Gros soucis avec mon PC portable

Scorpion59 Messages postés 181 Statut Membre -  
ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   -
Bonjour,

Voila, j'ai acheté dernièrement un PC portable, jusque la tout va bien

Mon beau frère est allé sur ses sites de modélisme et depuis j'ai des gros soucis pour accéder à internet avec

Internet explorer m'ouvre des fenêtre d'alerte, impossible de faire des recherche accéder à des sites et plus je reste connecter plus ça rame...

Firefox ne répond plus à rien

Idem, le Pc rame

Donc la j'ai du me connecter depuis mon PC de Bureau mais le PC portable tourne sous Vista avec McAfee security center pré-installé

Voila, donc si quelqu'un pouvait m'aider car moi je n'ose pas trop trifouiller
Configuration: Windows XP
Firefox 2.0.0.14

9 réponses

  1. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Bonjour

    qu'a tu comme protection sur ton pc ? Mise à part mcafee
    qui d'ailleurs n'est ce qui à de mieux

    tu peux commencer par le lancer en mode sans échec et passer ton antivirus ainsi que toutes tes protections et nettoyeur

    Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
    Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.

    Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
    Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel

    ensuite si ça va mieux
    Télécharge sur le bureau

    ftp://ftp.commentcamarche.com/download/HJTInstall.exe

    = Double-clic dessus pour l'installer
    = Clic Do a system scan and save the log
    =coller le rapport
    si problème voir l'aide
    http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

    sinon sert toi de clé usb pour transférer d'un pc a l'autre
    @+
    0
  2. Scorpion59 Messages postés 181 Statut Membre 9
     
    Et voici :

    -------------------------------------------------------------------------------------------------------
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:51:03, on 09/05/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Safe mode

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\PROGRA~1\McAfee.com\Agent\mcagent.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
    O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Fabilus\AppData\Local\Temp\ssqQgHyW.dll,#1
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Fabilus\AppData\Local\Temp\iifeccdA.dll,c
    O4 - HKCU\..\Run: [BM751737a4] Rundll32.exe "C:\Users\Fabilus\AppData\Local\Temp\upjafmbp.dll",s
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
    O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    0
  3. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    très bien

    pour commencer

    * Télécharge malwarebytes
    http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    => Installe le
    => Ensuite va en mode sans echec

    Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
    Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel

    => Lance malwarebytes
    => Coche "Executer un examen complet"
    => Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
    => Clique sur Supprimer la sélection
    => Pour poster le rapport Clique sur l'onglet Rapports/Logs, sélectionne celui t'intéresse et clique sur Ouvrir
    => Fait copier coller et poste le rapport

    --------------------------

    ensuite

    * Télécharge CCleaner
    https://filehippo.com/download_ccleaner/
    => Aide toi de ce tuto pour l'utiliser
    https://www.malekal.com/tutoriel-ccleaner/

    --------------------------

    Ensuite Télécharge Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    et sauvegarde le sur ton bureau et pas ailleurs!
    => déconnecte toi d'internet et ferme toutes tes applications.
    => désactive tes protections (antivirus, parefeu,antispyware)
    => Double-clic sur combofix,
    => Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
    => Attends que combofix ait terminé, un rapport sera créé.
    => réactive ton parefeu, ton antivirus, la garde de ton antispyware
    => copie/colle le rapport C:\ComboFix.txt

    @+

    0
  4. Scorpion59 Messages postés 181 Statut Membre 9
     
    Alors voici le rapport de malwarebytes :

    Malwarebytes' Anti-Malware 1.12
    Version de la base de données: 736

    Type de recherche: Examen complet (C:\|E:\|)
    Eléments examinés: 160710
    Temps écoulé: 15 minute(s), 48 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 3

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM751737a4 (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Users\Fabilus\AppData\Local\Temp\iifeccdA.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Users\Fabilus\AppData\Local\Temp\awtULFwv.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Fabilus\AppData\Local\Temp\upjafmbp.dll (Trojan.Agent) -> Quarantined and deleted successfully.

    ===============================================================

    Et voici celui de ComboFix :

    ComboFix 08-05-08.1 - Fabilus 2008-05-09 21:29:46.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.278 [GMT 2:00]
    Endroit: D:\Virus\ComboFix.exe
    * Resident AV is active

    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-04-09 to 2008-05-09 ))))))))))))))))))))))))))))))))))))
    .

    2008-05-09 20:48 . 2008-05-09 20:48 <REP> d-------- C:\Program Files\Yahoo!
    2008-05-09 20:48 . 2008-05-09 20:48 <REP> d-------- C:\Program Files\CCleaner
    2008-05-09 19:49 . 2008-05-09 19:49 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\Malwarebytes
    2008-05-09 19:48 . 2008-05-09 19:48 <REP> d-------- C:\Users\All Users\Malwarebytes
    2008-05-09 19:48 . 2008-05-09 19:48 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-05-09 19:48 . 2008-05-09 19:49 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-05-09 19:48 . 2008-05-05 20:46 27,048 --a------ C:\Windows\System32\drivers\mbamcatchme.sys
    2008-05-09 19:48 . 2008-05-05 20:46 15,864 --a------ C:\Windows\System32\drivers\mbam.sys
    2008-05-09 14:50 . 2008-05-09 14:50 <REP> d-------- C:\Program Files\Trend Micro
    2008-05-09 12:29 . 2008-05-09 12:30 <REP> d-------- C:\Users\All Users\Lavasoft
    2008-05-09 12:29 . 2008-05-09 12:30 <REP> d-------- C:\ProgramData\Lavasoft
    2008-05-09 12:29 . 2008-05-09 12:29 <REP> d-------- C:\Program Files\Lavasoft
    2008-05-09 12:26 . 2008-05-09 12:26 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-04-18 20:14 . 2008-04-18 20:14 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\PeerNetworking
    2008-04-18 17:19 . 2008-04-18 17:19 <REP> d-------- C:\Users\All Users\Elaborate Bytes
    2008-04-18 17:19 . 2008-04-18 17:19 <REP> d-------- C:\ProgramData\Elaborate Bytes
    2008-04-18 12:57 . 2008-04-18 12:57 <REP> d-------- C:\Users\All Users\SlySoft
    2008-04-18 12:57 . 2008-04-18 12:57 <REP> d-------- C:\ProgramData\SlySoft
    2008-04-18 12:48 . 2008-04-18 12:48 <REP> d-------- C:\Program Files\SlySoft
    2008-04-18 12:46 . 2008-04-27 15:46 83 ---hs---- C:\Users\All Users\.zreglib
    2008-04-18 12:46 . 2008-04-27 15:46 83 ---hs---- C:\ProgramData\.zreglib
    2008-04-18 12:41 . 2008-04-18 13:00 48 ---hs---- C:\Windows\SFCD55F51.tmp
    2008-04-18 06:59 . 2008-04-18 06:59 <REP> d-------- C:\Program Files\Microsoft Silverlight
    2008-04-17 23:41 . 2008-04-17 23:41 <REP> d-------- C:\Program Files\Elaborate Bytes
    2008-04-17 23:31 . 2008-04-17 23:31 <REP> d-------- C:\Users\All Users\FLEXnet
    2008-04-17 23:31 . 2008-04-17 23:31 <REP> d-------- C:\ProgramData\FLEXnet
    2008-04-17 23:19 . 2008-04-17 23:22 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\Skype
    2008-04-17 23:11 . 2008-04-17 23:11 <REP> d-------- C:\Program Files\Bonjour
    2008-04-17 23:01 . 2008-04-17 23:01 <REP> d-------- C:\Program Files\VirtualDJ
    2008-04-17 22:59 . 2008-04-17 22:59 <REP> d-------- C:\Program Files\Common Files\Macrovision Shared
    2008-04-17 22:55 . 2008-04-17 22:55 <REP> d-------- C:\Users\All Users\Skype
    2008-04-17 22:55 . 2008-04-17 22:55 <REP> d-------- C:\ProgramData\Skype
    2008-04-17 22:55 . 2008-04-17 22:55 <REP> d-------- C:\Program Files\Skype
    2008-04-17 22:55 . 2008-04-17 22:55 <REP> d-------- C:\Program Files\Common Files\Skype
    2008-04-17 22:54 . 2008-04-20 18:22 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\Hamachi
    2008-04-17 22:52 . 2008-04-17 22:54 <REP> d-------- C:\Program Files\Hamachi
    2008-04-17 22:52 . 2008-04-17 22:52 25,544 --a------ C:\Windows\System32\drivers\hamachi.sys
    2008-04-17 22:49 . 2008-04-17 22:49 <REP> d-------- C:\Program Files\SLD Codec Pack
    2008-04-17 22:48 . 2008-04-17 22:48 <REP> d-------- C:\Program Files\ffdshow
    2008-04-17 22:48 . 2008-04-17 22:48 36,734 --a------ C:\Windows\System32\OggDSuninst.exe
    2008-04-17 22:48 . 2008-04-17 22:48 33,533 --a------ C:\Windows\System32\CoreVorbis-uninstall.exe
    2008-04-17 22:47 . 2008-04-17 22:47 <REP> d-------- C:\Program Files\XviD
    2008-04-17 22:47 . 2008-04-17 22:47 <REP> d-------- C:\Program Files\Morgan
    2008-04-17 22:47 . 2008-04-17 22:47 <REP> d-------- C:\Program Files\AC3Filter
    2008-04-17 22:47 . 2003-08-19 09:20 180,224 --a------ C:\Windows\System32\ac3filter.cpl
    2008-04-17 22:47 . 2002-11-18 17:02 40,960 --a------ C:\Windows\System32\MMAVILNG.exe
    2008-04-17 22:46 . 2008-04-17 22:47 <REP> d-------- C:\Program Files\DivX
    2008-04-17 22:46 . 2008-04-17 22:46 1,890 --ahs---- C:\Windows\System32\KGyGaAvL.sys
    2008-04-17 22:46 . 2008-04-17 22:46 56 -r-hs---- C:\Windows\System32\6DB171F490.sys
    2008-04-17 22:31 . 2008-04-17 22:31 <REP> d-------- C:\Users\Fabilus\dwhelper
    2008-04-16 19:12 . 2008-04-16 19:12 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
    2008-04-16 07:25 . 2008-04-16 07:26 <REP> d-------- C:\Users\All Users\WinZip
    2008-04-16 07:25 . 2008-04-16 07:26 <REP> d-------- C:\ProgramData\WinZip
    2008-04-16 00:52 . 2008-04-16 00:52 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\Nero
    2008-04-16 00:49 . 2008-04-16 00:49 <REP> d-------- C:\Users\All Users\Nero
    2008-04-16 00:49 . 2008-04-16 00:49 <REP> d-------- C:\ProgramData\Nero
    2008-04-16 00:49 . 2008-04-16 00:49 <REP> d-------- C:\Program Files\Nero
    2008-04-16 00:49 . 2008-04-16 00:50 <REP> d-------- C:\Program Files\Common Files\Nero
    2008-04-16 00:06 . 2008-05-09 10:36 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\uTorrent
    2008-04-16 00:06 . 2008-04-16 00:11 <REP> d-------- C:\Program Files\uTorrent
    2008-04-15 23:37 . 2008-04-15 23:52 <REP> d-------- C:\Program Files\Windows Live
    2008-04-15 23:37 . 2008-04-15 23:52 <REP> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
    2008-04-15 23:36 . 2008-04-15 23:40 <REP> d-------- C:\Users\All Users\WLInstaller
    2008-04-15 23:36 . 2008-04-15 23:40 <REP> d-------- C:\ProgramData\WLInstaller
    2008-04-15 23:10 . 2008-04-16 00:00 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\Azureus
    2008-04-15 23:10 . 2008-04-15 23:10 <REP> d-------- C:\Users\All Users\Azureus
    2008-04-15 23:10 . 2008-04-15 23:10 <REP> d-------- C:\ProgramData\Azureus
    2008-04-15 20:41 . 2008-05-06 23:10 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\Toshiba
    2008-04-15 20:40 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-04-15 20:36 . 2008-02-29 06:21 2,032,128 --a------ C:\Windows\System32\win32k.sys
    2008-04-15 20:36 . 2008-02-22 06:57 295,936 --a------ C:\Windows\System32\gdi32.dll
    2008-04-15 20:25 . 2008-04-15 20:25 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\ATI
    2008-04-15 20:23 . 2008-04-15 20:23 <REP> dr------- C:\Users\Fabilus\Searches
    2008-04-15 20:23 . 2008-04-27 20:24 <REP> dr------- C:\Users\Fabilus\Contacts
    2008-04-15 20:23 . 2008-04-15 20:23 <REP> d--hs---- C:\$RECYCLE.BIN
    2008-04-15 20:22 . 2006-07-05 06:45 1,069,056 --a------ C:\Windows\System32\libeay32.dll
    2008-04-15 20:22 . 2008-01-15 10:03 364,544 --a------ C:\Windows\System32\RtlLib.dll
    2008-04-15 20:22 . 2003-11-18 10:27 155,648 --a------ C:\Windows\System32\IpLib.dll
    2008-04-15 20:22 . 2006-10-26 22:30 131,072 --a------ C:\Windows\System32\EnumDevLib.dll
    2008-04-15 20:22 . 2007-04-23 10:50 25,896 --a------ C:\Windows\System32\drivers\RtlProt.sys
    2008-04-15 20:21 . 2008-04-15 20:21 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\InstallShield
    2008-04-15 20:21 . 2008-04-15 20:21 <REP> d-------- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver
    2008-04-15 20:21 . 2008-04-15 20:21 <REP> d-------- C:\Program Files\ltmoh
    2008-04-15 20:21 . 2006-12-26 16:40 491,520 --a------ C:\Windows\System32\cselect.exe
    2008-04-15 20:21 . 2007-12-26 11:20 290,304 --a------ C:\Windows\System32\drivers\rtl8187B.sys
    2008-04-15 20:21 . 2007-12-26 11:20 290,304 --a------ C:\Windows\system\rtl8187B.sys
    2008-04-15 20:21 . 2003-02-25 15:42 128,113 --a------ C:\Windows\System32\csellang.ini
    2008-04-15 20:21 . 2003-12-05 09:48 77,824 --a------ C:\Windows\System32\tosmreg.exe
    2008-04-15 20:21 . 2003-11-01 03:59 45,056 --a------ C:\Windows\System32\csellang.dll
    2008-04-15 20:21 . 2007-03-15 12:21 10,162 --a------ C:\Windows\System32\tosmreg.ini
    2008-04-15 20:21 . 2003-02-25 16:01 7,671 --a------ C:\Windows\System32\cseltbl.ini
    2008-04-15 20:20 . 2008-04-15 20:20 <REP> d-------- C:\Windows\Options
    2008-04-15 20:19 . 2008-04-15 20:19 <REP> d-------- C:\Users\All Users\ToshibaEurope
    2008-04-15 20:19 . 2008-04-15 20:19 <REP> d-------- C:\ProgramData\ToshibaEurope
    2008-04-15 20:18 . 2008-04-20 19:34 <REP> dr------- C:\Users\Fabilus\Videos
    2008-04-15 20:18 . 2008-04-15 20:23 <REP> dr------- C:\Users\Fabilus\Saved Games
    2008-04-15 20:18 . 2008-04-15 20:23 <REP> dr------- C:\Users\Fabilus\Pictures
    2008-04-15 20:18 . 2008-04-27 15:04 <REP> dr------- C:\Users\Fabilus\Music
    2008-04-15 20:18 . 2008-05-06 21:09 <REP> dr------- C:\Users\Fabilus\Links
    2008-04-15 20:18 . 2008-04-15 23:40 <REP> dr------- C:\Users\Fabilus\Downloads
    2008-04-15 20:18 . 2008-05-07 21:15 <REP> dr------- C:\Users\Fabilus\Documents
    2008-04-15 20:18 . 2006-11-02 14:37 <REP> d-------- C:\Users\Fabilus\AppData\Roaming\Media Center Programs
    2008-04-15 20:18 . 2008-05-08 17:58 <REP> d--h----- C:\Users\Fabilus\AppData
    2008-04-15 20:18 . 2008-04-17 22:31 <REP> d-------- C:\Users\Fabilus
    2008-04-15 20:18 . 2008-04-15 20:25 524,288 --ahs---- C:\Users\Fabilus\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
    2008-04-15 20:18 . 2008-05-09 20:56 524,288 --ahs---- C:\Users\Fabilus\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
    2008-04-15 20:18 . 2008-05-09 21:37 262,144 --ah----- C:\Users\Fabilus\ntuser.dat.LOG1
    2008-04-15 20:18 . 2008-05-09 20:56 65,536 --ahs---- C:\Users\Fabilus\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
    2008-04-15 20:18 . 2008-04-15 20:18 0 --ah----- C:\Users\Fabilus\ntuser.dat.LOG2
    2008-04-15 20:17 . 2008-04-15 20:17 <REP> dr------- C:\Windows\System32\config\systemprofile\Contacts
    2008-04-15 20:05 . 2008-04-15 20:05 0 -rahs---- C:\Windows\System32\drivers\TOSHIBA_Satellite L300D_06547-FR_PSLC0E-00S01.MRK
    2008-04-15 20:00 . 2008-04-15 20:00 <REP> d-------- C:\Windows\System32\en
    2008-04-15 19:59 . 2008-04-15 20:00 <REP> d-------- C:\Program Files\Camera Assistant Software for Toshiba
    2008-04-15 19:59 . 2007-12-17 11:45 18,432 --a------ C:\Windows\System32\drivers\UVCFTR_S.SYS
    2008-04-11 16:14 . 2008-04-11 16:14 97,728 --a------ C:\Windows\System32\drivers\AnyDVD.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-09 08:39 --------- d-----w C:\Program Files\McAfee
    2008-05-07 18:17 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-04-17 05:26 --------- d-----w C:\Program Files\Java
    2008-04-15 22:27 --------- d-----w C:\ProgramData\Microsoft Help
    2008-04-15 21:00 --------- d-----w C:\Program Files\Google
    2008-04-15 20:45 --------- d-----w C:\Program Files\Picasa2
    2008-04-15 19:11 --------- d-----w C:\Program Files\Windows Mail
    2008-04-15 18:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-15 18:22 --------- d-----w C:\Program Files\Realtek
    2008-04-15 18:17 --------- d-sh--w C:\ProgramData\Modèles
    2008-04-15 18:17 --------- d-sh--w C:\ProgramData\Menu Démarrer
    2008-04-15 18:17 --------- d-sh--w C:\ProgramData\Favoris
    2008-04-15 18:17 --------- d-sh--w C:\ProgramData\Bureau
    2008-04-15 18:17 --------- d-sh--w C:\Program Files\Fichiers communs
    2008-04-15 18:07 --------- d-----w C:\Program Files\TOSHIBA
    2008-03-14 22:24 93,128 ----a-w C:\Windows\System32\ElbyCDIO.dll
    2008-02-29 07:14 19,000 ----a-w C:\Windows\System32\kd1394.dll
    2008-02-29 07:11 988,216 ----a-w C:\Windows\System32\winload.exe
    2008-02-29 07:11 927,288 ----a-w C:\Windows\System32\winresume.exe
    2008-02-29 06:53 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
    2008-02-29 06:53 40,960 ----a-w C:\Windows\System32\srclient.dll
    2008-02-29 06:53 378,368 ----a-w C:\Windows\System32\srcore.dll
    2008-02-29 04:12 318,464 ----a-w C:\Windows\System32\rstrui.exe
    2008-02-29 04:12 14,848 ----a-w C:\Windows\System32\srdelayed.exe
    2008-02-22 09:50 319,456 ----a-w C:\Windows\DIFxAPI.dll
    2008-02-22 09:49 315,392 ----a-w C:\Windows\HideWin.exe
    2008-02-22 05:05 615,992 ----a-w C:\Windows\System32\ci.dll
    2008-02-22 05:01 826,880 ----a-w C:\Windows\System32\wininet.dll
    2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
    .

    ------- Sigcheck -------

    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 04:23 1233920]
    "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-01-29 17:00 430080]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 04:25 125952]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 14:18 202024]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 04:25 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-21 04:23 1008184]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 19:51 4911104 C:\Windows\RtHDVCpl.exe]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 19:12 1029416]
    "NDSTray.exe"="NDSTray.exe" []
    "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 23:33 582992]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048]
    "topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 10:24 581632]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-22 12:33 1836544]
    "Desktop SMS"="C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 11:51 1507328]
    "Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 17:41 413696]
    "TPwrMain"="C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 16:27 431456]
    "SmoothView"="C:\Program Files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 13:33 509816]
    "00TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 14:25 712704]
    "Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 12:05 571024]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 03:23 443968]
    "DelayShred"="C:\Program Files\McAfee\MSHR\ShrCL.exe" [2007-07-25 16:10 111904]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    "LoadAppInit_DLLs"=1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3acm"= l3codecp.acm
    "msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
    "vidc.DIV3"= DivXc32.dll
    "vidc.DIV4"= DivXc32f.dll
    "msacm.divxa32"= DivXa32.acm
    "VIDC.HFYU"= huffyuv.dll
    "vidc.ffds"= C:\Program Files\ffdshow\ffdshow.ax

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{E7396CC2-2D9F-4E77-B9FF-14A35DE6F25C}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
    "{7B09F4FD-A2CA-4960-93FB-A4C37C6C6AC6}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{285B7490-3CDA-42A9-848E-BB9CE68A3D4F}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{47DCA800-BF97-4041-89CF-C3BE51FB431C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{C528D1AE-7927-4E7A-966A-8A60E8EA895C}C:\\program files\\windows sidebar\\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
    "UDP Query User{78DCB1CA-242C-444E-A0F1-04012CBF4689}C:\\program files\\windows sidebar\\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Volet Windows

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 11:23]
    R0 tos_sps32;TOSHIBA tos_sps32 Service;C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 16:42]
    R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 10:50]
    R2 ConfigFree Service;ConfigFree Service;"C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe" [2007-12-25 14:07]
    R2 TNaviSrv;TOSHIBA Navi Support Service;C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 17:54]
    R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;"c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe" [2007-12-03 17:03]
    R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-07-27 23:36]
    R3 FwLnk;FwLnk Driver;C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 15:11]
    R3 RTL8187B;Adaptateur réseau USB 2.0 54Mbps, 802.11b/g sans fil Realtek RTL8187B;C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 11:20]
    R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 12:50]
    R3 UVCFTR;UVCFTR;C:\Windows\system32\Drivers\UVCFTR_S.SYS [2007-12-17 11:45]
    S3 MBAMCatchMe;MBAMCatchMe;C:\Windows\system32\drivers\mbamcatchme.sys [2008-05-05 20:46]
    S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 04:23]
    S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 04:23]

    *Newly Created Service* - CATCHME
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-02-22 10:38:26 C:\Windows\Tasks\McDefragTask.job"
    - c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
    "2008-02-22 10:38:26 C:\Windows\Tasks\McQcTask.job"
    - c:\PROGRA~1\mcafee\mqc\QcConsol.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-09 21:36:43
    Windows 6.0.6001 Service Pack 1 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    TOSCDSPD = C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i??????C?^%M????>???>???>?0 >?X

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-05-09 21:38:49
    ComboFix-quarantined-files.txt 2008-05-09 19:38:31

    Pre-Run: 27,936,354,304 octets libres
    Post-Run: 27,987,111,936 octets libres

    259 --- E O F --- 2008-04-18 05:00:00

    =========================================================

    Et voila, j'espère que tout à été enlevé ...
    J'attend les instructions pour la suite ^^
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    ok

    refais un nouveau hijack stp
    0
  7. Scorpion59 Messages postés 181 Statut Membre 9
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:00:07, on 09/05/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Safe mode

    Running processes:
    C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: McAfee Phishing Filter - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
    O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
    O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    0
  8. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    il y à du mieux

    relance hijack et coche ceci
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
    O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
    O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)

    ensuite tu clique sur fix checked

    ensuite fait un scan en ligne

    avec bitdefender et colle le rapport

    https://www.bitdefender.com/toolbox/

    Scan à faire sous Internet Explorer

    un tuto
    http://pageperso.aol.fr/rginformatique/mapage/defender.htm
    @+
    0
  9. Scorpion59 Messages postés 181 Statut Membre 9
     
    Impossible de faire le scan avec bitdefender, il faut que je télécharge le logiciel ?
    Donc j'ai fais exécuter le controle ActivX et compagnie mais il me marque "scan failed"
    0
  10. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Bonjour

    Fais un scan en ligne avec Panda :
    http://pandasoftware.fr .
    Et poste le rapport qu'il t'affichera à la fin, pour cela, assure toi que IE est correctement configuré pour le scan en ligne comme indiqué ici : https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId898809 .
    Si tu n'y arrives pas, le tuto est : https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId237368
    @+
    0