime.exe
2007-10-19 17:43 491,520 ----a-w C:\WINDOWS\dependencies.exe
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
.

((((((((((((((((((((((((((((( snapshot@2008-01-01_19.43.37.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-01 18:35:21 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
+ 2008-01-01 19:09:34 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1427A821-7B93-4F08-9A34-9FA03A3D93DB}]
2007-05-21 10:11 20480 --a------ C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}
{C4069E3A-68F1-403E-B40E-20066696354B}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
{381FFDE8-2394-4F90-B10D-FC6124A40F8C}
{D0943516-5076-4020-A3B5-AEFAF26AB263}

[HKEY_CLASSES_ROOT\clsid\{381ffde8-2394-4f90-b10d-fc6124a40f8c}]
[HKEY_CLASSES_ROOT\BitDefender Toolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 13:00 15360]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 15:08 65536]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 19:31 1372160]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-10-23 14:18 202024]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2007-12-19 16:31 3477504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 12:34 64512]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-05-01 21:04 7557120]
"nwiz"="nwiz.exe" [2006-05-01 21:04 1519616 C:\WINDOWS\system32\nwiz.exe]
"NVRotateSysTray"="C:\WINDOWS\system32\nvsysrot.dll" [2006-05-01 21:04 49152]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 00:02 761948]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-05 14:59 16206848 C:\WINDOWS\RTHDCPL.exe]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2004-08-18 11:37 184320]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-13 15:50 88204 C:\WINDOWS\agrsmmsg.exe]
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2006-08-25 12:47 356352]
"TPSMain"="TPSMain.exe" [2005-08-03 15:09 266240 C:\WINDOWS\system32\TPSMain.exe]
"NDSTray.exe"="NDSTray.exe" []
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 12:11 73728]
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2005-05-17 08:24 118784]
"TFncKy"="TFncKy.exe" []
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-10-06 04:20 122940]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-09-16 23:27 52848]
"IS CfgWiz"="C:\Program Files\Norton Internet Security\cfgwiz.exe" [2005-09-29 21:33 120464]
"SSC_UserPrompt"="C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-10 10:57 218240]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 00:38 802816]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 00:32 696320]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-12-22 17:11 319488]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-12-22 17:11 61440]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-12-20 16:16 37376]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 12:03 36975]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
"SSS2007 PasswordManagerFFAutoFill"="C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe" [2007-05-21 10:11 21504]
"SSS2007 HotKeys"="C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe" [2007-05-21 10:11 25088]
"SSS2007 File Redirection Starter"="C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe" [2007-05-15 15:18 53248]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2006-03-26 21:44:08]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 12:11 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-12-23 20:01 229376 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

R1 bdftdif;bdftdif;C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys [2007-12-22 17:11]
R1 SLEE_15_DRIVER;Steganos Live Encryption Engine 15 [Driver];C:\WINDOWS\system32\drivers\Sleen15.sys [2007-02-21 12:33]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3;C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 08:51]
R2 SQLWriter;Enregistreur VSS SQL Server;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 05:29]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-12-22 17:11]
R3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2007-08-02 17:03]
R3 BDSelfPr;BDSelfPr;C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2007-08-08 14:12]
R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-10 13:00]
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 09:45]
S2 Explorer;Explorer;"C:\Program Files\Fichiers communs\System\$sys$explorer.exe" [2007-12-23 19:57]
S3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 13:47]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-01 18:20:00 C:\WINDOWS\Tasks\Check Updates for MSN Search Toolbar.job"
- C:\Program Files\MSN Toolbar Suite\MSNTBUP.EXE
"2007-12-22 14:25:43 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2007-12-22 14:25:44 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2006-09-22 12:11:50 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-01 20:13:06
Windows 5.1.2600 Service Pack 2 NTFS

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-01 20:13:06
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
Completion time: 2008-01-01 20:13:38
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-01 19:13:35
C:\qoobox\ComboFix2.txt 2008-01-01 18:43:58

tidochouse · Answer

et pour hjjackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:45, on 01/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\SatSrv.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe
C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe
C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Fichiers communs\System\$sys$explorer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Rar$EX00.719\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32
vsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SSS2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe"
O4 - HKLM\..\Run: [SSS2007 HotKeys] "C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SSS2007 File Redirection Starter] "C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{438904B9-AAAF-44E1-A08E-D6E490DEF698}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{55AE282E-0E86-4F0E-8C38-255DDE167419}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E7E9677-783F-40D7-80C9-186283C66C98}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O17 - HKLM\System\CS1\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O17 - HKLM\System\CS2\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Explorer - Unknown owner - C:\Program Files\Fichiers communs\System\$sys$explorer.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\SatSrv.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

tidochouse · Answer

alors?

Regis59 · Answer

Alors? On est bénévole je te le rappelle.

Je te rappelle qu'aussi, il faut laisser finir le scan avant, alors que la, tu as copier coller le rapport combofix alors qu'il n'avait pas terminé...

A+

tidochouse · Answer

:-( desolé :-( Faut dire que cette histoire m'ennerve un peu.

ComboFix 07-12-31.4 - Nicolas 2008-01-02 16:38:00.4 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.302 [GMT 1:00]
Running from: C:\Documents and Settings\Nicolas\Bureau\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2007-12-02 to 2008-01-02 ))))))))))))))))))))))))))))))))))))
.

2008-01-01 19:22 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-01 14:14 . 2008-01-01 14:14 <REP> d-------- C:\Program Files\MSXML 6.0
2008-01-01 14:12 . 2008-01-01 14:18 <REP> d-------- C:\Program Files\Microsoft SQL Server
2008-01-01 14:01 . 2008-01-01 14:09 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-01-01 14:01 . 2008-01-01 17:52 <REP> d-------- C:\Program Files\Fichiers communs\Merge Modules
2008-01-01 13:33 . 2008-01-01 13:33 357 --a------ C:\Documents and Settings\Nicolas\.cb_layout.bin
2008-01-01 12:30 . 2008-01-01 13:33 <REP> d-------- C:\Documents and Settings\Nicolas\.CodeBlocks
2008-01-01 12:29 . 2008-01-01 12:30 <REP> d-------- C:\Program Files\CodeBlocks
2007-12-31 22:40 . 2007-12-31 22:40 1,158 --a------ C:\WINDOWS\mozver.dat
2007-12-30 21:49 . 2007-12-30 21:49 <REP> d-------- C:\Program Files\Veoh Networks
2007-12-30 21:48 . 2007-12-30 21:48 <REP> d-------- C:\WINDOWS\Downloaded Installations
2007-12-30 19:12 . 2007-12-30 19:13 <REP> d-------- C:\Program Files\Steganos Security Suite 2007
2007-12-30 01:07 . 2007-12-30 01:07 268 --ah----- C:\sqmdata11.sqm
2007-12-30 01:07 . 2007-12-30 01:07 244 --ah----- C:\sqmnoopt11.sqm
2007-12-30 00:51 . 2007-12-30 00:51 <REP> d-------- C:\Documents and Settings\MI6\Application Data\Nero
2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\Program Files\SAMSUNG
2007-12-30 00:33 . 2007-12-30 00:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2007-12-30 00:33 . 2004-08-09 05:04 73,728 --a------ C:\WINDOWS\system32\ISUSPM.cpl
2007-12-30 00:33 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
2007-12-28 17:31 . 2007-12-28 17:31 244 --ah----- C:\sqmnoopt10.sqm
2007-12-28 17:31 . 2007-12-28 17:31 232 --ah----- C:\sqmdata10.sqm
2007-12-27 18:35 . 2007-12-27 18:35 <REP> d--h----- C:\WINDOWS\PIF
2007-12-27 18:13 . 2007-12-27 18:13 <REP> d-------- C:\Program Files\NeroInstall.bak
2007-12-27 18:12 . 2007-10-26 08:04 3,945,768 --a------ C:\WINDOWS\system32\AdvrCntr3D6E0B790.dll
2007-12-27 16:30 . 2007-12-27 16:30 <REP> d-------- C:\Program Files\Nero
2007-12-27 16:30 . 2007-12-27 16:33 <REP> d-------- C:\Program Files\Fichiers communs\Nero
2007-12-27 14:51 . 2007-12-27 14:51 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\vlc
2007-12-26 23:58 . 2008-01-01 20:47 69 --a------ C:\WINDOWS\NeroDigital.ini
2007-12-26 22:51 . 2007-12-26 22:51 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Ashampoo
2007-12-26 22:49 . 2007-12-26 22:49 <REP> d-------- C:\Program Files\Ashampoo
2007-12-26 22:49 . 2007-12-26 22:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ashampoo
2007-12-26 21:57 . 2007-12-26 21:57 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Nero
2007-12-26 21:50 . 2007-12-27 16:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-12-26 20:10 . 2007-12-26 20:10 <REP> d-------- C:\WINDOWS\Sun
2007-12-26 18:58 . 2007-12-26 18:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-12-26 18:53 . 2007-12-26 18:53 <REP> d-------- C:\Program Files\Bonjour
2007-12-26 18:46 . 2007-03-08 00:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-12-26 18:46 . 2007-03-08 00:51 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-12-26 18:46 . 2007-03-08 00:51 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-12-26 18:45 . 2007-12-26 18:47 <REP> d-------- C:\Program Files\Winamp
2007-12-26 18:45 . 2007-12-26 18:48 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Winamp
2007-12-26 18:42 . 2007-12-26 18:42 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2007-12-26 18:02 . 2007-12-26 18:02 244 --ah----- C:\sqmnoopt09.sqm
2007-12-26 18:02 . 2007-12-26 18:02 232 --ah----- C:\sqmdata09.sqm
2007-12-26 14:10 . 2007-12-26 14:10 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\InterVideo
2007-12-26 00:39 . 2007-12-26 00:39 268 --ah----- C:\sqmdata08.sqm
2007-12-26 00:39 . 2007-12-26 00:39 244 --ah----- C:\sqmnoopt08.sqm
2007-12-26 00:37 . 2007-12-26 18:16 <REP> d-------- C:\Documents and Settings\MI6\Application Data\Desktop Sidebar
2007-12-26 00:26 . 2008-01-02 01:04 45 --a------ C:\TEST.XML
2007-12-26 00:11 . 2007-12-26 00:11 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Talkback
2007-12-25 23:18 . 2007-12-25 23:18 <REP> d-------- C:\Program Files\Microsoft Works
2007-12-25 23:18 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-12-25 23:13 . 2007-12-25 23:14 <REP> d-------- C:\WINDOWS\SHELLNEW
2007-12-25 19:27 . 2004-08-10 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2007-12-25 18:54 . 2007-12-25 18:54 <REP> d-------- C:\WINDOWS\system32\AlertModule
2007-12-25 18:54 . 2004-08-23 14:49 40,960 --a------ C:\WINDOWS\system32\FTRTSVC.exe
2007-12-25 18:54 . 2005-10-06 14:55 36,864 --a------ C:\WINDOWS\system32\IfHelper.dll
2007-12-25 18:52 . 2007-12-25 18:52 <REP> d-------- C:\Program Files\Securitoo
2007-12-25 15:53 . 2007-12-25 15:53 <REP> d-------- C:\Program Files\uTorrent
2007-12-25 12:46 . 2007-12-25 12:47 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-12-25 12:37 . 2007-10-11 00:49 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-12-25 12:37 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-12-25 12:37 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-12-25 12:37 . 2007-10-11 00:49 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-12-25 12:37 . 2007-10-11 00:49 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-12-25 12:37 . 2007-10-11 00:49 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-12-25 12:37 . 2007-10-11 00:49 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2007-12-25 12:37 . 2007-10-11 00:49 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-12-25 12:37 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-25 12:36 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2007-12-23 23:21 . 2007-12-23 23:32 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\Desktop Sidebar
2007-12-23 23:20 . 2007-12-23 23:20 <REP> d-------- C:\Program Files\Desktop Sidebar
2007-12-23 22:43 . 2008-01-01 17:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-23 22:42 . 2007-12-23 22:42 <REP> d-------- C:\Program Files\MSECache
2007-12-23 22:23 . 2007-12-23 22:23 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\AdobeUM
2007-12-23 21:47 . 2008-01-02 00:40 <REP> d-------- C:\Documents and Settings\Nicolas\Application Data\uTorrent
2007-12-23 20:25 . 2007-12-23 20:25 268 --ah----- C:\sqmdata07.sqm
2007-12-23 20:25 . 2007-12-23 20:25 244 --ah----- C:\sqmnoopt07.sqm
2007-12-23 20:16 . 2007-12-23 20:16 0 --a------ C:\WINDOWS\WB.ini
2007-12-23 19:58 . 2007-12-23 19:58 <REP> d-------- C:\Program Files\Stardock
2007-12-23 19:58 . 2007-07-11 15:06 42,672 --a------ C:\WINDOWS\system32\wbsys.dll
2007-12-22 19:54 . 2007-12-22 19:54 244 --ah----- C:\sqmnoopt06.sqm
2007-12-22 19:54 . 2007-12-22 19:54 232 --ah----- C:\sqmdata06.sqm
2007-12-22 19:44 . 2007-12-22 19:50 <REP> d-------- C:\Program Files\@stake
2007-12-22 19:44 . 2002-02-05 10:59 599,800 --a------ C:\WINDOWS\system32\Cfx4032.ocx
2007-12-22 19:44 . 2001-10-08 08:46 136,976 --a------ C:\WINDOWS\system32\SfxBar.dll
2007-12-22 19:40 . 2007-12-22 19:40 244 --ah----- C:\sqmnoopt05.sqm
2007-12-22 19:40 . 2007-12-22 19:40 232 --ah----- C:\sqmdata05.sqm
2007-12-22 19:33 . 2007-12-22 19:33 244 --ah----- C:\sqmnoopt04.sqm
2007-12-22 19:33 . 2007-12-22 19:33 232 --ah----- C:\sqmdata04.sqm
2007-12-22 19:29 . 2007-12-22 19:29 244 --ah----- C:\sqmnoopt03.sqm
2007-12-22 19:29 . 2007-12-22 19:29 244 --ah----- C:\sqmnoopt02.sqm
2007-12-22 19:29 . 2007-12-22 19:29 232 --ah----- C:\sqmdata03.sqm
2007-12-22 19:29 . 2007-12-22 19:29 232 --ah----- C:\sqmdata02.sqm
2007-12-22 19:11 . 2007-12-22 21:29 <REP> d-------- C:\Documents and Settings\MI6\Application Data\uTorrent
2007-12-22 19:07 . 2007-12-22 19:07 244 --ah----- C:\sqmnoopt01.sqm
2007-12-22 19:07 . 2007-12-22 19:07 232 --ah----- C:\sqmdata01.sqm
2007-12-22 18:59 . 2007-12-22 18:59 <REP> d-------- C:\Program Files\TGTSoft
2007-12-22 18:51 . 2007-12-22 18:51 244 --ah----- C:\sqmnoopt00.sqm

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-01 13:16 --------- d-----w C:\Program Files\Microsoft.NET
2008-01-01 12:33 357 ----a-w C:\Documents and Settings\Nicolas\.cb_layout.bin
2007-12-30 20:50 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-29 23:33 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-12-28 17:35 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-23 22:38 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-12-23 20:34 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Symantec
2007-12-22 21:43 --------- d-----w C:\Program Files\X10 Hardware
2007-12-22 21:43 --------- d-----w C:\Program Files\Windows Plus
2007-12-22 21:43 --------- d-----w C:\Program Files\Windows Desktop Search
2007-12-22 21:43 --------- d-----w C:\Program Files\Toshiba
2007-12-22 21:42 --------- d-----w C:\Program Files\Synaptics
2007-12-22 21:42 --------- d-----w C:\Program Files\Symantec
2007-12-22 21:41 --------- d---a-w C:\Program Files\Offre Wanadoo
2007-12-22 21:41 --------- d-----w C:\Program Files\Sonic
2007-12-22 21:41 --------- d-----w C:\Program Files\Services en ligne
2007-12-22 21:41 --------- d-----w C:\Program Files\Realtek
2007-12-22 21:41 --------- d-----w C:\Program Files\Norton Internet Security
2007-12-22 21:40 --------- d-----w C:\Program Files\MSN Toolbar Suite
2007-12-22 21:40 --------- d-----w C:\Program Files\microsoft frontpage
2007-12-22 21:40 --------- d-----w C:\Program Files\ltmoh
2007-12-22 21:40 --------- d-----w C:\Program Files\InterVideo
2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-12-22 21:38 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-12-22 21:37 --------- d-----w C:\Program Files\Fichiers communs\Java
2007-12-22 21:37 --------- d-----w C:\Program Files\Fichiers communs\InterVideo
2007-12-22 21:37 --------- d-----w C:\Program Files\Common Files
2007-12-22 21:30 --------- d-----w C:\Documents and Settings\LocalService\Application Data\X10 Commander
2007-12-22 21:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Windows Desktop Search
2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\toshiba
2007-12-22 21:26 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Sonic
2007-12-22 16:11 87,952 ------w C:\WINDOWS\system32\drivers\bdfndisf.sys
2007-12-22 16:11 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll
2007-12-22 14:28 --------- d-----w C:\Program Files\Intel
2007-10-23 13:20 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
2007-10-22 07:51 972,072 ----a-w C:\WINDOWS\UNRecode.exe
2007-10-20 18:17 39,424 ----a-w C:\WINDOWS\runtime.exe
2007-10-19 17:43 491,520 ----a-w C:\WINDOWS\dependencies.exe
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
.

((((((((((((((((((((((((((((( snapshot@2008-01-01_19.43.37.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-01 19:29:56 589,824 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\EnvDTE\f710b1a7f8f7df4aa680b05165d092e8\EnvDTE.ni.dll
+ 2008-01-01 19:30:00 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\EnvDTE80\bc9a9dfb52609542bdd7538a4d9e573c\EnvDTE80.ni.dll
+ 2008-01-01 19:30:09 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\[u]0[/u]75b49a466e75e4fb7ef859ecbad7766\Microsoft.VisualStudio.CommonIDE.ni.dll
+ 2008-01-01 19:30:26 376,832 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1b54c9f370b3d642a8223e61ebaeecf7\Microsoft.VisualStudio.Shell.Interop.8.0.ni.dll
+ 2008-01-01 19:30:14 23,040 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2f5a200a2679dd4f849225e38e89968c\Microsoft.VisualStudio.Designer.Interfaces.ni.dll
+ 2008-01-01 19:30:24 905,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\517ba54ce6a9224b903b6f8a7369fd3a\Microsoft.VisualStudio.Shell.ni.dll
+ 2008-01-01 19:30:13 1,196,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\68568423b81cb347b34f1d8fe4387315\Microsoft.VisualStudio.Design.ni.dll
+ 2008-01-01 19:30:23 319,488 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\6dc57aec54819546a376830390045b81\Microsoft.VisualStudio.OLE.Interop.ni.dll
+ 2008-01-01 19:30:26 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\76e5aea496854243bb10797213717c90\Microsoft.VisualStudio.Shell.Design.ni.dll
+ 2008-01-01 19:30:28 868,352 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9658d81461304f45b65a570093ec0837\Microsoft.VisualStudio.Windows.Forms.ni.dll
+ 2008-01-01 19:30:04 708,608 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9bfba24ad73942469da84cc4c4f578a8\Microsoft.VisualStudio.ni.dll
+ 2008-01-01 19:30:23 4,059,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\df4aa0ff9f19d54c970226541516674f\Microsoft.VisualStudio.Editors.ni.dll
+ 2008-01-01 19:30:11 241,664 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\eb09d7576ac5af43bd91c9dbb47d1340\Microsoft.VisualStudio.Configuration.ni.dll
+ 2008-01-01 19:29:59 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\[u]0[/u]ec1761463175b4bb1d1163cd16ee8a3\System.Configuration.Install.ni.dll
+ 2008-01-01 19:29:58 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\4c8ddf69471bf64f8e0fdf822cc9a5ee\System.ServiceProcess.ni.dll
+ 2008-01-01 19:30:29 118,784 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VSLangProj\fc43b1def4623146a0f8ab73b51befdc\VSLangProj.ni.dll
- 2008-01-01 18:35:21 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
+ 2008-01-02 00:08:11 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1427A821-7B93-4F08-9A34-9FA03A3D93DB}]
2007-05-21 10:11 20480 --a------ C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}
{C4069E3A-68F1-403E-B40E-20066696354B}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
{381FFDE8-2394-4F90-B10D-FC6124A40F8C}
{D0943516-5076-4020-A3B5-AEFAF26AB263}

[HKEY_CLASSES_ROOT\clsid\{381ffde8-2394-4f90-b10d-fc6124a40f8c}]
[HKEY_CLASSES_ROOT\BitDefender Toolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 13:00 15360]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 15:08 65536]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50 122880]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 19:31 1372160]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-10-23 14:18 202024]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2007-12-19 16:31 3477504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 12:34 64512]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-05-01 21:04 7557120]
"nwiz"="nwiz.exe" [2006-05-01 21:04 1519616 C:\WINDOWS\system32\nwiz.exe]
"NVRotateSysTray"="C:\WINDOWS\system32\nvsysrot.dll" [2006-05-01 21:04 49152]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 00:02 761948]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-05 14:59 16206848 C:\WINDOWS\RTHDCPL.exe]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2004-08-18 11:37 184320]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-13 15:50 88204 C:\WINDOWS\agrsmmsg.exe]
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2006-08-25 12:47 356352]
"TPSMain"="TPSMain.exe" [2005-08-03 15:09 266240 C:\WINDOWS\system32\TPSMain.exe]
"NDSTray.exe"="NDSTray.exe" []
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 12:11 73728]
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2005-05-17 08:24 118784]
"TFncKy"="TFncKy.exe" []
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-10-06 04:20 122940]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-09-16 23:27 52848]
"IS CfgWiz"="C:\Program Files\Norton Internet Security\cfgwiz.exe" [2005-09-29 21:33 120464]
"SSC_UserPrompt"="C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-11-10 10:57 218240]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 00:38 802816]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 00:32 696320]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-12-22 17:11 319488]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-12-22 17:11 61440]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-12-20 16:16 37376]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 12:03 36975]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"SSS2007 PasswordManagerFFAutoFill"="C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe" [2007-05-21 10:11 21504]
"SSS2007 HotKeys"="C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe" [2007-05-21 10:11 25088]
"SSS2007 File Redirection Starter"="C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe" [2007-05-15 15:18 53248]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2006-03-26 21:44:08]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 12:11 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-12-23 20:01 229376 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

R1 bdftdif;bdftdif;C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys [2007-12-22 17:11]
R1 SLEE_15_DRIVER;Steganos Live Encryption Engine 15 [Driver];C:\WINDOWS\system32\drivers\Sleen15.sys [2007-02-21 12:33]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3;C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 08:51]
R2 SQLWriter;Enregistreur VSS SQL Server;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 05:29]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-12-22 17:11]
R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-10 13:00]
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 09:45]
S2 Explorer;Explorer;"C:\Program Files\Fichiers communs\System\$sys$explorer.exe" [2007-12-23 19:57]
S3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2007-08-02 17:03]
S3 BDSelfPr;BDSelfPr;C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2007-08-08 14:12]
S3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 13:47]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-02 14:20:00 C:\WINDOWS\Tasks\Check Updates for MSN Search Toolbar.job"
- C:\Program Files\MSN Toolbar Suite\MSNTBUP.EXE
"2007-12-22 14:25:43 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2007-12-22 14:25:44 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2006-09-22 12:11:50 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-02 16:41:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
Completion time: 2008-01-02 16:42:43
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-02 15:42:33
C:\qoobox\ComboFix2.txt 2008-01-01 19:13:39
C:\qoobox\ComboFix3.txt 2008-01-01 18:43:58

tidochouse · Answer

Voila Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:46:17, on 02/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe
C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\SatSrv.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Rar$EX00.031\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32
vsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SSS2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe"
O4 - HKLM\..\Run: [SSS2007 HotKeys] "C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SSS2007 File Redirection Starter] "C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{438904B9-AAAF-44E1-A08E-D6E490DEF698}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{55AE282E-0E86-4F0E-8C38-255DDE167419}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E7E9677-783F-40D7-80C9-186283C66C98}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O17 - HKLM\System\CS1\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O17 - HKLM\System\CS2\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Explorer - Unknown owner - C:\Program Files\Fichiers communs\System\$sys$explorer.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\SatSrv.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

Regis59 · Answer

Re,

Télécharge le FixWareout sur le bureau:
http://download.bleepingcomputer.com/lonny/Fixwareout.exe 

Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish. 
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

Quand ton système aura redémarré, suis les invites des messages. Ensuite lance HijackThis. Clique sur Scan et coche les lignes suivantes:

O17 - HKLM\System\CCS\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{438904B9-AAAF-44E1-A08E-D6E490DEF698}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{55AE282E-0E86-4F0E-8C38-255DDE167419}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E7E9677-783F-40D7-80C9-186283C66C98}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O17 - HKLM\System\CS1\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147
O17 - HKLM\System\CS2\Services\Tcpip\..\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}: NameServer = 85.255.116.102,85.255.112.147
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.102 85.255.112.147 

Clique sur Fix Checked. Ferme HijackThis et clique sur OK pour continuer la procédure.

A la fin du fix, tu auras peut-être encore besoin de redémarrer le PC.

Au final, poste le contenu de C:\fixwareout\report.txt avec un nouveau rapport HijackThis.

A+

tidochouse · Answer

Ca y'est par contre je n'est pas trouver de lignes commencant par 017 rien de rien donc voila le raport fix

Username "Nicolas" - 02/01/2008 21:38:26 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.116.102 85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{3DC12FAF-610B-4978-8CCD-47E82C3D2386} 
"nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{438904B9-AAAF-44E1-A08E-D6E490DEF698} 
"nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{55AE282E-0E86-4F0E-8C38-255DDE167419} 
"nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{7E7E9677-783F-40D7-80C9-186283C66C98} 
"nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{7E8B454F-541C-4E4C-BB17-6FC4B1A8EC91} 
"nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4} 
"nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74} 
"nameserver"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{3DC12FAF-610B-4978-8CCD-47E82C3D2386}
"DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{438904B9-AAAF-44E1-A08E-D6E490DEF698}
"DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{7E7E9677-783F-40D7-80C9-186283C66C98}
"DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{AE5E0CCE-E9FD-4EE8-8B3A-6069C30DBCC0}
"DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{D938AB45-EE47-4EA0-A0E7-2A27A10FFAA4}
"DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{FF88F25F-AD1A-43C7-80D9-D146F1C39C74}
"DhcpNameServer"="85.255.116.102,85.255.112.147" <Value cleared.

Cache de résolution DNS vidé.


System was rebooted successfully. 
 
~~~~~ Postrun check 
HKLM\SOFTWARE\~\Winlogon\ "system"="" 
....
....
~~~~~ Misc files. 
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersionun]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /installquiet /keeploaded /nodetect"
"NVRotateSysTray"="rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable"
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe"
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe"
"TPSMain"="TPSMain.exe"
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe"
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe"
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE"
"ccApp"="\"C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe\""
"IS CfgWiz"="C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE \"REBOOT\""
"SSC_UserPrompt"="\"C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe\""
"IntelZeroConfig"="\"C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe\""
"IntelWireless"="\"C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe\" /tf Intel PROSet/Wireless"
"BDAgent"="\"C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe\""
"BitDefender Antiphishing Helper"="\"C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe\""
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe"
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe"
"WinampAgent"="\"C:\Program Files\Winamp\winampa.exe\""
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
"NBKeyScan"="\"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe\""
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe"
"Adobe Reader Speed Launcher"="\"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe\""
"SSS2007 PasswordManagerFFAutoFill"="\"C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe\""
"SSS2007 HotKeys"="\"C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe\""
"SSS2007 File Redirection Starter"="\"C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe\""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx"
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide"
"msnmsgr"="\"C:\Program Files\Windows Live\Messenger\msnmsgr.exe\" /background"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe\""
"Veoh"="\"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe\" /VeohHide"
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~


et le rapport HIjackthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:48:43, on 02/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\SatSrv.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe
C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe
C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
C:\WINDOWS\system32\RAMASST.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Nicolas\LOCALS~1\Temp\Rar$EX00.703\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\msntb.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32
vsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet	hotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SSS2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe"
O4 - HKLM\..\Run: [SSS2007 HotKeys] "C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SSS2007 File Redirection Starter] "C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Explorer - Unknown owner - C:\Program Files\Fichiers communs\System\$sys$explorer.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\WINDOWS\system32\SatSrv.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

Regis59 · Answer

Fais un test avec une recherche.

Par contre, tu as plusieurs antivirus, bitdefender, norton, n'en gardes qu un seul et supprime les autres.

tidochouse · Answer

ok

je pense garder bit defender kan meme.


Ba ecoute oune grade MERCI a tu mi amigo.lol

nan serieu merci pour ton "BENEVOLAT"et je tien a tedire a toi et o autre que c super d'aider les gens comme sa sans rien demander en retour.

enfin ceci di si ta un probleme de clim un jour demande moi ;-)

Virus IE et mozilla

13 réponses

Votre réponse

Discussions similaires

Newsletters