Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

Comment supprimer Gen:trojan.heur.tdss

Dernière réponse le 20 nov 2009 à 22:12:45 BMW123D, le 16 nov 2009 à 10:07:56

Signaler ce message aux modérateurs

Bonjour,
Impossible de supprimer ce virus Gen.trojan.heur.tdss.
Merci pour votre aide

Configuration: Windows XP
Firefox 3.5.5

Meilleures réponses pour « Comment supprimer Gen:trojan.heur.tdss » dans :

Supprimer virus Gen: Trojan.Heur.TDSS (Résolu) Voir

Gen: trojan.heur.11 infecte mon pc help pliz Voir

HELP ! Gen:Trojan.Heur.PT.1054ABBBBB (Résolu) Voir

Supprimer le trojan Vundo/Virtumonde Voir

Supprimer le rootkit : W32/TDSS VoirLe rootkit W32/TDSS c'est quoi? Un rootkit est un « kit » pour devenir "root" (administrateur) d'une machine. C'est un code malicieux vraiment complexe qui se greffe sur une machine, et parfois le noyau même du système d'exploitation. Il est ainsi...

Infecté par Gen:Trojan.Heur.GM.0000020522 Voir

Comment se débarrasser de Gen.Trojan!IK Voir

Virus : gen trojan heur 7e49283939 Voir

Télécharger Trojan Remover Voir

Posez votre question Répondre

jlpjlp, le 16 nov 2009 à 12:32:28

Slt,

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau en le renommant avant enregistrement en killfix

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Répondre à jlpjlp

BMW123D, le 16 nov 2009 à 21:23:44

Salut,
j'ai fais comme tu m'as expliqué, mais je ne trouve pas le fichier combofix.txt!
Par contre je sais de nouveau démarer en mode sans échec!
Combofix aurait-il arrangé mon problème?
Faut-il que je recommence?

Merci pour ton aide

Répondre à BMW123D

jlpjlp, le 17 nov 2009 à 11:10:09

Oui combofix à dû arranger les choses . Refais combofix et colle le rapport . Colle ensuite un rapport rsit

Répondre à jlpjlp

BMW123D, le 17 nov 2009 à 21:39:17

Bonjour jlpjlp
Désolé d'avoir tardé, voici le rapport! Encore merci pour ton aide!

ComboFix 09-11-18.04 - Gaétan 17/11/2009 21:18.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.32.1036.18.2046.1286 [GMT 1:00]
Lancé depuis: c:\documents and settings\Gaétan\Bureau\KillFix.exe
AV: G Data TotalCare 2010 *On-access scanning disabled* (Updated) {71310606-6F3B-49F2-9A81-8315AA75FBB3}
FW: Pare-feu personnel G Data *disabled* {6E6F4BA6-C07D-443F-A130-0A57DA59A082}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\windows\patch.exe
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tdlrm.dll
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

Une copie infectée de c:\windows\system32\DRIVERS\atapi.sys a été trouvée et désinfectée
Copie restaurée à partir de - Kitty ate it :p
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-10-17 au 2009-11-17 ))))))))))))))))))))))))))))))))))))
.

2009-11-16 12:41 . 2009-11-16 12:45 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-15 19:17 . 2009-11-15 19:21 -------- d-----w- c:\program files\ZHPDiag
2009-11-15 00:37 . 2009-11-15 00:37 68976 ----a-w- c:\windows\system32\drivers\GRD.sys
2009-11-15 00:25 . 2009-11-15 00:25 53320 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2009-11-15 00:24 . 2009-11-15 00:24 34632 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2009-11-15 00:22 . 2009-11-15 00:22 22528 ----a-w- c:\windows\system32\drivers\GDNdisIc.sys
2009-11-15 00:22 . 2009-11-15 00:22 51784 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys
2009-11-13 21:43 . 2009-11-13 21:43 27720 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2009-11-13 21:40 . 2009-11-15 00:22 -------- d-----w- c:\program files\Fichiers communs\G DATA
2009-11-12 18:36 . 2009-11-12 17:19 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-12 17:18 . 2009-11-12 17:18 815760 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-11-12 17:18 . 2009-11-12 17:18 822904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-11-12 17:18 . 2009-11-12 17:18 1638104 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-11-12 17:18 . 2009-11-12 17:18 788368 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-11-12 17:18 . 2009-11-12 17:18 1179232 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-11-12 17:13 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-11-12 17:12 . 2009-10-03 08:15 2924848 -c--a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
2009-11-11 21:38 . 2009-11-12 17:12 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-10 21:39 . 2009-11-11 10:37 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2009-11-10 21:38 . 2009-11-10 21:38 -------- d--h--w- c:\windows\PIF
2009-11-10 21:34 . 2009-11-11 11:07 -------- d-----w- c:\program files\Windows Desktop Search
2009-11-10 21:34 . 2009-11-10 21:34 -------- d-----w- c:\windows\system32\GroupPolicy
2009-11-10 21:30 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2009-11-10 21:30 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2009-11-10 21:30 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2009-11-10 20:41 . 2009-11-10 20:40 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-10 20:38 . 2009-11-12 17:11 -------- d-----w- c:\program files\Lavasoft
2009-11-10 20:38 . 2009-11-12 17:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-10 19:49 . 2009-11-15 09:36 -------- d-----w- c:\program files\a-squared Free
2009-11-10 17:52 . 2009-11-10 17:52 4 ----a-w- c:\windows\system32\aspdict-en.dat
2009-11-10 17:52 . 2009-11-10 17:52 16 ----a-w- c:\windows\system32\asdict.dat
2009-11-10 17:38 . 2009-11-13 09:43 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2009-11-10 17:00 . 2009-11-10 17:00 0 ----a-w- c:\windows\system32\wsbl.dat
2009-11-10 17:00 . 2009-11-10 17:00 0 ----a-w- c:\windows\system32\ph_summ.dat
2009-11-10 17:00 . 2009-11-10 17:00 0 ----a-w- c:\windows\system32\ph_white.dat
2009-11-10 17:00 . 2009-11-10 17:00 0 ----a-w- c:\windows\system32\ph_black.dat
2009-11-10 17:00 . 2009-11-10 17:00 0 ----a-w- c:\windows\system32\pcwords2.dat
2009-11-10 17:00 . 2009-11-10 17:00 0 ----a-w- c:\windows\system32\pcwords.dat
2009-11-10 16:44 . 2009-11-13 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2009-11-10 16:44 . 2009-11-10 16:44 -------- d-----w- c:\program files\BitDefender
2009-11-10 16:39 . 2009-11-13 22:01 -------- d-----w- c:\program files\Fichiers communs\BitDefender
2009-11-10 15:50 . 2009-11-10 15:50 -------- d-----w- c:\program files\IObit
2009-11-10 14:58 . 2009-11-10 15:03 121858 ----a-w- C:\MGlogs.zip
2009-11-10 14:58 . 2009-11-10 15:03 -------- d-----w- C:\MGtools
2009-11-10 14:46 . 2009-11-10 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-10 14:25 . 2009-11-10 14:25 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-10 14:24 . 2009-11-11 21:43 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-10 13:23 . 2009-08-27 09:31 16384 ----a-w- c:\windows\system32\drivers\DiagnosticScan.SYS
2009-11-10 13:23 . 2009-10-19 10:21 5120 ----a-w- c:\windows\system32\drivers\Start1Driver.SYS
2009-11-10 13:23 . 2009-11-10 13:30 -------- d-----w- c:\program files\AA
2009-11-09 19:19 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-11-09 13:16 . 2009-11-09 13:25 160272 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-11-08 13:55 . 2009-11-08 14:01 -------- d-----w- C:\ToolBar SD
2009-11-08 13:15 . 2009-11-08 13:15 54624 ----a-w- c:\windows\system32\81d70.sys
2009-10-28 13:46 . 2009-10-28 13:46 -------- d-----w- c:\program files\Fichiers communs\Macrovision Shared
2009-10-27 15:02 . 2005-03-11 17:37 1986560 ----a-w- c:\windows\system32\AudFile.dll
2009-10-27 15:02 . 2005-03-10 16:00 454656 ----a-w- c:\windows\system32\AudioRecord.dll
2009-10-27 15:02 . 2005-02-24 15:21 458752 ----a-w- c:\windows\system32\AudPlayer.dll
2009-10-27 15:02 . 2005-02-24 12:11 479232 ----a-w- c:\windows\system32\AudioVisu.dll
2009-10-27 15:02 . 2005-02-24 12:11 1212416 ----a-w- c:\windows\system32\AudioInfos.dll
2009-10-27 15:02 . 2005-02-24 12:10 417792 ----a-w- c:\windows\system32\AudDisplay.dll
2009-10-27 15:02 . 2005-02-24 12:10 2084864 ----a-w- c:\windows\system32\AudDesign.dll
2009-10-27 15:02 . 2005-02-24 11:51 348160 ----a-w- c:\windows\system32\WMAFile.dll
2009-10-27 15:02 . 1998-07-12 23:00 15360 ----a-w- c:\windows\system32\inetfr.DLL
2009-10-27 15:02 . 2009-11-10 13:50 -------- d-----w- c:\program files\Free Audio Pack
2009-10-27 15:02 . 1998-07-12 23:00 21504 ----a-w- c:\windows\system32\TABCTFR.DLL
2009-10-27 15:02 . 1998-07-12 19:00 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL
2009-10-27 08:09 . 2009-10-27 08:09 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-16 21:53 . 2008-10-05 09:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-15 00:32 . 2009-02-13 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\G DATA
2009-11-13 21:47 . 2004-08-05 12:00 95036 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-13 21:47 . 2004-08-05 12:00 536484 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-13 21:40 . 2009-02-13 18:34 -------- d-----w- c:\program files\G DATA
2009-11-11 21:43 . 2009-02-23 18:21 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-11-10 21:35 . 2009-04-13 15:18 -------- d-----w- c:\program files\Windows Live
2009-11-09 21:18 . 2008-11-14 21:49 -------- d-----w- c:\program files\Trend Micro
2009-11-09 21:18 . 2008-09-29 14:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-02 19:42 . 2009-10-02 15:51 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-28 13:30 . 2008-09-29 16:09 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-10-22 20:09 . 2009-10-22 20:08 22188945 ----a-w- c:\windows\Internet Logs\vsmon_on_demand_2009_10_22_16_56_30_full.dmp.zip
2009-10-20 20:48 . 2009-03-15 23:45 -------- d-----w- c:\program files\AskBarDis
2009-10-20 16:16 . 2008-09-30 16:43 4212 ---h--w- c:\windows\system32\zllictbl.dat
2009-10-20 14:54 . 2009-10-07 21:47 18527244 ----a-w- c:\documents and settings\All Users\Application Data\vlc-1.0.2-win32.exe
2009-10-20 14:54 . 2009-10-07 21:47 18527244 ----a-w- c:\documents and settings\All Users\Application Data\vlc-1.0.2-win32.exe
2009-10-11 03:17 . 2008-11-22 15:59 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-08 13:57 . 2008-07-29 18:59 614400 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-08 13:57 . 2004-08-05 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-08 13:57 . 2004-08-05 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2009-09-22 16:57 . 2009-03-20 22:12 -------- d-----w- c:\program files\doubleTwist 2.0
2009-09-22 16:57 . 2009-09-22 16:57 -------- d-----w- c:\documents and settings\All Users\Application Data\doubleTwist Corporation
2009-09-11 14:18 . 2004-08-05 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-06 21:46 . 2009-09-06 21:46 54500 ---ha-w- c:\windows\system32\mlfcache.dat
2009-09-04 21:04 . 2004-08-05 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:56 . 2004-08-05 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-08-28 00:33 . 2008-09-29 14:33 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-26 08:01 . 2004-08-05 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-20 23:02 . 2009-08-20 23:02 6656 ----a-w- c:\windows\system32\drivers\iPodDrv.sys
2009-09-13 21:10 . 2009-11-10 16:52 47104 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2008-12-02 19:44 . 2008-12-02 19:44 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-11-16_15.37.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-27 08:09 . 2009-11-17 19:57 16384 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2009-10-27 08:09 . 2009-11-16 15:28 16384 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2009-10-27 08:09 . 2009-11-16 14:57 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2009-10-27 08:09 . 2009-11-17 19:57 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2009-10-27 08:09 . 2009-11-17 19:57 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-10-27 08:09 . 2009-11-16 15:28 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-06 16:15 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
2008-07-15 11:33 394688 ----a-w- c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2008-07-15 480704]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar1.dll" [2008-11-06 333192]

[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2008-07-15 480704]

[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"Sync2"="c:\program files\4Team Corporation\Sync2\Sync2.exe" [2008-12-08 2807304]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-20 7561216]
"Switcher.exe"="c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2005-01-20 167936]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-12-13 217088]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-11-17 118784]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"GDFirewallTray"="c:\program files\G Data\TotalCare\Firewall\GDFirewallTray.exe" [2009-08-12 1124424]
"G DATA AntiVirus Trayapplication"="c:\program files\G Data\TotalCare\AVKTray\AVKTray.exe" [2009-08-12 922696]
"Mouse Suite 98 Daemon"="ICO.EXE" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\Ga‚tan\Menu D‚marrer\Programmes\D‚marrage\
MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2008-9-30 5183488]

c:\documents and settings\Ga‚tan\Menu D‚marrer\Programmes\D‚marrage\
MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2008-9-30 5183488]

c:\documents and settings\Ga‚tan\Menu D‚marrer\Programmes\D‚marrage\
MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2008-9-30 5183488]

c:\documents and settings\Ga‚tan\Menu D‚marrer\Programmes\D‚marrage\
MailWasherPro.lnk - c:\program files\FireTrust\MailWasher Pro\MailWasher.exe [2008-9-30 5183488]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-09-23 13:24 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=

R0 DiagnosticScan;DiagnosticScan;c:\windows\system32\drivers\DiagnosticScan.SYS [10/11/2009 14:23 16384]
R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [13/11/2009 22:43 27720]
R0 GDNdisIc;GDNdisIc;c:\windows\system32\drivers\GDNdisIc.sys [15/11/2009 1:22 22528]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [12/11/2009 18:13 64288]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [9/11/2009 20:19 28552]
R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [15/11/2009 1:37 68976]
R1 Start1Driver;Start1Driver;c:\windows\system32\drivers\Start1Driver.SYS [10/11/2009 14:23 5120]
R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [20/10/2009 21:48 464264]
R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe [12/08/2009 9:04 1046088]
R2 AVKService;Planificateur G Data;c:\program files\G DATA\TotalCare\AVK\AVKService.exe [12/08/2009 9:04 397896]
R2 AVKWCtl;G Data Gardien;c:\program files\G DATA\TotalCare\AVK\AVKWCtl.exe [30/07/2009 12:33 1244760]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [13/04/2009 16:21 54752]
R2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [15/11/2009 1:22 51784]
R2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [21/08/2009 0:02 6656]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3/11/2006 18:19 13592]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [30/03/2009 15:28 1533808]
R3 GDFwSvc;Pare-feu personnel G Data;c:\program files\G DATA\TotalCare\Firewall\GDFwSvc.exe [3/08/2009 13:49 1538352]
R3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [15/11/2009 1:25 53320]
R3 GDScan;G Data Scanner;c:\program files\Fichiers communs\G DATA\GDScan\GDScan.exe [27/07/2009 3:03 300616]
R3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [15/11/2009 1:24 34632]
R3 MusCDriverV32;MusCDriverV32;c:\windows\system32\drivers\MusCDriverV32.sys [14/10/2008 18:47 23096]
R3 MusCVideo32;MusCVideo32;c:\windows\system32\drivers\MusCVideo32.sys [14/10/2008 18:47 3768]
R3 SPI;Périphérique de contrôle d'E/S programmable Sony;c:\windows\system32\drivers\SonyPI.sys [29/09/2008 15:16 37040]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [4/10/2005 14:59 808448]
S1 zplxnihe;zplxnihe;\??\c:\windows\system32\drivers\zplxnihe.sys --> c:\windows\system32\drivers\zplxnihe.sys [?]
S2 CardBusService;CardBusService;c:\program files\Fichiers communs\AVerMedia\Service\CardBusService.exe [10/11/2008 21:16 188416]
S2 gupdate1c98aee826bbf5e;Google Update Service (gupdate1c98aee826bbf5e);c:\program files\Google\Update\GoogleUpdate.exe [9/02/2009 20:42 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1179232]
S3 AsAudioDevice_351;AsAudioDevice_351;c:\windows\system32\drivers\AsAudioDevice_351.sys [23/03/2009 0:56 16640]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:\windows\system32\drivers\AVerBDA3x.sys [10/11/2008 21:17 1176192]
S3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys [23/03/2009 1:19 23096]
S3 DrmRVideo;DrmRVideo;c:\windows\system32\drivers\DrmRVideo.sys [23/03/2009 1:19 3768]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 22:48 704864]
S3 G Data Tuner Service;G Data Tuner Service;c:\program files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe [20/04/2009 3:44 918600]
S3 getPlusHelper;getPlus(R) Helper;c:\windows\System32\svchost.exe -k getPlusHelper [5/08/2004 13:00 14336]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2/12/2008 20:44 30192]
S3 iTurns;iTurns;c:\windows\system32\drivers\iTurns.sys [28/11/2008 20:26 52304]
S3 Service G Data Backup;Service G Data Backup;c:\program files\G DATA\TotalCare\AVKBackup\AVKBackupService.exe [9/07/2009 10:03 863304]
S3 SoundMovieServer;SoundMovieServer;c:\windows\system32\snmvtsvc.exe [14/10/2008 18:47 200704]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\DRIVERS\TMPassthru.sys --> c:\windows\system32\DRIVERS\TMPassthru.sys [?]
S3 VF0470Vid;Live! Cam Notebook (VF0470);c:\windows\system32\drivers\V0470Vid.sys [29/07/2009 11:38 146720]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - mbr
*Deregistered* - PROCEXP113

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contenu du dossier 'Tâches planifiées'

2009-11-17 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 17:18]

2009-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 19:42]

2009-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-09 19:42]

2009-11-17 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2009-11-17 c:\windows\Tasks\User_Feed_Synchronization-{E140802E-57B8-4019-AA26-D809AB10B89A}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = www.google.be/
uInternet Connection Wizard,ShellNext = hxxp://www.padeg.be/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\Gaétan\Application Data\Mozilla\Firefox\Profiles\r5drayyr.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: g:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-17 21:34
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(832)
c:\windows\system32\VESWinlogon.dll

- - - - - - - > 'explorer.exe'(5568)
c:\windows\system32\wpdshext.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\Audiodev.dll
c:\windows\system32\WMVCore.DLL
c:\windows\system32\WMASF.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
.
Heure de fin: 2009-11-17 21:34
ComboFix-quarantined-files.txt 2009-11-17 20:33

Avant-CF: 31.410.307.072 octets libres
Après-CF: 31.442.092.032 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 0767EB4D1F7536D732384B62757B8308

Répondre à BMW123D

jlpjlp, le 17 nov 2009 à 22:32:04

Désactive le tea timer de spybot (mode puis mode avancé puis outils puis resident)

scan avec malwarebyte , fais un scan minutieux et colle le rapport obtenu et vire ce qui est trouvé:

http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php

______________________

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
http://eric.71.mespages.googlepages.com/ToolBarSD.exe

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 2. Patiente jusqu'à la fin de la suppression.
* Poste le rapport généré. (C:\TB.txt)
________________________

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

Répondre à jlpjlp

BMW123D, le 19 nov 2009 à 20:42:56

Voici les différents rapports.
J'espère que mon pc n'ait plus infecté.
Peut tu me dire si je dois changer d'anti virus?

Merci encore

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3195
Windows 5.1.2600 Service Pack 3

19/11/2009 16:29:30
mbam-log-2009-11-19 (16-29-30).txt

Type de recherche: Examen complet (C:\|G:\|K:\|)
Eléments examinés: 256895
Temps écoulé: 1 hour(s), 24 minute(s), 10 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
-----------------------------------------------------------------------------------------------------

-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2300 @ 1.66GHz )
BIOS : Ver 1.00PARTTBL{
USER : Gaétan ( Administrator )
BOOT : Normal boot
Antivirus : G Data TotalCare 2010 18.0 (Activated)
Firewall : Pare-feu personnel G Data 1.0 (Activated)
C:\ (Local Disk) - NTFS - Total:58 Go (Free:29 Go)
D:\ (USB) - FAT - Total:243 Mo (Free:0 Go)
E:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:137 Go (Free:39 Go)
H:\ (USB) - FAT - Total:468 Mo (Free:0 Go)
I:\ (USB)
K:\ (Local Disk) - NTFS - Total:101 Go (Free:70 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( jeu. 19/11/2009|14:00 )

-----------\\ SUPPRESSION

Supprime! - [Service] ASKService
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\AskBarDis

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ Extensions

(Gaétan) - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} => flashgot
(Gaétan) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(Gaétan) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Gaétan) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
(Gaétan) - {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} => foxlingo
(Gaétan) - {0e10f3d7-07f6-4f12-97b9-9b27e07139a5} => netcrafttoolbar
(Gaétan) - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} => flashgot
(Gaétan) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Gaétan) - {463F6CA5-EE3C-4be1-B7E6-7FEE11953374} => foxytunes
(Gaétan) - {62760FD6-B943-48C9-AB09-F99C6FE96088} => ebaycompanion
(Gaétan) - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} => greasemonkey

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page Redirect Cache"="http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

1 - "C:\ToolBar SD\TB_1.txt" - dim. 08/11/2009|15:01 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - jeu. 19/11/2009|14:03 - Option : [2]

-----------\\ Fin du rapport a 14:03:04,46

----------------------------------------------------------------------------------------------

Logfile of random's system information tool 1.06 (written by random/random)
Run by Gaétan at 2009-11-19 14:10:38
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 30 GB (50%) free of 60 GB
Total RAM: 2046 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:11:20, on 19/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files\G DATA\TotalCare\AVK\AVKService.exe
C:\Program Files\G DATA\TotalCare\AVK\AVKWCtl.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\G DATA\TotalCare\Firewall\GDFwSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe
C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\4Team Corporation\Sync2\Sync2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Gaétan\Bureau\RSIT.exe
C:\Program Files\trend micro\Gaétan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.padeg.be/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\TotalCare\Webfilter\AVKWebIE.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\TotalCare\Webfilter\AVKWebIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Sync2] "C:\Program Files\4Team Corporation\Sync2\Sync2.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: MailWasherPro.lnk = C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: MailWasherPro.lnk = C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe (User 'Default user')
O4 - Startup: MailWasherPro.lnk = C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/...
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: Planificateur G Data (AVKService) - G Data Software AG - C:\Program Files\G DATA\TotalCare\AVK\AVKService.exe
O23 - Service: G Data Gardien (AVKWCtl) - G Data Software AG - C:\Program Files\G DATA\TotalCare\AVK\AVKWCtl.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CardBusService - Unknown owner - C:\Program Files\Fichiers communs\AVerMedia\Service\CardBusService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: G Data Tuner Service - G Data Software AG - C:\Program Files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe
O23 - Service: Pare-feu personnel G Data (GDFwSvc) - G Data Software AG - C:\Program Files\G DATA\TotalCare\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c98aee826bbf5e) (gupdate1c98aee826bbf5e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Service G Data Backup - G Data Software AG - C:\Program Files\G DATA\TotalCare\AVKBackup\AVKBackupService.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: SoundMovieServer - SoundMovieServer - C:\WINDOWS\system32\snmvtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
End of file - 18361 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\SmartDefrag.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{E140802E-57B8-4019-AA26-D809AB10B89A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G Data WebFilter - C:\Program Files\G Data\TotalCare\Webfilter\AVKWebIE.dll [2009-08-12 590920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2009-02-01 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
UrlHelper Class - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll [2008-07-15 394688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{196C3A46-4758-433D-A600-802C804AF39C} - Shareaza MediaBar - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll [2008-07-15 480704]
{EF99BD32-C1FB-11D2-892F-0090271D4F88}
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2009-02-01 806912]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files\G Data\TotalCare\Webfilter\AVKWebIE.dll [2009-08-12 590920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-06-20 7561216]
"Switcher.exe"=C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2005-01-20 167936]
"SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2005-12-13 217088]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2004-02-20 32768]
"Mouse Suite 98 Daemon"=ICO.EXE []
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2004-11-17 118784]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-04-17 196608]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"GDFirewallTray"=C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe [2009-08-12 1124424]
"G DATA AntiVirus Trayapplication"=C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe [2009-08-12 922696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"Sync2"=C:\Program Files\4Team Corporation\Sync2\Sync2.exe [2008-12-08 2807304]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\Gaétan\Menu Démarrer\Programmes\Démarrage
MailWasherPro.lnk - C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\WINDOWS\system32\VESWinlogon.dll [2006-09-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:Disabled:ActiveSync RAPI Manager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2009-11-19 14:10:38 ----D---- C:\rsit
2009-11-19 13:57:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-17 21:35:01 ----A---- C:\ComboFix.txt
2009-11-17 21:16:43 ----A---- C:\Boot.bak
2009-11-17 21:16:34 ----RASHD---- C:\cmdcons
2009-11-17 21:14:25 ----D---- C:\KillFix
2009-11-16 13:41:11 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-15 20:17:45 ----D---- C:\Program Files\ZHPDiag
2009-11-14 13:04:50 ----A---- C:\WINDOWS\wininit.ini
2009-11-13 22:40:50 ----D---- C:\Program Files\Fichiers communs\G DATA
2009-11-12 19:36:17 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-11-11 22:38:39 ----HDC---- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-11 11:30:06 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-11-11 11:25:17 ----A---- C:\Documents and Settings\Gaétan\Application Data\bdfvconp.ini
2009-11-10 22:38:45 ----HD---- C:\WINDOWS\PIF
2009-11-10 22:36:31 ----D---- C:\Documents and Settings\Gaétan\Application Data\Windows Desktop Search
2009-11-10 22:34:07 ----D---- C:\Program Files\Windows Desktop Search
2009-11-10 22:34:06 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-11-10 22:32:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-11-10 22:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-11-10 22:07:03 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-10 21:38:10 ----D---- C:\Program Files\Lavasoft
2009-11-10 21:38:10 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-10 20:49:30 ----D---- C:\Program Files\a-squared Free
2009-11-10 18:00:54 ----A---- C:\WINDOWS\system32\phversion.txt
2009-11-10 17:52:53 ----A---- C:\WINDOWS\bdagent.INI
2009-11-10 17:44:18 ----D---- C:\Program Files\BitDefender
2009-11-10 17:44:18 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2009-11-10 17:39:28 ----D---- C:\Program Files\Fichiers communs\BitDefender
2009-11-10 16:50:25 ----D---- C:\Documents and Settings\Gaétan\Application Data\IObit
2009-11-10 16:50:23 ----D---- C:\Program Files\IObit
2009-11-10 16:07:48 ----A---- C:\WINDOWS\PEV.exe
2009-11-10 16:07:48 ----A---- C:\WINDOWS\NIRCMD.exe
2009-11-10 16:07:48 ----A---- C:\WINDOWS\MBR.exe
2009-11-10 16:07:47 ----A---- C:\WINDOWS\zip.exe
2009-11-10 16:07:47 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-11-10 16:07:47 ----A---- C:\WINDOWS\SWSC.exe
2009-11-10 16:07:47 ----A---- C:\WINDOWS\SWREG.exe
2009-11-10 16:07:47 ----A---- C:\WINDOWS\sed.exe
2009-11-10 16:07:47 ----A---- C:\WINDOWS\grep.exe
2009-11-10 16:06:25 ----D---- C:\WINDOWS\ERDNT
2009-11-10 16:04:23 ----D---- C:\Qoobox
2009-11-10 15:58:34 ----D---- C:\MGtools
2009-11-10 15:46:26 ----D---- C:\Documents and Settings\Gaétan\Application Data\Malwarebytes
2009-11-10 15:46:15 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-10 15:25:00 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-10 15:24:45 ----D---- C:\Program Files\SUPERAntiSpyware
2009-11-10 15:24:45 ----D---- C:\Documents and Settings\Gaétan\Application Data\SUPERAntiSpyware.com
2009-11-10 14:23:15 ----D---- C:\Program Files\AA
2009-11-08 14:56:18 ----A---- C:\TB.txt
2009-11-08 14:55:44 ----D---- C:\ToolBar SD
2009-11-08 14:15:03 ----A---- C:\WINDOWS\system32\0ef71.tmp
2009-11-08 10:16:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2009-11-07 17:13:49 ----A---- C:\WINDOWS\system32\tmp.txt
2009-11-07 17:13:16 ----A---- C:\rapport.txt
2009-10-28 14:46:48 ----D---- C:\Program Files\Fichiers communs\Macrovision Shared
2009-10-27 16:52:32 ----A---- C:\WINDOWS\system32\Log_20091027_165232_1504.txt
2009-10-27 16:32:09 ----A---- C:\WINDOWS\system32\Log_20091027_163209_1218.txt
2009-10-27 16:23:40 ----A---- C:\WINDOWS\system32\Log_20091027_162340_B38.txt
2009-10-27 16:02:34 ----A---- C:\WINDOWS\system32\WMAFile.dll
2009-10-27 16:02:34 ----A---- C:\WINDOWS\system32\inetfr.DLL
2009-10-27 16:02:34 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2009-10-27 16:02:34 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2009-10-27 16:02:34 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2009-10-27 16:02:34 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2009-10-27 16:02:34 ----A---- C:\WINDOWS\system32\AudFile.dll
2009-10-27 16:02:34 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2009-10-27 16:02:34 ----A---- C:\WINDOWS\system32\AudDesign.dll
2009-10-27 16:02:33 ----D---- C:\Program Files\Free Audio Pack
2009-10-27 16:02:33 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2009-10-27 16:02:33 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL

======List of files/folders modified in the last 1 months======

2009-11-19 14:11:20 ----D---- C:\Program Files\Trend Micro
2009-11-19 14:08:45 ----D---- C:\WINDOWS\Temp
2009-11-19 14:08:02 ----D---- C:\Program Files\Mozilla Firefox
2009-11-19 14:01:51 ----RD---- C:\Program Files
2009-11-19 13:57:46 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-19 13:57:42 ----D---- C:\WINDOWS\system32\drivers
2009-11-19 10:14:57 ----D---- C:\Documents and Settings\Gaétan\Application Data\MailWasherPro
2009-11-19 10:14:48 ----SD---- C:\WINDOWS\Tasks
2009-11-19 03:13:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-19 03:12:59 ----D---- C:\WINDOWS\system32
2009-11-19 03:12:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-18 19:59:22 ----D---- C:\WINDOWS
2009-11-17 23:17:11 ----SHD---- C:\System Volume Information
2009-11-17 23:17:11 ----D---- C:\WINDOWS\system32\Restore
2009-11-17 22:58:25 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-17 21:29:45 ----A---- C:\WINDOWS\system.ini
2009-11-17 21:24:45 ----D---- C:\WINDOWS\AppPatch
2009-11-17 21:24:37 ----D---- C:\Program Files\Fichiers communs
2009-11-17 21:16:43 ----RASH---- C:\boot.ini
2009-11-16 23:14:07 ----A---- C:\WINDOWS\WINCMD.INI
2009-11-16 22:53:22 ----D---- C:\WINDOWS\Debug
2009-11-16 16:23:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-15 01:32:18 ----D---- C:\Documents and Settings\All Users\Application Data\G DATA
2009-11-15 01:25:22 ----SHD---- C:\WINDOWS\Installer
2009-11-14 14:06:23 ----D---- C:\WINDOWS\Prefetch
2009-11-13 22:42:32 ----D---- C:\WINDOWS\WinSxS
2009-11-13 22:40:50 ----D---- C:\Program Files\G DATA
2009-11-12 18:13:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-11 22:43:10 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-11-11 12:07:07 ----D---- C:\WINDOWS\Internet Logs
2009-11-11 12:07:06 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-11-11 11:43:28 ----RSD---- C:\WINDOWS\assembly
2009-11-11 11:41:57 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-11 11:31:41 ----D---- C:\WINDOWS\system32\wbem
2009-11-11 11:30:16 ----HD---- C:\WINDOWS\inf
2009-11-10 22:35:13 ----D---- C:\Program Files\Windows Live
2009-11-10 22:35:03 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-11-10 22:34:18 ----D---- C:\WINDOWS\system32\fr-fr
2009-11-10 22:30:25 ----D---- C:\WINDOWS\system32\DirectX
2009-11-10 22:01:29 ----A---- C:\WINDOWS\win.ini
2009-11-10 21:58:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-10 21:31:24 ----D---- C:\Documents and Settings\Gaétan\Application Data\Desktopicon
2009-11-10 16:39:41 ----D---- C:\WINDOWS\BDOSCAN8
2009-11-09 22:18:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-09 20:27:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-08 11:17:08 ----D---- C:\Documents and Settings\Gaétan\Application Data\HouseCall 6.6
2009-11-08 10:16:29 ----D---- C:\Program Files\Internet Explorer
2009-11-08 10:16:27 ----D---- C:\WINDOWS\ie8updates
2009-11-07 15:53:43 ----D---- C:\WINDOWS\network diagnostic
2009-11-07 15:31:51 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-05 09:36:22 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-02 20:42:06 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-10-29 09:45:31 ----A---- C:\WINDOWS\ODBC.INI
2009-10-28 14:30:59 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-10-28 14:26:22 ----RSD---- C:\WINDOWS\Fonts
2009-10-28 14:25:51 ----D---- C:\Program Files\Adobe
2009-10-28 14:25:51 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-27 20:40:44 ----D---- C:\Documents and Settings\Gaétan\Application Data\Vso
2009-10-27 19:33:33 ----D---- C:\Documents and Settings\Gaétan\Application Data\Tunebite
2009-10-22 10:17:28 ----N---- C:\WINDOWS\system32\mshtml.dll
2009-10-21 23:15:54 ----A---- C:\ASLog.txt
2009-10-20 17:11:50 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-20 15:54:27 ----A---- C:\Documents and Settings\All Users\Application Data\vlc-1.0.2-win32.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DMICall;Sony DMI Call service; C:\WINDOWS\system32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 GRD;G Data Rootkit Detector Driver; \??\C:\WINDOWS\system32\drivers\GRD.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 Start1Driver;Start1Driver; C:\WINDOWS\system32\drivers\Start1Driver.sys [2009-10-19 5120]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-09-29 21275]
R2 CDRPDACC;Arrowkey Device Access; \??\g:\Program Files\321Studios\Shared\CDRPDACC.SYS []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2003-11-29 9728]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 GDTdiInterceptor;GDTdiInterceptor; \??\C:\WINDOWS\system32\drivers\GDTdiIcpt.sys []
R2 iPodDrv;iPodDrv; \??\C:\WINDOWS\system32\drivers\iPodDrv.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-22 108767]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 dvd43llh;dvd43llh; C:\WINDOWS\System32\DRIVERS\dvd43llh.sys [2008-12-18 18816]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2003-10-19 25856]
R3 GDMnIcpt;GDMnIcpt; \??\C:\WINDOWS\system32\drivers\MiniIcpt.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [2008-02-22 16168]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HookCentre;HookCentre; \??\C:\WINDOWS\system32\drivers\HookCentre.sys []
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-18 202112]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MusCDriverV32;MusCDriverV32; C:\WINDOWS\system32\drivers\MusCDriverV32.sys [2008-10-08 23096]
R3 MusCVideo32;MusCVideo32; C:\WINDOWS\system32\DRIVERS\MusCVideo32.sys [2008-10-08 3768]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-06-20 3662400]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-09-30 47360]
R3 SNC;Périphérique de contrôle d'ordinateur portable Sony; C:\WINDOWS\system32\DRIVERS\SonyNC.sys [2001-08-17 20752]
R3 SPI;Périphérique de contrôle d'E/S programmable Sony; C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2001-08-17 37040]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-05-26 1177032]
R3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2007-12-11 26784]
R3 ti21sony;ti21sony; C:\WINDOWS\system32\drivers\ti21sony.sys [2007-01-24 808448]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-10-17 241408]
S1 zplxnihe;zplxnihe; \??\C:\WINDOWS\system32\drivers\zplxnihe.sys []
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 AsAudioDevice_351;AsAudioDevice_351; C:\WINDOWS\system32\drivers\AsAudioDevice_351.sys [2009-01-08 16640]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2007-03-05 1176192]
S3 BtAudio;Bluetooth Audio; C:\WINDOWS\system32\DRIVERS\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communications modem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\GATAN~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DrmRAudio;DrmRAudio; C:\WINDOWS\system32\drivers\DrmRAudio.sys [2009-02-11 23096]
S3 DrmRVideo;DrmRVideo; C:\WINDOWS\system32\DRIVERS\DrmRVideo.sys [2009-02-11 3768]
S3 iTurns;iTurns; C:\WINDOWS\system32\drivers\iTurns.sys [2008-11-28 52304]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TMPassthruMP;TMPassthruMP; C:\WINDOWS\system32\DRIVERS\TMPassthru.sys []
S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-02-18 30464]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VF0470Vid;Live! Cam Notebook (VF0470); C:\WINDOWS\system32\DRIVERS\V0470Vid.sys [2007-05-09 146720]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-10-01 1858144]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files\Fichiers communs\G DATA\AVKProxy\AVKProxy.exe [2009-08-12 1046088]
R2 AVKService;Planificateur G Data; C:\Program Files\G DATA\TotalCare\AVK\AVKService.exe [2009-08-12 397896]
R2 AVKWCtl;G Data Gardien; C:\Program Files\G DATA\TotalCare\AVK\AVKWCtl.exe [2009-07-30 1244760]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-11-12 1179232]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-06-20 143428]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2006-09-23 176128]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 GDFwSvc;Pare-feu personnel G Data; C:\Program Files\G DATA\TotalCare\Firewall\GDFwSvc.exe [2009-08-03 1538352]
R3 GDScan;G Data Scanner; C:\Program Files\Fichiers communs\G DATA\GDScan\GDScan.exe [2009-07-27 300616]
S2 CardBusService;CardBusService; C:\Program Files\Fichiers communs\AVerMedia\Service\CardBusService.exe [2007-04-23 188416]
S2 gupdate1c98aee826bbf5e;Google Update Service (gupdate1c98aee826bbf5e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-09 133104]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-28 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 G Data Tuner Service;G Data Tuner Service; C:\Program Files\G DATA\TotalCare\AVKTuner\AVKTunerService.exe [2009-04-20 918600]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-02 30192]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-02-19 504104]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 Service G Data Backup;Service G Data Backup; C:\Program Files\G DATA\TotalCare\AVKBackup\AVKBackupService.exe [2009-07-09 863304]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SoundMovieServer;SoundMovieServer; C:\WINDOWS\system32\snmvtsvc.exe [2008-10-08 200704]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2009-11-19 14:11:25

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EDB7E6-D292-44BD-8CA6-A3E33C9D7750}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1Click DVD Copy 5.1.1.9-->"g:\Program Files\LG Software Innovations\1Click DVD Copy 5\unins000.exe"
1Click DVD Copy Pro 3.0.1.7-->"g:\Program Files\LG Software Innovations\1Click DVD Copy Pro\unins000.exe"
4Team Sync2-->MsiExec.exe /X{405A02AA-8AE7-4BEF-A7A6-E03EFB6E1431}
Ac3Tool (remove only)-->"C:\Program Files\BlackSunSoft.net\Ac3Tool\uninstall-Ac3Tool.EXE"
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Presenter 7-->MsiExec.exe /I{4F93ABBE-5A1D-4D56-94CB-022F109FDE4D}
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
AllMusicConverter 3.5.8-->"C:\Program Files\AllMusicConverter\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Updat

Répondre à BMW123D

jlpjlp, le 20 nov 2009 à 10:12:59

Mettre à jour adobe reader puis supprimer les anciennes version via le panneau de configuration
http://www.adobe.com/fr/products/reader/

ou passer a un lecteur alternatif ce qui évitera les virus circulant via les PDF comme foxit reader (ne pas mettre les barres foxit, ask, ebay..)

http://www.commentcamarche.net/telecharger/telechargement-205-foxit-reader

_________________

Télécharge Tools Cleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger-34055291-toolscleaner

# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

__________________

encore des soucis ? gdata trouve des infections?

Répondre à jlpjlp

BMW123D, le 20 nov 2009 à 22:12:45

Voila le dernier rapport,
Pour ce qui est de gdata, il avait trouvé le même virus que avast avait aussi trouvé!
Avant j'avais zone alarm et avast!
Malgré mon pc s'est chopé ces mer...!

Mille merci, je crois que le problème est résolu.
Maintenant je m'attaque à un autre problème, depuis quelques jours je ne sais plus me connecteravec mon pc portable (xp) sur mon autre pc ( avec Vista)!

Voici le rapport

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Combofix.txt: trouvé !
C:\TB.txt: trouvé !
C:\Qoobox: trouvé !
C:\Toolbar SD: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Gaétan\Bureau\Rsit.exe: trouvé !
C:\MGtools\hijackthis.log: trouvé !
C:\Program Files\ZHPDiag: trouvé !
C:\Program Files\Trend Micro\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\hijackthis.log: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Program Files\ZHPDiag\ZHPdiag.exe: trouvé !
C:\Qoobox\Quarantine\catchme.log: trouvé !
C:\WINDOWS\mbr.exe: trouvé !

Fichiers temporaires nettoyés !
Corbeille vidée!
---------------------------------
--> Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Program Files\ZHPDiag\ZHPdiag.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\TB.txt: supprimé !
C:\Documents and Settings\Gaétan\Bureau\Rsit.exe: supprimé !
C:\MGtools\hijackthis.log: supprimé !
C:\Program Files\Trend Micro\hijackthis.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Qoobox\Quarantine\catchme.log: supprimé !
C:\WINDOWS\mbr.exe: supprimé !
C:\Qoobox: supprimé !
C:\Toolbar SD: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\ZHPDiag: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Répondre à BMW123D

Posez votre question Répondre