High-Tech Santé Médecine Droit-Finances

Auto-Entrepreneur

Comment faire ?

Rechercher : dans
Par :

Med desinfecter

Dernière réponse le 13 mai 2009 à 18:02:14 TOT127, le 28 avr 2009 à 14:43:31 
 Signaler ce message aux modérateurs

Hello, je vais etre assez bref: je pense que mon ordi est un nid d'infection en tout genre... Est ce que quelqu'un pourrait me guider dans une desinfection efficace ? J'ai vu que ça se fait beaucoup sur le forum, j'avais commencé à le faire avec qn ici mais 2 semaines ont passé déjà, et je pense qu'il faut tout recomencer.
Sur mon ordi:
Mac afee
AVG antsyware
CCleaner
spybot
le parefeu windows d'origine
internet via une free box
2 ipod, clés usb, un disque dur externe, un appareil photo
vuze qui télécharge en ce moment (mais depuis peu)


Je sais pas si ça vous est utile mais sait on jamais =)


Voilà,
en esperant que quelqu'un pourra m'aider,
bonne après midi !!

T. 


Configuration: Windows Vista
Safari 525.28.1

Meilleures réponses pour « Med desinfecter » dans :
Utilitaires de désinfection des principaux virus et vers Voir Qu'est-ce qu'un kit de désinfection ? Un kit de désinfection est un petit exécutable dont le but est de nettoyer une machine infectée par un virus particulier. Chaque kit de désinfection est donc uniquement capable d'éradiquer un type de virus...
[Virus] Kit de désinfection pour éradiquer W32/Beagle@mm (Bagle) Voir Nom des variantes Beagle/bagle Kits de désinfection Nom des variantes Beagle/bagle Plusieurs éditeurs ont mis au point des kits de désinfection permettant de supprimer les variantes suivantes du Virus W32.Beagle@mm, appelé aussi Win32.Bagle...
[Spywares] Méthodes de désinfection Voir
Désinfecter une clé USB ou un disque amovible Voir
Comment supprimer le virus Conficker / Downadup / Kido VoirSommaire Qu'est-ce que Conficker ? Comment éviter d'être infecté par Conficker ? Diagnostic Rapide Désinfecter un ordinateur touché par Conficker Préliminaire Suppression de l'infection Qu'est-ce que Conficker ? Conficker (connu...
Comment supprimer Eorezo / Eoengine / Lo.st ? VoirVous n'arrivez pas à vous débarrasser de la page lo.st ? Vous avez des pubs eoRezo ? Cette astuce est faite pour vous. Informations sur les infections Informations sur Eorezo Informations sur IT'S label Procédures de désinfection Méthode...
Posez votre question Répondre

2

jlpjlp, le 28 avr 2009 à 16:17:55

Slt,


scan avec malwarebyte , fais un scan rapide et colle le rapport obtenu et vire ce qui est trouvé:


http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php­­

______________________


colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://www.pandasoftware.fr/Activescan/Activescan.html

Kaspersky en ligne
http://webscanner.kaspersky.fr/

______________________


Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

   
Répondre à jlpjlp

3

TOT127, le 29 avr 2009 à 13:43:52

Ok, je commence maintenant mais ça risque d'être long...
A+

   
Répondre à TOT127

4

jlpjlp, le 29 avr 2009 à 20:54:06

Ok mais maintenant je serai peu dispo ...

   
Répondre à jlpjlp

5

TOT127, le 29 avr 2009 à 21:06:21

Ok, j'espere que vous pourrez quand meme jetter un oeuil, en tout cas je vais lancer le scan pendant la nuit probablement parceque ça a l'air vraiment très long (j'ai du l'avorter 2 fois parceque j'aime pas trop laisser l'ordi au travail la nuit..)

merci en tout cas !
A+

P.S: lequel des trois scan proposés est le plus rapide ou le meilleur ?


a+

   
Répondre à TOT127

6

jlpjlp, le 29 avr 2009 à 21:37:04

Les 3 sont bon

   
Répondre à jlpjlp

7

TOT127, le 30 avr 2009 à 20:52:41

Voilà en 1 le rapport de malware et ensuite celui du scan en ligne bit defender. j'espère que vous aurez le tps de me dire quoi faire. Merci en tout cas et bonne soirée
tot

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2053
Windows 6.0.6001 Service Pack 1

2009-04-28 16:56:42
mbam-log-2009-04-28 (16-56-42).txt

Type de recherche: Examen rapide
Eléments examinés: 72885
Temps écoulé: 7 minute(s), 6 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)



ET ENSUITE CELUI DU SCAN EN LIGNE BIT DEFENDER:
BitDefender Online Scanner





Scan report generated at: Thu, Apr 30, 2009 - 20:26:10







Scan path: C:\;D:\;E:\;F:\;G:\;H:\;











Statistics

Time

07:04:48

Files

1008551

Folders

39253

Boot Sectors

0

Archives

144577

Packed Files

28348





Results

Identified Viruses

24

Infected Files

41

Suspect Files

0

Warnings

0

Disinfected

0

Deleted Files

41





Engines Info

Virus Definitions

2854932

Engine build

AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

Scan plugins

17

Archive plugins

45

Unpack plugins

7

E-mail plugins

6

System plugins

4





Scan Settings

First Action

Disinfect

Second Action

Delete

Heuristics

Yes

Enable Warnings

Yes

Scanned Extensions

*;

Exclude Extensions



Scan Emails

Yes

Scan Archives

Yes

Scan Packed

Yes

Scan Files

Yes

Scan Boot

Yes






Scanned File

Status

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0c­s3.default\Mail\Local Folders\Inbox=>(message 2434)=>[Subject: Online Greeting Card Waiting For You][Date: Sun, 25 Dec 2005 18:10:56 -0500 (EST)]=>(message body)

Infected with: Trojan.Html.Pcard.F

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 2434)=>[Subject: Online Greeting Card Waiting For You][Date: Sun, 25 Dec 2005 18:10:56 -0500 (EST)]=>(message body)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 2434)

Updated

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 2530)

Infected with: Trojan.Spy.HTML.Bankfraud.K

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 2530)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 2530)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 4203)

Infected with: Trojan.Downloader.JS.BF

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 4203)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 4203)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 4209)

Infected with: Trojan.Downloader.JS.BF

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 4209)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 4209)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 5445)

Infected with: Trojan.Banker.X

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 5445)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 5445)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 8119)

Infected with: Trojan.Phishing.Amazon.A

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 8119)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 8119)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 10306)

Infected with: Generic.Peed.Eml.3BBF4C20

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 10306)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 10306)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 10385)

Infected with: Generic.Peed.Eml.DC224ABD

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 10385)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 10385)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 10454)

Infected with: Generic.Peed.Eml.2D383254

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 10454)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 10454)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 11478)

Infected with: Generic.Peed.Eml.84E6E8D5

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 11478)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 11478)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21012)

Infected with: Generic.Peed.Eml.A6914374

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21012)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21012)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21169)

Infected with: Generic.Peed.Eml.790E023A

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21169)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21169)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21468)

Infected with: Generic.Peed.Eml.8DB4067E

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21468)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21468)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21478)

Infected with: Generic.Peed.Eml.38292AF9

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21478)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21478)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21539)

Infected with: Generic.Peed.Eml.F7D3F7EB

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21539)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21539)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21545)

Infected with: Generic.Peed.Eml.3FBBCC6D

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21545)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21545)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21550)

Infected with: Generic.Peed.Eml.FF2A3E79

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21550)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21550)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21590)

Infected with: Generic.Peed.Eml.975B7117

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21590)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox=>(message 21590)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Inbox

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 2037)

Infected with: Trojan.Banker.X

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 2037)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 2037)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 4221)

Infected with: Trojan.Phishing.Amazon.A

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 4221)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 4221)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 5977)

Infected with: Generic.Peed.Eml.B2216259

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 5977)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 5977)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 6048)

Infected with: Generic.Peed.Eml.55BC64C4

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 6048)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 6048)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 6105)

Infected with: Generic.Peed.Eml.6AA8D66D

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 6105)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 6105)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 6987)

Infected with: Generic.Peed.Eml.231D12D4

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 6987)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 6987)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14269)

Infected with: Generic.Peed.Eml.C3A6A395

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14269)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14269)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14337)

Infected with: Generic.Peed.Eml.1E436AE0

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14337)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14337)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14364)

Infected with: Generic.Peed.Eml.FF2A3E79

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14364)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14364)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14371)

Infected with: Generic.Peed.Eml.F7D3F7EB

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14371)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14371)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14372)

Infected with: Generic.Peed.Eml.3FBBCC6D

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14372)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14372)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14383)

Infected with: Generic.Peed.Eml.38292AF9

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14383)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14383)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14471)

Infected with: Generic.Peed.Eml.790E023A

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14471)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14471)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14482)

Infected with: Generic.Peed.Eml.A6914374

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14482)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk=>(message 14482)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Junk

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9664)

Infected with: Generic.Peed.Eml.C3A6A395

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9664)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9664)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9723)

Infected with: Generic.Peed.Eml.1E436AE0

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9723)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9723)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9742)

Infected with: Generic.Peed.Eml.FF2A3E79

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9742)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9742)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9749)

Infected with: Generic.Peed.Eml.F7D3F7EB

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9749)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9749)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9750)

Infected with: Generic.Peed.Eml.3FBBCC6D

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9750)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9750)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9761)

Infected with: Generic.Peed.Eml.38292AF9

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9761)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9761)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9975)

Infected with: Generic.Peed.Eml.790E023A

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9975)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 9975)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash

Update failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 10068)

Infected with: Generic.Peed.Eml.A6914374

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 10068)

Disinfection failed

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash=>(message 10068)

Deleted

C:\Users\Ruggero\AppData\Roaming\Thunderbird\Profiles\2wqj0cs3.default\Mail\Local Folders\Trash

Update failed

G:\antiviral\Navilog1.exe=>(Instyler o)=>(Instyler Module 3)

Infected with: Trojan.Generic.1606936

G:\antiviral\Navilog1.exe=>(Instyler o)=>(Instyler Module 3)

Deleted

G:\antiviral\Navilog1.exe=>(Instyler o)

Update failed

   
Répondre à TOT127

8

jlpjlp, le 1 mai 2009 à 11:05:44

Vire le logiciel navilog que tu avais utilisé . Puis toutes les autres infections sont des mail situé dans ta messagerie thunderbird alors fais le ménage dedans puis colle un rapport rsit

   
Répondre à jlpjlp

9

TOT127, le 1 mai 2009 à 11:24:03

Ok, en fait je n'ai jamais utilisé thunderbird ! je l'ai installé mais j'ai meme pas programmé de compte dedans (je savais pas faire je crois) ! comment ça se fait ?
Je vais essayer de virer navilog mais je ne sais pas comment vu que je n'avais pas réussit à l'installer, ou dumoins à le faire marche.

Bon, j"y go
merci surtout et à+



P.S: je vais supprimer le dossier thunderbird en entier, de toute façon j'utilise pas ce logiciel, ok?

   
Répondre à TOT127

10

TOT127, le 1 mai 2009 à 11:38:05

Logfile of random's system information tool 1.06 (written by random/random)
Run by MON NOM at 2009-05-01 11:34:51
Microsoft® Windows Vista™ Professionnel Service Pack 1
System drive C: has 34 GB (25%) free of 140 GB
Total RAM: 2045 MB (43% free)
VOICI LE RAPPORT LOG.TXX, LE SEUL DONNE, DE RSIT.
A++


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:36, on 2009-05-01
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\conime.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Safari\Safari.exe
C:\Users\MON NOM\AppData\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\MON NOM.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -

C:\Program Files\Search Settings\kb128\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio

Toolbar\DealioToolbarIE.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program

Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1

\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC

-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program

Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program

Files\Search Settings\kb128\SearchSettings.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program

Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio

Toolbar\DealioToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam

Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common

Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0

\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support

Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -

startup
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE"

/STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common

Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major

Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32

\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P

DellSupportCenter
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft

Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan

Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0

\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition

Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe"

/minimized
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P

DellSupportCenter
O4 - HKCU\..\Run: [SfKg6wIPu] C:\Users\MON

NOM\AppData\Roaming\Microsoft\Windows\gsdjt.exe
O4 - HKCU\..\Run: [PhoneDaemon] C:\Users\MON

NOM\AppData\Desktop\iPhone_Pc_Suite_by_iSpazio\iPhone PC Suite\PhoneDaemon.exe
O4 - HKCU\..\Run: [swg] C:\Program

Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ecyeiua] "c:\users\MON NOM\appdata\local\ecyeiua.exe" ecyeiua
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem

(User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

(User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem

(User 'SERVICE RÉSEAU')
O4 - Startup: CD-MENU.LNK = F:\AutoMenu.exe
O4 - Startup: Nikon Monitor.lnk = ?
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\MON

NOM\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common

Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2

\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1

\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-

00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -

C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3

-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} -

C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-

0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1

\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1

\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200

-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -

http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -

http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -

http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -

http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile

Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program

Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-

Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program

Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY

Shared\Service\Boonty.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program

Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program

Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan

Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program

Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0

\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program

Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) -

SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing

Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32

\DRIVERS\xaudio.exe
End of file - 12341 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-04-09 688128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common

Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572

\swg.dll [2009-03-22 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb128\SearchSettings.dll [2009-04-09

1091584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program

Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - C:\Program Files\Dealio

Toolbar\DealioToolbarIE.dll [2009-04-09 688128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2007-05-25 17920]
"OEM02Mon.exe"=C:\Windows\OEM02Mon.exe [2007-08-29 36864]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27

118784]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-

16 81920]
""= []
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0

\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2007-04-16 184320]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-10-09

16384]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2006-11-30 112216]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2006-11-17

136768]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-06-27

405504]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-10-04 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-10-04 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-10-04 81920]
"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2007-10-04 86016]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-09-21 55824]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft

Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

[2006-10-26 132704]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleSyncNotifier.exe [2009-03-06 177472]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-07-02 159744]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008

-10-15 39792]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2

\Apps\apdproxy.exe []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11

6731312]
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2009-04-09 970240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"SfKg6wIPu"=C:\Users\MON NOM\AppData\Roaming\Microsoft\Windows\gsdjt.exe []
"PhoneDaemon"=C:\Users\MON NOM\AppData\Desktop\iPhone_Pc_Suite_by_iSpazio\iPhone PC

Suite\PhoneDaemon.exe []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-04-27

68856]
"ecyeiua"=c:\users\MON NOM\appdata\local\ecyeiua.exe ecyeiua []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma

Loader.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}

\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe

C:\Users\MON NOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CD-MENU.LNK - F:\AutoMenu.exe
Nikon Monitor.lnk - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
Outil de notification Live Search.lnk - C:\Users\MON NOM\AppData\Roaming\Microsoft\Live

Search\Notification-LiveSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHoo

ks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5

\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware

Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware

Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-

Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-

Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpol

icy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpol

icy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-04-29 21:41:07 ----D---- C:\Program Files\Medieval Software
2009-04-28 16:42:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-28 15:17:14 ----D---- C:\Program Files\Search Settings
2009-04-28 15:16:24 ----D---- C:\Program Files\Dealio Toolbar
2009-04-28 15:15:10 ----A---- C:\Windows\system32\MSVCRTD.DLL
2009-04-28 15:15:10 ----A---- C:\Windows\system32\MSVCP60D.DLL
2009-04-28 15:14:56 ----A---- C:\Windows\system32\WMAFile.dll
2009-04-28 15:14:56 ----A---- C:\Windows\system32\AudioVisu.dll
2009-04-28 15:14:55 ----A---- C:\Windows\system32\AudioRecord.dll
2009-04-28 15:14:54 ----A---- C:\Windows\system32\AudPlayer.dll
2009-04-28 15:14:54 ----A---- C:\Windows\system32\AudioInfos.dll
2009-04-28 15:14:52 ----A---- C:\Windows\system32\AudFile.dll
2009-04-28 15:14:52 ----A---- C:\Windows\system32\AudDisplay.dll
2009-04-28 15:14:49 ----A---- C:\Windows\system32\AudDesign.dll
2009-04-28 15:14:45 ----D---- C:\Program Files\Free Audio Pack
2009-04-28 15:14:45 ----A---- C:\Windows\system32\lame_enc.dll
2009-04-28 14:54:01 ----D---- C:\Program Files\Auslogics
2009-04-25 20:20:12 ----D---- C:\Program Files\AskBarDis
2009-04-25 19:13:33 ----D---- C:\Users\MON NOM\AppData\Roaming\uTorrent
2009-04-25 15:50:19 ----D---- C:\Users\MON NOM\AppData\Roaming\DMCache
2009-04-24 17:36:53 ----SHD---- C:\Windows\system32\%APPDATA%
2009-04-24 16:50:52 ----A---- C:\Windows\system32\xolehlp.dll
2009-04-24 16:50:52 ----A---- C:\Windows\system32\msdtcprx.dll
2009-04-24 16:50:49 ----A---- C:\Windows\system32\winhttp.dll
2009-04-24 16:50:39 ----A---- C:\Windows\system32\rpcss.dll
2009-04-24 16:50:39 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-04-24 16:50:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-04-24 16:50:35 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-24 16:50:34 ----A---- C:\Windows\system32\sdohlp.dll
2009-04-24 16:50:34 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-24 16:50:34 ----A---- C:\Windows\system32\iasrecst.dll
2009-04-24 16:50:34 ----A---- C:\Windows\system32\iasdatastore.dll
2009-04-24 16:50:32 ----A---- C:\Windows\system32\iashost.exe
2009-04-24 16:50:32 ----A---- C:\Windows\system32\iasads.dll
2009-04-24 16:49:08 ----A---- C:\Windows\system32\lsasrv.dll
2009-04-24 16:49:08 ----A---- C:\Windows\system32\kernel32.dll
2009-04-24 16:49:05 ----A---- C:\Windows\system32\secur32.dll
2009-04-24 16:49:05 ----A---- C:\Windows\system32\apilogen.dll
2009-04-24 16:49:05 ----A---- C:\Windows\system32\amxread.dll
2009-04-12 19:36:05 ----A---- C:\Windows\zipinst.exe
2009-04-12 19:03:49 ----D---- C:\Program Files\MSN Password Recovery
2009-04-12 12:21:16 ----D---- C:\divx
2009-04-12 12:19:55 ----RD---- C:\Program Files\autres 2
2009-04-11 21:25:43 ----D---- C:\Users\MON NOM\AppData\Roaming\DivX
2009-04-11 21:14:32 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-04-11 21:13:11 ----D---- C:\Program Files\Common Files\DivX Shared
2009-04-11 21:12:59 ----D---- C:\Program Files\DivX
2009-04-11 17:58:13 ----D---- C:\Program Files\WinASPI
2009-04-11 17:57:40 ----D---- C:\Program Files\Morgan
2009-04-11 17:55:20 ----D---- C:\Users\MON NOM\AppData\Roaming\NeoDivX2008
2009-04-11 17:55:20 ----D---- C:\Program Files\NeoDivX2008
2009-04-11 17:54:19 ----D---- C:\Users\MON NOM\AppData\Roaming\dvdcss
2009-04-11 17:51:10 ----D---- C:\Users\MON NOM\AppData\Roaming\Tinysoar
2009-04-11 17:51:04 ----D---- C:\Program Files\Tinysoar software
2009-04-11 15:44:21 ----A---- C:\Windows\zip.exe
2009-04-11 15:44:21 ----A---- C:\Windows\VFIND.exe
2009-04-11 15:44:21 ----A---- C:\Windows\SWXCACLS.exe
2009-04-11 15:44:21 ----A---- C:\Windows\SWSC.exe
2009-04-11 15:44:21 ----A---- C:\Windows\SWREG.exe
2009-04-11 15:44:21 ----A---- C:\Windows\sed.exe
2009-04-11 15:44:21 ----A---- C:\Windows\NIRCMD.exe
2009-04-11 15:44:21 ----A---- C:\Windows\grep.exe
2009-04-11 15:44:21 ----A---- C:\Windows\fdsv.exe
2009-04-11 15:44:18 ----D---- C:\ComboFix
2009-04-11 15:44:18 ----A---- C:\Windows\system32\CF10430.exe
2009-04-11 15:37:29 ----D---- C:\Windows\ERDNT
2009-04-11 15:37:28 ----A---- C:\Windows\system32\CF7576.exe
2009-04-11 15:37:26 ----A---- C:\Windows\system32\swsc.exe
2009-04-11 15:29:44 ----D---- C:\Qoobox
2009-04-11 14:25:56 ----D---- C:\FindyKill
2009-04-11 11:51:47 ----D---- C:\Users\MON NOM\AppData\Roaming\PeerNetworking
2009-04-11 10:56:56 ----A---- C:\Windows\system32\dfshim.dll
2009-04-11 10:56:39 ----A---- C:\Windows\system32\mscoree.dll
2009-04-11 10:56:32 ----A---- C:\Windows\system32\netfxperf.dll
2009-04-11 10:55:25 ----A---- C:\Windows\system32\mscorier.dll
2009-04-11 10:55:03 ----A---- C:\Windows\system32\mscories.dll
2009-04-11 10:35:57 ----A---- C:\TB.txt
2009-04-11 10:35:26 ----D---- C:\ToolBar SD
2009-04-10 17:39:42 ----A---- C:\UsbFix.txt
2009-04-10 11:57:49 ----D---- C:\rsit
2009-04-10 10:55:18 ----D---- C:\Users\MON NOM\AppData\Roaming\Malwarebytes
2009-04-10 10:55:12 ----D---- C:\ProgramData\Malwarebytes
2009-04-08 21:28:02 ----D---- C:\Windows\BDOSCAN8
2009-04-08 21:08:58 ----A---- C:\Windows\system32\mshtmler.dll
2009-04-08 21:08:58 ----A---- C:\Windows\system32\mshtmled.dll
2009-04-08 21:08:58 ----A---- C:\Windows\system32\ieui.dll
2009-04-08 21:08:58 ----A---- C:\Windows\system32\icardie.dll
2009-04-08 21:08:58 ----A---- C:\Windows\system32\admparse.dll
2009-04-08 21:08:57 ----A---- C:\Windows\system32\msls31.dll
2009-04-08 21:08:57 ----A---- C:\Windows\system32\jsproxy.dll
2009-04-08 21:08:57 ----A---- C:\Windows\system32\corpol.dll
2009-04-08 21:08:56 ----A---- C:\Windows\system32\iernonce.dll
2009-04-08 21:08:56 ----A---- C:\Windows\system32\ieakeng.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\occache.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\licmgr10.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\inseng.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\imgutil.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\iepeers.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\ieaksie.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\dxtrans.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\dxtmsft.dll
2009-04-08 21:08:54 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-04-08 21:08:54 ----A---- C:\Windows\system32\wextract.exe
2009-04-08 21:08:54 ----A---- C:\Windows\system32\webcheck.dll
2009-04-08 21:08:54 ----A---- C:\Windows\system32\msrating.dll
2009-04-08 21:08:54 ----A---- C:\Windows\system32\msfeedssync.exe
2009-04-08 21:08:54 ----A---- C:\Windows\system32\iesetup.dll
2009-04-08 21:08:54 ----A---- C:\Windows\system32\ieakui.dll
2009-04-08 21:08:53 ----A---- C:\Windows\system32\pngfilt.dll
2009-04-08 21:08:53 ----A---- C:\Windows\system32\mstime.dll
2009-04-08 21:08:53 ----A---- C:\Windows\system32\msfeeds.dll
2009-04-08 21:08:53 ----A---- C:\Windows\system32\advpack.dll
2009-04-08 21:08:52 ----A---- C:\Windows\system32\vbscript.dll
2009-04-08 21:08:52 ----A---- C:\Windows\system32\ieapfltr.dll
2009-04-08 21:08:51 ----A---- C:\Windows\system32\url.dll
2009-04-08 21:08:51 ----A---- C:\Windows\system32\jscript.dll
2009-04-08 21:08:51 ----A---- C:\Windows\system32\iedkcs32.dll
2009-04-08 21:08:47 ----A---- C:\Windows\system32\mshta.exe
2009-04-08 21:08:47 ----A---- C:\Windows\system32\iexpress.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\SetDepNx.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\PDMSetup.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\ieUnatt.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\iesysprep.dll
2009-04-08 21:08:45 ----A---- C:\Windows\system32\wininet.dll
2009-04-08 21:08:45 ----A---- C:\Windows\system32\iertutil.dll
2009-04-08 21:08:45 ----A---- C:\Windows\system32\ie4uinit.exe
2009-04-08 21:08:44 ----A---- C:\Windows\system32\urlmon.dll
2009-04-08 21:08:43 ----A---- C:\Windows\system32\ieframe.dll
2009-04-08 21:08:42 ----A---- C:\Windows\system32\mshtml.dll
2009-04-08 15:00:56 ----D---- C:\ProgramData\Grisoft
2009-04-08 15:00:55 ----D---- C:\Program Files\Grisoft
2009-04-07 20:31:41 ----A---- C:\Windows\system32\GEARAspi.dll
2009-04-07 20:31:18 ----D---- C:\Program Files\iPod
2009-04-07 20:31:12 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

======List of files/folders modified in the last 1 months======

2009-05-01 11:35:05 ----D---- C:\Windows\Temp
2009-05-01 11:15:37 ----D---- C:\Windows\Tasks
2009-05-01 11:15:30 ----D---- C:\ProgramData\Google Updater
2009-04-30 19:05:36 ----SHD---- C:\Windows\Installer
2009-04-30 19:05:36 ----D---- C:\ProgramData\Microsoft Help
2009-04-30 19:02:48 ----SHD---- C:\System Volume Information
2009-04-29 21:41:07 ----D---- C:\Program Files
2009-04-29 17:48:23 ----D---- C:\Users\MON NOM\AppData\Roaming\Adobe
2009-04-29 17:48:23 ----D---- C:\ProgramData\Adobe
2009-04-29 14:13:12 ----D---- C:\Users\MON NOM\AppData\Roaming\Azureus
2009-04-29 13:27:25 ----D---- C:\Windows
2009-04-28 16:42:52 ----D---- C:\Windows\system32\drivers
2009-04-28 16:05:04 ----D---- C:\Program Files\JkDefrag
2009-04-28 15:16:55 ----D---- C:\Windows\winsxs
2009-04-28 15:15:10 ----D---- C:\Windows\System32
2009-04-28 13:21:50 ----D---- C:\QUARANTINE
2009-04-28 13:13:38 ----D---- C:\Program Files\Google
2009-04-28 13:13:33 ----D---- C:\ProgramData\Google
2009-04-28 11:28:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-04-28 11:28:31 ----D---- C:\Windows\inf
2009-04-28 11:07:53 ----D---- C:\Windows\Debug
2009-04-25 20:19:59 ----D---- C:\Program Files\Vuze
2009-04-25 19:36:39 ----D---- C:\Users\MON NOM\AppData\Roaming\Shareaza
2009-04-25 16:40:43 ----D---- C:\Windows\Prefetch
2009-04-24 18:25:10 ----D---- C:\Windows\system32\catroot
2009-04-24 18:21:51 ----D---- C:\Program Files\Windows Mail
2009-04-24 18:21:49 ----D---- C:\Windows\system32\wbem
2009-04-24 18:21:45 ----D---- C:\Windows\system32\manifeststore
2009-04-24 18:21:44 ----D---- C:\Windows\AppPatch
2009-04-24 16:50:19 ----D---- C:\Windows\system32\catroot2
2009-04-13 18:12:43 ----D---- C:\Program Files\Mozilla Firefox
2009-04-13 18:12:16 ----D---- C:\Program Files\Conduit
2009-04-13 15:41:42 ----D---- C:\Program Files\Messenger Plus! Live
2009-04-12 15:04:38 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-12 15:04:38 ----D---- C:\Program Files\Microsoft Games
2009-04-12 13:23:56 ----AD---- C:\ProgramData\TEMP
2009-04-12 13:23:49 ----D---- C:\Program Files\Boilsoft Video Joiner
2009-04-11 21:14:32 ----D---- C:\Program Files\Common Files
2009-04-11 21:13:50 ----D---- C:\Windows\system32\Tasks
2009-04-11 20:49:11 ----D---- C:\Windows\Minidump
2009-04-11 17:58:13 ----D---- C:\Windows\system
2009-04-11 16:54:48 ----D---- C:\Windows\system32\config
2009-04-11 16:54:38 ----D---- C:\Windows\registration
2009-04-11 16:17:23 ----HD---- C:\ProgramData
2009-04-11 15:44:18 ----D---- C:\Windows\system32\fr-FR
2009-04-11 11:08:13 ----D---- C:\Windows\Microsoft.NET
2009-04-09 12:37:09 ----SD---- C:\Windows\Downloaded Program Files
2009-04-08 21:37:36 ----D---- C:\Windows\rescache
2009-04-08 21:15:22 ----D---- C:\Program Files\Internet Explorer
2009-04-08 21:15:17 ----D---- C:\Windows\system32\migration
2009-04-08 21:15:17 ----D---- C:\Windows\PolicyDefinitions
2009-04-08 21:15:16 ----D---- C:\Windows\system32\en-US
2009-04-08 18:15:58 ----D---- C:\Program Files\Lavasoft
2009-04-08 14:25:04 ----HD---- C:\Windows\system32\GroupPolicy
2009-04-07 20:31:40 ----DC---- C:\Windows\system32\DRVSTORE
2009-04-07 20:31:39 ----D---- C:\Program Files\iTunes
2009-04-07 20:31:18 ----D---- C:\Program Files\Common Files\Apple
2009-04-06 16:57:24 ----A---- C:\Windows\system32\mrt.exe
2009-04-02 18:58:00 ----D---- C:\ProgramData\DriveHQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)

======

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-

Spyware 7.5\guard.sys [2007-05-30 11000]
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\Windows\System32\DRIVERS\AvgAsCln.sys [2007-

05-30 10872]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-18 350720]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys

[2006-11-30 31944]
R2 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-04-29 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-04-25 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-04-25 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-04-25

37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-04-29 8192]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32

\DRIVERS\Apfiltr.sys [2007-06-25 155136]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32

\DRIVERS\bcm4sbxp.sys [2007-04-25 45568]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32

\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009

-03-19 23400]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-04-29 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-04-29 206848]
R3 mfeapfk;McAfee Inc.; C:\Windows\system32\drivers\mfeapfk.sys [2006-11-30 64360]
R3 mfeavfk;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk.sys [2006-11-30 72264]
R3 mfehidk;McAfee Inc.; C:\Windows\system32\drivers\mfehidk.sys [2006-11-30 168776]
R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits;

C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-04 7628608]
R3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys

[2007-10-10 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32

\DRIVERS\OEM02Vfx.sys [2007-08-29 7424]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-

06-27 326656]
R3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys

[2008-01-18 9216]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-04-29 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32

\DRIVERS\wmiacpi.sys [2008-01-18 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S1 mfetdik;McAfee Inc.; C:\Windows\system32\drivers\mfetdik.sys [2006-11-30 52136]
S3 a619wn3u;a619wn3u; C:\Windows\system32\drivers\a619wn3u.sys []
S3 catchme;catchme; \??\C:\Users\MON NOM\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32

\drivers\drmkaud.sys [2008-01-18 5632]
S3 e1express;Pilote de la connexion réseau Intel(R) PRO/1000 PCI Express; C:\Windows\system32

\DRIVERS\e1e6032.sys [2006-11-02 200704]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys

[2007-09-21 35088]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32

\DRIVERS\LMouFilt.Sys [2007-09-21 36240]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32

\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32

\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32

\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32

\drivers\MSTEE.sys [2008-01-18 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-06

36864]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18

35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand,

4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-12-09

464264]
R2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09

234888]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware

7.5\guard.exe [2007-05-30 312880]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12

238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe

[2008-01-18 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe

[2008-01-18 21504]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common

Framework\FrameworkService.exe [2006-11-17 104000]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe [2006-

11-30 144960]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan

Enterprise\VsTskMgr.exe [2006-11-30 54872]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft

Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe

[2008-01-18 21504]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program

Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-06-27 94208]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32

\svchost.exe [2008-01-18 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-04-29 386560]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe [2009-03-22 183280]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0

\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems

Shared\Service\Adobelmsvc.exe [2008-05-22 68096]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY

Shared\Service\Boonty.exe [2007-12-19 69120]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-18

523776]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11

\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft

Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source

Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0

\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14

73728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe

[2008-01-18 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe

[2008-01-18 917504]

-----------------EOF-----------------

   
Répondre à TOT127

11

jlpjlp, le 1 mai 2009 à 12:47:10

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.


télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

__________________


Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
http://eric.71.mespages.googlepages.com/ToolBarSD.exe

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option2. Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

   
Répondre à jlpjlp

12

TOT127, le 1 mai 2009 à 13:58:05

PROBLEME urgent: combofix me dit de desactiver mac afee avant de cliquer sur ok, or je pensais l'avor desactivé. Comment faire ?

Modif: j'ai reussit a arreter mac affe, combofix est en marche, il ne m'a rien demandé et a déjà redemarré l'ordi. Maintenant il dit qu'un rapport est en cours de preparation et qu'il faut patienter. C'rst ce que je fais donc...(j'ecris d'un itouch)

A+ et merci
Tot

   
Répondre à TOT127

13

jlpjlp, le 1 mai 2009 à 14:25:03

Maintenant c'est trop tard si combofix tourne

attends puis tu redemarrera le pc

et tu mets le rapport

   
Répondre à jlpjlp

14

TOT127, le 1 mai 2009 à 14:43:37

Toolbar sd travaille depuis un bon bout de temps, de temps en temps un erreur windows apparait: erreur de lecture dechaine de caractere mais ca fait rien.
Toolbar option 2 = supprimer non ?
+

   
Répondre à TOT127

15

jlpjlp, le 1 mai 2009 à 14:46:54

Oui l'option !é est pour supprimer askbar, search setting ...

   
Répondre à jlpjlp

16

TOT127, le 1 mai 2009 à 14:52:09

Ok. J'attend... La c'est marqué: Recherche des infections -- Roaming\downld
Avant il disait qu'il cherchait EDGACESS...^^
l'erreur est: Utilitaire (QGREP) de recherche de chaine de caractère a cessé de fonctioner. Il propose de "fermer le programme".
A++

   
Répondre à TOT127

17

jlpjlp, le 1 mai 2009 à 15:13:19

Ok fais l'un après l'autre et colle les rapports

   
Répondre à jlpjlp

18

TOT127, le 1 mai 2009 à 16:59:38

Ca bug à mon avis...ca fait 2 heure et plus qu'il "avance"..normal ?

   
Répondre à TOT127

19

jlpjlp, le 1 mai 2009 à 18:16:25

Non . Arrête puis redémarre ton ordi et colle le rapport combofix et un nouveau rsit

   
Répondre à jlpjlp

20

TOT127, le 1 mai 2009 à 18:33:43

Voici

ComboFix 09-04-04.01 - MON NOM 2009-05-01 14:01:03.1 - NTFSx86
Microsoft® Windows Vista™ Professionnel 6.0.6001.1.1252.1.1036.18.2045.1310 [GMT 2:00]
Lancé depuis: c:\users\MON NOM\AppData\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated)
.
- Mode FONCTIONNALITES REDUITES -
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
.
---- Exécution préalable -------
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\MON NOM\AppData\Local\jlttwk_navfx.dat
c:\users\MON NOM\AppData\Local\wqqwiiq_nav.dat
c:\users\MON NOM\AppData\Local\wqqwiiq_navfx.dat
c:\users\MON NOM\AppData\Local\xfqrccquz_navtmp.dat
c:\users\MON NOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InternetGameBox

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2009-04-01 au 2009-05-01 ))))))))))))))))))))))))))))))))))))
.

2009-04-29 21:41 . 2009-04-29 21:41 <REP> d-------- c:\program files\Medieval Software
2009-04-28 16:42 . 2009-04-28 16:42 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-04-28 16:42 . 2009-04-06 15:32 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-04-28 16:42 . 2009-04-06 15:32 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-04-28 15:17 . 2009-04-28 15:17 <REP> d-------- c:\program files\Search Settings
2009-04-28 15:16 . 2009-04-28 15:16 <REP> d-------- c:\program files\Dealio Toolbar
2009-04-28 15:15 . 1998-06-16 23:00 516,173 --a------ c:\windows\System32\MSVCP60D.DLL
2009-04-28 15:15 . 1998-06-16 23:00 385,100 --a------ c:\windows\System32\MSVCRTD.DLL
2009-04-28 15:14 . 2009-04-28 15:15 <REP> d-------- c:\program files\Free Audio Pack
2009-04-28 15:14 . 2005-02-24 12:10 2,084,864 --a------ c:\windows\System32\AudDesign.dll
2009-04-28 15:14 . 2005-03-11 17:37 1,986,560 --a------ c:\windows\System32\AudFile.dll
2009-04-28 15:14 . 2005-02-24 12:11 1,212,416 --a------ c:\windows\System32\AudioInfos.dll
2009-04-28 15:14 . 2008-09-24 20:33 484,352 --a------ c:\windows\System32\lame_enc.dll
2009-04-28 15:14 . 2005-02-24 12:11 479,232 --a------ c:\windows\System32\AudioVisu.dll
2009-04-28 15:14 . 2005-02-24 15:21 458,752 --a------ c:\windows\System32\AudPlayer.dll
2009-04-28 15:14 . 2005-03-10 16:00 454,656 --a------ c:\windows\System32\AudioRecord.dll
2009-04-28 15:14 . 2005-02-24 12:10 417,792 --a------ c:\windows\System32\AudDisplay.dll
2009-04-28 15:14 . 2005-02-24 11:51 348,160 --a------ c:\windows\System32\WMAFile.dll
2009-04-28 15:14 . 2005-01-10 12:54 116,296 --a------ c:\windows\System32\NCTWMAProfiles.prx
2009-04-28 14:54 . 2009-04-28 14:54 <REP> d-------- c:\program files\Auslogics
2009-04-28 13:21 . 2007-05-30 14:10 10,872 --a------ c:\windows\System32\drivers\AvgAsCln.sys
2009-04-25 20:20 . 2009-04-25 20:20 <REP> d-------- c:\program files\AskBarDis
2009-04-25 19:13 . 2009-04-25 21:01 <REP> d-------- c:\users\MON NOM\AppData\Roaming\uTorrent
2009-04-25 15:50 . 2009-04-25 15:53 <REP> d-------- c:\users\MON NOM\AppData\Roaming\DMCache
2009-04-24 17:36 . 2009-04-24 17:36 <REP> d--hs---- c:\windows\System32\%APPDATA%
2009-04-24 16:49 . 2009-02-13 10:49 1,255,936 --a------ c:\windows\System32\lsasrv.dll
2009-04-24 16:49 . 2009-02-13 10:49 72,704 --a------ c:\windows\System32\secur32.dll
2009-04-24 16:49 . 2009-03-17 05:38 24,064 --a------ c:\windows\System32\amxread.dll
2009-04-24 16:49 . 2009-03-17 05:38 13,824 --a------ c:\windows\System32\apilogen.dll
2009-04-12 19:36 . 2009-04-12 19:36 39,424 --a------ c:\windows\zipinst.exe
2009-04-12 19:03 . 2009-04-12 19:38 <REP> d-------- c:\program files\MSN Password Recovery
2009-04-12 12:21 . 2009-04-12 12:47 <REP> d-------- C:\divx
2009-04-12 12:19 . 2009-04-12 12:19 <REP> dr------- c:\program files\autres 2
2009-04-11 21:25 . 2009-04-12 16:12 <REP> d-------- c:\users\MON NOM\AppData\Roaming\DivX
2009-04-11 21:14 . 2009-04-11 21:14 <REP> d-------- c:\program files\Common Files\PX Storage Engine
2009-04-11 21:13 . 2009-04-11 21:13 <REP> d-------- c:\program files\Common Files\DivX Shared
2009-04-11 21:12 . 2009-04-11 21:14 <REP> d-------- c:\program files\DivX
2009-04-11 17:58 . 2009-04-11 17:58 <REP> d-------- c:\program files\WinASPI
2009-04-11 17:57 . 2009-04-11 17:57 <REP> d-------- c:\program files\Morgan
2009-04-11 17:57 . 2002-11-08 16:18 51,712 --a------ c:\windows\System32\MMSwitch.ax
2009-04-11 17:55 . 2009-04-11 19:06 <REP> d-------- c:\users\MON NOM\AppData\Roaming\NeoDivX2008
2009-04-11 17:55 . 2009-04-11 17:55 <REP> d-------- c:\program files\NeoDivX2008
2009-04-11 17:54 . 2009-04-11 17:54 <REP> d-------- c:\users\MON NOM\AppData\Roaming\dvdcss
2009-04-11 17:51 . 2009-04-11 17:51 <REP> d-------- c:\users\MON NOM\AppData\Roaming\Tinysoar
2009-04-11 17:51 . 2009-04-28 13:12 <REP> d-------- c:\program files\Tinysoar software
2009-04-11 14:25 . 2009-04-11 14:49 <REP> d-------- C:\FindyKill
2009-04-11 11:51 . 2009-04-11 11:51 <REP> d-------- c:\users\MON NOM\AppData\Roaming\PeerNetworking
2009-04-11 10:56 . 2008-07-27 20:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-04-11 10:56 . 2008-07-27 20:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-04-11 10:56 . 2008-07-27 20:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-04-11 10:55 . 2008-07-27 20:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-04-11 10:55 . 2008-07-27 20:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-04-11 10:35 . 2009-04-11 13:57 <REP> d-------- C:\ToolBar SD
2009-04-10 12:37 . 2009-04-10 12:37 163,664 --ah----- c:\windows\System32\mlfcache.dat
2009-04-10 11:57 . 2009-04-10 11:58 <REP> d-------- C:\rsit
2009-04-10 10:55 . 2009-04-10 10:55 <REP> d-------- c:\users\MON NOM\AppData\Roaming\Malwarebytes
2009-04-10 10:55 . 2009-04-10 10:55 <REP> d-------- c:\users\All Users\Malwarebytes
2009-04-10 10:55 . 2009-04-10 10:55 <REP> d-------- c:\programdata\Malwarebytes
2009-04-08 21:28 . 2009-04-30 13:21 <REP> d-------- c:\windows\BDOSCAN8
2009-04-08 15:00 . 2009-04-08 15:00 <REP> d-------- c:\users\All Users\Grisoft
2009-04-08 15:00 . 2009-04-08 15:00 <REP> d-------- c:\programdata\Grisoft
2009-04-07 20:31 . 2009-04-07 20:31 <REP> d-------- c:\users\All Users\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-07 20:31 . 2009-04-07 20:31 <REP> d-------- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-07 20:31 . 2009-04-07 20:31 <REP> d-------- c:\program files\iPod
2009-04-07 20:31 . 2008-04-17 12:12 107,368 --a------ c:\windows\System32\GEARAspi.dll
2009-04-07 20:31 . 2009-03-19 16:32 23,400 --a------ c:\windows\System32\drivers\GEARAspiWDM.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-01 09:15 --------- d-----w c:\programdata\Google Updater
2009-04-30 17:05 --------- d-----w c:\programdata\Microsoft Help
2009-04-29 12:13 --------- d-----w c:\users\MON NOM\AppData\Roaming\Azureus
2009-04-28 14:05 --------- d-----w c:\program files\JkDefrag
2009-04-28 11:13 --------- d-----w c:\program files\Google
2009-04-25 18:19 --------- d-----w c:\program files\Vuze
2009-04-25 17:36 --------- d-----w c:\users\MON NOM\AppData\Roaming\Shareaza
2009-04-24 16:21 --------- d-----w c:\program files\Windows Mail
2009-04-13 16:12 --------- d-----w c:\program files\Conduit
2009-04-13 13:41 --------- d-----w c:\program files\Messenger Plus! Live
2009-04-12 13:04 --------- d--h--w c:\program files\InstallShield Installation Information
2009-04-12 13:04 --------- d-----w c:\program files\Microsoft Games
2009-04-12 11:23 --------- d---a-w c:\programdata\TEMP
2009-04-12 11:23 --------- d-----w c:\program files\Boilsoft Video Joiner
2009-04-08 16:15 --------- d-----w c:\program files\Lavasoft
2009-04-07 18:31 --------- d-----w c:\program files\iTunes
2009-04-07 18:31 --------- d-----w c:\program files\Common Files\Apple
2009-04-02 16:58 --------- d-----w c:\programdata\DriveHQ
2009-04-01 21:21 --------- d-----w c:\users\MON NOM\AppData\Roaming\Any Video Converter
2009-03-31 11:45 --------- d-----w c:\program files\Java
2009-03-30 18:57 --------- d-----w c:\program files\iLyrics
2009-03-30 14:17 --------- d-----w c:\programdata\Lavasoft
2009-03-27 11:32 --------- d-----w c:\users\MON NOM\AppData\Roaming\Canon
2009-03-17 03:38 40,960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-15 17:49 --------- d-----w c:\users\MON NOM\AppData\Roaming\DAEMON Tools Pro
2009-03-15 12:39 --------- d-----w c:\programdata\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-15 12:37 --------- d-----w c:\program files\QuickTime
2009-03-15 12:20 --------- d-----w c:\program files\Safari
2009-03-15 12:15 --------- d-----w c:\program files\Bonjour
2009-03-13 20:36 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-09 03:19 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-03-08 11:34 914,944 ----a-w c:\windows\System32\wininet.dll
2009-03-08 11:34 43,008 ----a-w c:\windows\System32\licmgr10.dll
2009-03-08 11:33 420,352 ----a-w c:\windows\System32\vbscript.dll
2009-03-08 11:33 18,944 ----a-w c:\windows\System32\corpol.dll
2009-03-08 11:33 132,608 ----a-w c:\windows\System32\ieUnatt.exe
2009-03-08 11:33 109,568 ----a-w c:\windows\System32\PDMSetup.exe
2009-03-08 11:33 109,056 ----a-w c:\windows\System32\iesysprep.dll
2009-03-08 11:33 107,520 ----a-w c:\windows\System32\RegisterIEPKEYs.exe
2009-03-08 11:33 107,008 ----a-w c:\windows\System32\SetIEInstalledDate.exe
2009-03-08 11:33 103,936 ----a-w c:\windows\System32\SetDepNx.exe
2009-03-08 11:32 72,704 ----a-w c:\windows\System32\admparse.dll
2009-03-08 11:32 71,680 ----a-w c:\windows\System32\iesetup.dll
2009-03-08 11:32 66,560 ----a-w c:\windows\System32\wextract.exe
2009-03-08 11:32 169,472 ----a-w c:\windows\System32\iexpress.exe
2009-03-08 11:31 48,128 ----a-w c:\windows\System32\mshtmler.dll
2009-03-08 11:31 45,568 ----a-w c:\windows\System32\mshta.exe
2009-03-08 11:31 34,816 ----a-w c:\windows\System32\imgutil.dll
2009-03-08 11:22 156,160 ----a-w c:\windows\System32\msls31.dll
2009-03-06 21:45 --------- d-----w c:\programdata\Azureus
2009-03-05 22:59 36,864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-05 22:59 1,900,544 ----a-w c:\windows\System32\usbaaplrc.dll
2009-03-03 04:46 3,599,328 ----a-w c:\windows\System32\ntkrnlpa.exe
2009-03-03 04:46 3,547,632 ----a-w c:\windows\System32\ntoskrnl.exe
2009-03-03 04:39 551,424 ----a-w c:\windows\System32\rpcss.dll
2009-03-03 04:39 26,112 ----a-w c:\windows\System32\printfilterpipelineprxy.dll
2009-03-03 04:39 183,296 ----a-w c:\windows\System32\sdohlp.dll
2009-03-03 04:37 98,304 ----a-w c:\windows\System32\iasrecst.dll
2009-03-03 04:37 54,784 ----a-w c:\windows\System32\iasads.dll
2009-03-03 04:37 44,032 ----a-w c:\windows\System32\iasdatastore.dll
2009-03-03 03:04 666,624 ----a-w c:\windows\System32\printfilterpipelinesvc.exe
2009-03-03 02:38 17,408 ----a-w c:\windows\System32\iashost.exe
2009-02-24 19:35 129,784 ------w c:\windows\System32\PxAFS.DLL
2009-02-24 19:34 90,112 ----a-w c:\windows\System32\dpl100.dll
2009-02-24 19:34 823,296 ----a-w c:\windows\System32\divx_xx0c.dll
2009-02-24 19:34 823,296 ----a-w c:\windows\System32\divx_xx07.dll
2009-02-24 19:34 815,104 ----a-w c:\windows\System32\divx_xx0a.dll
2009-02-24 19:34 802,816 ----a-w c:\windows\System32\divx_xx11.dll
2009-02-24 19:34 684,032 ----a-w c:\windows\System32\DivX.dll
2009-02-09 03:10 2,033,152 ----a-w c:\windows\System32\win32k.sys
2009-02-06 17:52 49,504 ----a-w c:\windows\System32\sirenacm.dll
2009-01-03 14:40 20 ---h--w c:\users\All Users\PKP_DLdu.DAT
2009-01-03 14:40 20 ---h--w c:\programdata\PKP_DLdu.DAT
2008-10-01 12:45 27,525 ----a-w c:\users\MON NOM\AppData\Roaming\nvModes.dat
2008-04-19 17:12 94,480 ----a-w c:\users\MON NOM\AppData\Roaming\GDIPFONTCACHEV1.DAT
2008-03-31 11:24 174 --sha-w c:\program files\desktop.ini
2007-12-08 15:07 0 ----a-w c:\users\MON NOM\AppData\Roaming\wklnhst.dat
1998-04-26 22:00 570,128 ----a-w c:\program files\Common Files\DAO350.dll
2009-02-24 19:34 1,044,480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 200,704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
2007-12-04 12:38 76 --sh--r c:\windows\CT4CET.bin
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
2009-04-09 20:09 688128 --a------ c:\program files\Dealio Toolbar\DealioToolbarIE.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-12-09 18:40 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]
"{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}"= "c:\program files\Dealio Toolbar\DealioToolbarIE.dll" [2009-04-09 688128]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-27 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-05-25 17920]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-29 36864]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-04-16 184320]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-10-09 16384]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2006-11-30 112216]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 136768]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-06-27 405504]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-10-04 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-10-04 86016]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2006-10-26 132704]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-06 177472]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-07-02 159744]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2009-04-09 970240]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 c:\windows\KHALMNPR.Exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-05-22 113664]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-12-04 50688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\[u]0/uOODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{3B29179F-2141-47A1-89D4-D82378B708CD}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{9E1B0076-357F-45F1-A7A2-A58FF3C667FA}"= c:\program files\Dell\MediaDirect\PowerCinema.exe:CyberLink PowerCinema
"{74C36F08-ECB8-4B57-A6E7-7DE5A7EBC756}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{2E1A9770-1D63-48DB-9C84-E1C44E85B606}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{6578AEA8-E3B3-46EF-9D3F-C321EE4BFB63}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{760E3565-A68D-4ECE-9609-B1BF0D795E32}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{724404D7-04BD-4F13-8C69-0A38F25A2160}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D3AA21CC-F74B-4DF0-8581-0F9A79773AD6}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0B94E5E6-F55F-47BA-B044-FB9A114FF7B0}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{E62544FB-CCBF-47DD-935D-CB56790D8364}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{2984C1EC-7B27-45F8-9DDE-EED46A153DA8}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"{7162F154-C2B9-4473-AE68-8EAB9D8A1B86}"= UDP:c:\program files\McAfee\Common Framework\FrameworkService.exe:McAfee Framework Service
"{F5DC9DB9-A42C-4D55-9A81-92BD937B0957}"= TCP:c:\program files\McAfee\Common Framework\FrameworkService.exe:McAfee Framework Service
"{68601719-4640-4060-AB30-A53199C9F5E5}"= Disabled:UDP:21841:BitComet 21841 TCP
"{CE3DB28A-E3FD-460E-9E5D-DFCDD58FCB26}"= Disabled:TCP:21841:BitComet 21841 UDP
"TCP Query User{AC642780-D990-449F-BC17-00BE3B6ED0E0}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{0637D22C-DD51-4827-B820-242D50179E83}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{A5F51818-3560-44E9-B0AD-875A41499A3D}c:\\program files\\microsoft games\\microsoft flight simulator x\\fsx.exe"= UDP:c:\program files\microsoft games\microsoft flight simulator x\fsx.exe:Microsoft Flight Simulator®
"UDP Query User{5652B278-C040-4DE6-AE2B-3B750170382B}c:\\program files\\microsoft games\\microsoft flight simulator x\\fsx.exe"= TCP:c:\program files\microsoft games\microsoft flight simulator x\fsx.exe:Microsoft Flight Simulator®
"{7389F2B2-2488-463D-83AC-FF5B298BF0D5}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F57D12BF-311C-4B83-88EA-76F57E3BE5D8}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{9DF9635A-8DD5-4330-AC98-BF469CC86030}c:\\program files\\abc\\abc.exe"= UDP:c:\program files\abc\abc.exe:abc
"UDP Query User{0BA841C1-8F94-4BDA-A6CB-E825D58FF1FF}c:\\program files\\abc\\abc.exe"= TCP:c:\program files\abc\abc.exe:abc
"TCP Query User{A087E715-28E6-464D-906A-E4F2FC7317D3}c:\\program files\\safari\\safari.exe"= UDP:c:\program files\safari\safari.exe:Safari Web Browser
"UDP Query User{2526280D-AC9B-4535-B205-185426604BC3}c:\\program files\\safari\\safari.exe"= TCP:c:\program files\safari\safari.exe:Safari Web Browser
"{44731532-B8B3-49D2-B4D8-9ADB874BA963}"= UDP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{9F9E0A80-D798-40F8-9437-B52D1796DFDD}"= TCP:c:\program files\Google\Google Talk\googletalk.exe:Google Talk
"{77DBF617-BEEA-44D3-8368-FAFE26908560}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{A74246EB-3A3F-44E5-A3F1-25EDDD0E8041}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{6D2DCAD0-8ED1-4640-ABC1-46B2C6037AD6}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{FD006EEB-B65C-4572-A7FC-87F20616E50D}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{64526C92-9F52-47B7-B355-3A513668CD84}c:\\program files\\bitcomet\\bitcomet.exe"= Disabled:UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{602B3ADC-4A92-47C5-9B9C-485D27E77352}c:\\program files\\bitcomet\\bitcomet.exe"= Disabled:TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{3494B2AE-95E7-4CB8-9D27-4118B11145C2}"= Disabled:UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{ADE08269-7668-458A-89F8-3ED309165951}"= Disabled:TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{539CDC78-AB1B-4E2F-B622-C6B5139F1260}"= Disabled:UDP:c:\users\MON NOM\Music\Limeire downloads\LimeWire\LimeWire.exe:LimeWire
"{D7E3EA97-1D6A-4420-B109-EF8A45555453}"= Disabled:TCP:c:\users\MON NOM\Music\Limeire downloads\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{BC636FF7-D487-45C0-92A8-8103456C7E8C}c:\\users\\MON NOM\\music\\limewire2\\limewire\\limewire.exe"= Disabled:UDP:c:\users\MON NOM\music\limewire2\limewire\limewire.exe:limewire.exe
"UDP Query User{0105EB7A-4C14-476B-9D52-B0AE0D612B28}c:\\users\\MON NOM\\music\\limewire2\\limewire\\limewire.exe"= Disabled:TCP:c:\users\MON NOM\music\limewire2\limewire\limewire.exe:limewire.exe
"TCP Query User{7DC7638A-FA43-442C-A064-F7AA80E63786}c:\\users\\MON NOM\\appdata\\desktop\\utorrent.exe"= UDP:c:\users\MON NOM\appdata\desktop\utorrent.exe:utorrent.exe
"UDP Query User{D0798477-B020-4754-BDBF-E3F2F3257C03}c:\\users\\MON NOM\\appdata\\desktop\\utorrent.exe"= TCP:c:\users\MON NOM\appdata\desktop\utorrent.exe:utorrent.exe
"{F65B68B1-5D88-4FA4-9C5C-B5DBB3ED40DD}"= UDP:6881:Port TCP d'écoute Vuze
"{14CE23D2-C53A-453A-ABA0-218C39D2D556}"= UDP:6882:Vuze
"TCP Query User{C695CEA8-75DB-444E-B6B7-C6110B579131}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{2699D69E-1B2D-4622-A5D3-456FCAE8FF50}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{0155F950-1E57-47D9-AA98-2B453FD7F28A}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{1173DFC8-F61F-478F-B6E9-BFB9B5282C5D}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{B95051DA-6E48-491B-93D3-D8317DCD2AAD}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{77506168-0847-4C35-99AB-5450BD6BE2BB}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2009-04-25 464264]
R2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-25 234888]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [2007-10-10 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [2007-12-04 7424]
S3 Boonty Games;Boonty Games;c:\program files\Common Files\BOONTY Shared\Service\Boonty.exe [2007-12-19 69120]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-04-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-05-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 16:00]
.
- - - - ORPHELINS SUPPRIMES - - - -

URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
WebBrowser-{32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
HKCU-Run-SfKg6wIPu - c:\users\MON NOM\AppData\Roaming\Microsoft\Windows\gsdjt.exe
HKCU-Run-PhoneDaemon - c:\users\MON NOM\AppData\Desktop\iPhone_Pc_Suite_by_iSpazio\iPhone PC Suite\PhoneDaemon.exe
HKCU-Run-ecyeiua - c:\users\MON NOM\appdata\local\ecyeiua.exe
HKLM-Run-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe


.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\MON NOM\AppData\Roaming\Mozilla\Firefox\Profiles\xtofb5hr.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-01 14:06:31
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


c:\windows\TEMP\TMP0000000532BDB3A3BC9DD772 524288 bytes

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe
c:\program files\Common Files\microsoft shared\VS7Debug\mdm.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\windows\System32\conime.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\System32\stacsv.exe
c:\windows\System32\drivers\XAudio.exe
c:\windows\System32\WUDFHost.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\program files\Dell\QuickSet\quickset.exe
c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
c:\users\MON NOM\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
c:\windows\System32\rundll32.exe
c:\program files\McAfee\Common Framework\Mctray.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\hidfind.exe
c:\program files\DellTPad\ApntEx.exe
c:\users\MON NOM\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Heure de fin: 2009-05-01 14:15:26 - La machine a redémarré [MON NOM]
ComboFix-quarantined-files.txt 2009-05-01 12:15:17

Avant-CF: 37,758,054,400 octets libres
Après-CF: 48,388,087,808 octets libres

385 --- E O F --- 2009-05-01 10:42:23

   
Répondre à TOT127

21

TOT127, le 1 mai 2009 à 18:36:03

Le rapport rsit

Logfile of random's system information tool 1.06 (written by random/random)
Run by MON NOM at 2009-05-01 18:34:07
Microsoft® Windows Vista™ Professionnel Service Pack 1
System drive C: has 41 GB (29%) free of 140 GB
Total RAM: 2045 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:34:35, on 01/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\mobsync.exe
C:\Users\MON NOM\AppData\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\MON NOM.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: CD-MENU.LNK = F:\AutoMenu.exe
O4 - Startup: Nikon Monitor.lnk = ?
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\MON NOM\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 10777 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-04-09 688128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-22 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-04-09 688128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2007-05-25 17920]
"OEM02Mon.exe"=C:\Windows\OEM02Mon.exe [2007-08-29 36864]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2007-04-16 184320]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-10-09 16384]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2006-11-30 112216]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2006-11-17 136768]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-06-27 405504]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-10-04 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-10-04 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-10-04 81920]
"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2007-10-04 86016]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-09-21 55824]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2006-10-26 132704]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-03-06 177472]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-07-02 159744]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-04-27 68856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe

C:\Users\MON NOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CD-MENU.LNK - F:\AutoMenu.exe
Nikon Monitor.lnk - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
Outil de notification Live Search.lnk - C:\Users\MON NOM\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-05-01 14:15:30 ----D---- C:\Windows\temp
2009-05-01 14:15:27 ----A---- C:\ComboFix.txt
2009-04-29 21:41:07 ----D---- C:\Program Files\Medieval Software
2009-04-28 16:42:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-28 15:16:24 ----D---- C:\Program Files\Dealio Toolbar
2009-04-28 15:15:10 ----A---- C:\Windows\system32\MSVCRTD.DLL
2009-04-28 15:15:10 ----A---- C:\Windows\system32\MSVCP60D.DLL
2009-04-28 15:14:56 ----A---- C:\Windows\system32\WMAFile.dll
2009-04-28 15:14:56 ----A---- C:\Windows\system32\AudioVisu.dll
2009-04-28 15:14:55 ----A---- C:\Windows\system32\AudioRecord.dll
2009-04-28 15:14:54 ----A---- C:\Windows\system32\AudPlayer.dll
2009-04-28 15:14:54 ----A---- C:\Windows\system32\AudioInfos.dll
2009-04-28 15:14:52 ----A---- C:\Windows\system32\AudFile.dll
2009-04-28 15:14:52 ----A---- C:\Windows\system32\AudDisplay.dll
2009-04-28 15:14:49 ----A---- C:\Windows\system32\AudDesign.dll
2009-04-28 15:14:45 ----D---- C:\Program Files\Free Audio Pack
2009-04-28 15:14:45 ----A---- C:\Windows\system32\lame_enc.dll
2009-04-28 14:54:01 ----D---- C:\Program Files\Auslogics
2009-04-25 19:13:33 ----D---- C:\Users\MON NOM\AppData\Roaming\uTorrent
2009-04-25 15:50:19 ----D---- C:\Users\MON NOM\AppData\Roaming\DMCache
2009-04-24 17:36:53 ----SHD---- C:\Windows\system32\%APPDATA%
2009-04-24 16:50:52 ----A---- C:\Windows\system32\xolehlp.dll
2009-04-24 16:50:52 ----A---- C:\Windows\system32\msdtcprx.dll
2009-04-24 16:50:49 ----A---- C:\Windows\system32\winhttp.dll
2009-04-24 16:50:39 ----A---- C:\Windows\system32\rpcss.dll
2009-04-24 16:50:39 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-04-24 16:50:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-04-24 16:50:35 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-24 16:50:34 ----A---- C:\Windows\system32\sdohlp.dll
2009-04-24 16:50:34 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-24 16:50:34 ----A---- C:\Windows\system32\iasrecst.dll
2009-04-24 16:50:34 ----A---- C:\Windows\system32\iasdatastore.dll
2009-04-24 16:50:32 ----A---- C:\Windows\system32\iashost.exe
2009-04-24 16:50:32 ----A---- C:\Windows\system32\iasads.dll
2009-04-24 16:49:08 ----A---- C:\Windows\system32\lsasrv.dll
2009-04-24 16:49:08 ----A---- C:\Windows\system32\kernel32.dll
2009-04-24 16:49:05 ----A---- C:\Windows\system32\secur32.dll
2009-04-24 16:49:05 ----A---- C:\Windows\system32\apilogen.dll
2009-04-24 16:49:05 ----A---- C:\Windows\system32\amxread.dll
2009-04-12 19:36:05 ----A---- C:\Windows\zipinst.exe
2009-04-12 19:03:49 ----D---- C:\Program Files\MSN Password Recovery
2009-04-12 12:21:16 ----D---- C:\divx
2009-04-12 12:19:55 ----RD---- C:\Program Files\autres 2
2009-04-11 21:25:43 ----D---- C:\Users\MON NOM\AppData\Roaming\DivX
2009-04-11 21:14:32 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-04-11 21:13:11 ----D---- C:\Program Files\Common Files\DivX Shared
2009-04-11 21:12:59 ----D---- C:\Program Files\DivX
2009-04-11 17:58:13 ----D---- C:\Program Files\WinASPI
2009-04-11 17:57:40 ----D---- C:\Program Files\Morgan
2009-04-11 17:55:20 ----D---- C:\Users\MON NOM\AppData\Roaming\NeoDivX2008
2009-04-11 17:55:20 ----D---- C:\Program Files\NeoDivX2008
2009-04-11 17:54:19 ----D---- C:\Users\MON NOM\AppData\Roaming\dvdcss
2009-04-11 17:51:10 ----D---- C:\Users\MON NOM\AppData\Roaming\Tinysoar
2009-04-11 17:51:04 ----D---- C:\Program Files\Tinysoar software
2009-04-11 15:44:21 ----A---- C:\Windows\zip.exe
2009-04-11 15:44:21 ----A---- C:\Windows\VFIND.exe
2009-04-11 15:44:21 ----A---- C:\Windows\SWXCACLS.exe
2009-04-11 15:44:21 ----A---- C:\Windows\SWSC.exe
2009-04-11 15:44:21 ----A---- C:\Windows\SWREG.exe
2009-04-11 15:44:21 ----A---- C:\Windows\sed.exe
2009-04-11 15:44:21 ----A---- C:\Windows\NIRCMD.exe
2009-04-11 15:44:21 ----A---- C:\Windows\grep.exe
2009-04-11 15:44:21 ----A---- C:\Windows\fdsv.exe
2009-04-11 15:37:29 ----D---- C:\Windows\ERDNT
2009-04-11 15:29:44 ----D---- C:\Qoobox
2009-04-11 14:25:56 ----D---- C:\FindyKill
2009-04-11 11:51:47 ----D---- C:\Users\MON NOM\AppData\Roaming\PeerNetworking
2009-04-11 10:56:56 ----A---- C:\Windows\system32\dfshim.dll
2009-04-11 10:56:39 ----A---- C:\Windows\system32\mscoree.dll
2009-04-11 10:56:32 ----A---- C:\Windows\system32\netfxperf.dll
2009-04-11 10:55:25 ----A---- C:\Windows\system32\mscorier.dll
2009-04-11 10:55:03 ----A---- C:\Windows\system32\mscories.dll
2009-04-11 10:35:57 ----A---- C:\TB.txt
2009-04-11 10:35:26 ----D---- C:\ToolBar SD
2009-04-10 17:39:42 ----A---- C:\UsbFix.txt
2009-04-10 11:57:49 ----D---- C:\rsit
2009-04-10 10:55:18 ----D---- C:\Users\MON NOM\AppData\Roaming\Malwarebytes
2009-04-10 10:55:12 ----D---- C:\ProgramData\Malwarebytes
2009-04-08 21:28:02 ----D---- C:\Windows\BDOSCAN8
2009-04-08 21:08:58 ----A---- C:\Windows\system32\mshtmler.dll
2009-04-08 21:08:58 ----A---- C:\Windows\system32\mshtmled.dll
2009-04-08 21:08:58 ----A---- C:\Windows\system32\ieui.dll
2009-04-08 21:08:58 ----A---- C:\Windows\system32\icardie.dll
2009-04-08 21:08:58 ----A---- C:\Windows\system32\admparse.dll
2009-04-08 21:08:57 ----A---- C:\Windows\system32\msls31.dll
2009-04-08 21:08:57 ----A---- C:\Windows\system32\jsproxy.dll
2009-04-08 21:08:57 ----A---- C:\Windows\system32\corpol.dll
2009-04-08 21:08:56 ----A---- C:\Windows\system32\iernonce.dll
2009-04-08 21:08:56 ----A---- C:\Windows\system32\ieakeng.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\occache.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\licmgr10.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\inseng.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\imgutil.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\iepeers.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\ieaksie.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\dxtrans.dll
2009-04-08 21:08:55 ----A---- C:\Windows\system32\dxtmsft.dll
2009-04-08 21:08:54 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-04-08 21:08:54 ----A---- C:\Windows\system32\wextract.exe
2009-04-08 21:08:54 ----A---- C:\Windows\system32\webcheck.dll
2009-04-08 21:08:54 ----A---- C:\Windows\system32\msrating.dll
2009-04-08 21:08:54 ----A---- C:\Windows\system32\msfeedssync.exe
2009-04-08 21:08:54 ----A---- C:\Windows\system32\iesetup.dll
2009-04-08 21:08:54 ----A---- C:\Windows\system32\ieakui.dll
2009-04-08 21:08:53 ----A---- C:\Windows\system32\pngfilt.dll
2009-04-08 21:08:53 ----A---- C:\Windows\system32\mstime.dll
2009-04-08 21:08:53 ----A---- C:\Windows\system32\msfeeds.dll
2009-04-08 21:08:53 ----A---- C:\Windows\system32\advpack.dll
2009-04-08 21:08:52 ----A---- C:\Windows\system32\vbscript.dll
2009-04-08 21:08:52 ----A---- C:\Windows\system32\ieapfltr.dll
2009-04-08 21:08:51 ----A---- C:\Windows\system32\url.dll
2009-04-08 21:08:51 ----A---- C:\Windows\system32\jscript.dll
2009-04-08 21:08:51 ----A---- C:\Windows\system32\iedkcs32.dll
2009-04-08 21:08:47 ----A---- C:\Windows\system32\mshta.exe
2009-04-08 21:08:47 ----A---- C:\Windows\system32\iexpress.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\SetDepNx.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\PDMSetup.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\ieUnatt.exe
2009-04-08 21:08:46 ----A---- C:\Windows\system32\iesysprep.dll
2009-04-08 21:08:45 ----A---- C:\Windows\system32\wininet.dll
2009-04-08 21:08:45 ----A---- C:\Windows\system32\iertutil.dll
2009-04-08 21:08:45 ----A---- C:\Windows\system32\ie4uinit.exe
2009-04-08 21:08:44 ----A---- C:\Windows\system32\urlmon.dll
2009-04-08 21:08:43 ----A---- C:\Windows\system32\ieframe.dll
2009-04-08 21:08:42 ----A---- C:\Windows\system32\mshtml.dll
2009-04-08 15:00:56 ----D---- C:\ProgramData\Grisoft
2009-04-08 15:00:55 ----D---- C:\Program Files\Grisoft
2009-04-07 20:31:41 ----A---- C:\Windows\system32\GEARAspi.dll
2009-04-07 20:31:18 ----D---- C:\Program Files\iPod
2009-04-07 20:31:12 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

======List of files/folders modified in the last 1 months======

2009-05-01 18:34:28 ----D---- C:\Windows\Prefetch
2009-05-01 18:30:21 ----HD---- C:\ProgramData
2009-05-01 18:28:54 ----D---- C:\Windows\Tasks
2009-05-01 18:26:16 ----D---- C:\Windows
2009-05-01 14:25:06 ----D---- C:\Program Files
2009-05-01 14:15:34 ----D---- C:\Windows\system32\fr-FR
2009-05-01 14:15:34 ----D---- C:\Windows\System32
2009-05-01 14:15:33 ----D---- C:\Windows\system32\drivers
2009-05-01 14:05:02 ----A---- C:\Windows\system.ini
2009-05-01 13:04:05 ----SHD---- C:\System Volume Information
2009-05-01 11:15:31 ----D---- C:\ProgramData\Google Updater
2009-04-30 19:05:36 ----SHD---- C:\Windows\Installer
2009-04-30 19:05:36 ----D---- C:\ProgramData\Microsoft Help
2009-04-29 17:48:23 ----D---- C:\Users\MON NOM\AppData\Roaming\Adobe
2009-04-29 17:48:23 ----D---- C:\ProgramData\Adobe
2009-04-29 14:13:12 ----D---- C:\Users\MON NOM\AppData\Roaming\Azureus
2009-04-28 16:05:04 ----D---- C:\Program Files\JkDefrag
2009-04-28 15:16:55 ----D---- C:\Windows\winsxs
2009-04-28 13:21:50 ----D---- C:\QUARANTINE
2009-04-28 13:13:38 ----D---- C:\Program Files\Google
2009-04-28 13:13:33 ----D---- C:\ProgramData\Google
2009-04-28 11:28:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-04-28 11:28:31 ----D---- C:\Windows\inf
2009-04-28 11:07:53 ----D---- C:\Windows\Debug
2009-04-25 20:19:59 ----D---- C:\Program Files\Vuze
2009-04-25 19:36:39 ----D---- C:\Users\MON NOM\AppData\Roaming\Shareaza
2009-04-24 18:25:10 ----D---- C:\Windows\system32\catroot
2009-04-24 18:21:51 ----D---- C:\Program Files\Windows Mail
2009-04-24 18:21:49 ----D---- C:\Windows\system32\wbem
2009-04-24 18:21:45 ----D---- C:\Windows\system32\manifeststore
2009-04-24 18:21:44 ----D---- C:\Windows\AppPatch
2009-04-24 16:50:19 ----D---- C:\Windows\system32\catroot2
2009-04-13 18:12:43 ----D---- C:\Program Files\Mozilla Firefox
2009-04-13 18:12:16 ----D---- C:\Program Files\Conduit
2009-04-13 15:41:42 ----D---- C:\Program Files\Messenger Plus! Live
2009-04-12 15:04:38 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-12 15:04:38 ----D---- C:\Program Files\Microsoft Games
2009-04-12 13:23:56 ----AD---- C:\ProgramData\TEMP
2009-04-12 13:23:49 ----D---- C:\Program Files\Boilsoft Video Joiner
2009-04-11 21:14:32 ----D---- C:\Program Files\Common Files
2009-04-11 21:13:50 ----D---- C:\Windows\system32\Tasks
2009-04-11 20:49:11 ----D---- C:\Windows\Minidump
2009-04-11 17:58:13 ----D---- C:\Windows\system
2009-04-11 16:54:48 ----D---- C:\Windows\system32\config
2009-04-11 16:54:38 ----D---- C:\Windows\registration
2009-04-11 11:08:13 ----D---- C:\Windows\Microsoft.NET
2009-04-09 12:37:09 ----SD---- C:\Windows\Downloaded Program Files
2009-04-08 21:37:36 ----D---- C:\Windows\rescache
2009-04-08 21:15:22 ----D---- C:\Program Files\Internet Explorer
2009-04-08 21:15:17 ----D---- C:\Windows\system32\migration
2009-04-08 21:15:17 ----D---- C:\Windows\PolicyDefinitions
2009-04-08 21:15:16 ----D---- C:\Windows\system32\en-US
2009-04-08 18:15:58 ----D---- C:\Program Files\Lavasoft
2009-04-08 14:25:04 ----HD---- C:\Windows\system32\GroupPolicy
2009-04-07 20:31:40 ----DC---- C:\Windows\system32\DRVSTORE
2009-04-07 20:31:39 ----D---- C:\Program Files\iTunes
2009-04-07 20:31:18 ----D---- C:\Program Files\Common Files\Apple
2009-04-06 16:57:24 ----A---- C:\Windows\system32\mrt.exe
2009-04-02 18:58:00 ----D---- C:\ProgramData\DriveHQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys [2007-05-30 11000]
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\Windows\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-18 350720]
R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys [2006-11-30 31944]
R2 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-04-29 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-04-25 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-04-25 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-04-25 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-04-29 8192]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-25 155136]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2007-04-25 45568]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-04-29 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-04-29 206848]
R3 mfeapfk;McAfee Inc.; C:\Windows\system32\drivers\mfeapfk.sys [2006-11-30 64360]
R3 mfeavfk;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk.sys [2006-11-30 72264]
R3 mfehidk;McAfee Inc.; C:\Windows\system32\drivers\mfehidk.sys [2006-11-30 168776]
R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-04 7628608]
R3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-10-10 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-08-29 7424]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-06-27 326656]
R3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]
R3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-06 36864]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-04-29 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
R3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S1 mfetdik;McAfee Inc.; C:\Windows\system32\drivers\mfetdik.sys [2006-11-30 52136]
S3 afgf9ov8;afgf9ov8; C:\Windows\system32\drivers\afgf9ov8.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 e1express;Pilote de la connexion réseau Intel(R) PRO/1000 PCI Express; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-09-21 35088]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-09-21 36240]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2006-11-17 104000]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe [2006-11-30 144960]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [2006-11-30 54872]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-06-27 94208]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-04-29 386560]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 183280]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-05-22 68096]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2007-12-19 69120]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-18 523776]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2008-01-18 917504]

-----------------EOF-----------------

   
Répondre à TOT127

22

jlpjlp, le 1 mai 2009 à 19:46:01

Ok . Essaie de refaire toolbar sd option 2 et colle le rapport . Si tu ne peux pas on fera autrement

   
Répondre à jlpjlp
35 réponses 12 Suivant
Posez votre question Répondre
Ils ont besoin de votre aide