dakor

ok, merci encore. je vais donc réinstaller iTunes, mais je ne sais pas comment faire pour CA eTrust car je ne sais pas où le trouver, ni où trouver les informations de licence... ci-joint le rapport [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ] --> Recherche: C:\_OTM: trouvé ! C:\Rsit: trouvé ! C:\Documents and Settings\CKORDA\Bureau\OTM.exe: trouvé ! C:\Documents and Settings\CKORDA\Bureau\Rsit.exe: trouvé ! C:\Documents and Settings\CKORDA\Mes documents\Downloads\hijackthis.log: trouvé ! C:\Program Files\trend micro\HijackThis.exe: trouvé ! C:\Program Files\trend micro\hijackthis.log: trouvé ! --------------------------------- --> Suppression: C:\Documents and Settings\CKORDA\Bureau\OTM.exe: supprimé ! C:\Program Files\trend micro\HijackThis.exe: supprimé ! C:\Documents and Settings\CKORDA\Bureau\Rsit.exe: supprimé ! C:\Documents and Settings\CKORDA\Mes documents\Downloads\hijackthis.log: supprimé ! C:\Program Files\trend micro\hijackthis.log: supprimé ! C:\_OTM: supprimé ! C:\Rsit: supprimé ! Hormis mon antivirus qui ne fonctionne pas, c'est magnifique, tout remarche parfaitement ! Merci encore 1000 fois. Une dernière question, tu me disait plus haut qu'il y avait trop d'applications qui s'ouvraient au démarrage. Que peut-on faire ??

ça marche vraiment mieux maintenant. C'est génial. bravo et merci Par contre, je dois-je réactiver teatimer de spybot ? Par ailleurs, je ne suis pas protégé car je ne parviens pas à réactiver eTrust : qd je clique sur realmonitor, rien ne s'ouvre Enfin, iTunes ne fonctionne plus. Dois-je désinstaller et réinstaller ? Merci

bonjour! voici le rapport : -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Saturday, October 2, 2010 Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Friday, October 01, 2010 14:12:58 Records in database: 4265732 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - My Computer: C:\ D:\ Scan statistics: Objects scanned: 97939 Threats found: 1 Infected objects found: 1 Suspicious objects found: 0 Scan duration: 01:31:56 File name / Threat / Threats count C:\System Volume Information\_restore{07BF20B9-43C8-405C-9379-099E47F89748}\RP333\A0075028.dll Infected: Packed.Win32.Krap.hc 1 Selected area has been scanned.

chapeau ! j'espère que tu as donc raison. Le scan en ligne est en route depuis un moment (20% en 45 mn). Je vais devoir l'arrêter et recommencer en rentrant chez moi?. Je te tiens au courant. Enorme merci en tous cas. C'est vraiment impressionnant.

je continue, en parallèle, à faire de la place... j'en suis à 8,5 G0 de libre 2010/10/01 15:14:49.0437 TDSS rootkit removing tool 2.4.3.0 Sep 27 2010 15:28:54 2010/10/01 15:14:49.0437 ================================================================================ 2010/10/01 15:14:49.0437 SystemInfo: 2010/10/01 15:14:49.0437 2010/10/01 15:14:49.0437 OS Version: 5.1.2600 ServicePack: 3.0 2010/10/01 15:14:49.0437 Product type: Workstation 2010/10/01 15:14:49.0437 ComputerName: R600-CHRISTOPHE 2010/10/01 15:14:49.0437 UserName: CKORDA 2010/10/01 15:14:49.0437 Windows directory: C:\WINDOWS 2010/10/01 15:14:49.0437 System windows directory: C:\WINDOWS 2010/10/01 15:14:49.0437 Processor architecture: Intel x86 2010/10/01 15:14:49.0437 Number of processors: 2 2010/10/01 15:14:49.0437 Page size: 0x1000 2010/10/01 15:14:49.0437 Boot type: Normal boot 2010/10/01 15:14:49.0437 ================================================================================ 2010/10/01 15:14:49.0593 Initialize success 2010/10/01 15:15:00.0984 ================================================================================ 2010/10/01 15:15:00.0984 Scan started 2010/10/01 15:15:00.0984 Mode: Manual; 2010/10/01 15:15:00.0984 ================================================================================ 2010/10/01 15:15:01.0484 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2010/10/01 15:15:01.0515 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys 2010/10/01 15:15:01.0546 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2010/10/01 15:15:01.0578 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2010/10/01 15:15:01.0671 AlfaFF (4490b8bdf38750458eb9b24835fda8fe) C:\WINDOWS\system32\Drivers\AlfaFF.sys 2010/10/01 15:15:01.0734 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 2010/10/01 15:15:01.0843 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2010/10/01 15:15:01.0859 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/10/01 15:15:01.0921 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2010/10/01 15:15:01.0953 ATSWPDRV (4e6833f9591dc6a37e70dc188793f5be) C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys 2010/10/01 15:15:01.0968 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2010/10/01 15:15:02.0015 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2010/10/01 15:15:02.0031 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2010/10/01 15:15:02.0046 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2010/10/01 15:15:02.0093 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2010/10/01 15:15:02.0125 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2010/10/01 15:15:02.0156 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2010/10/01 15:15:02.0218 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2010/10/01 15:15:02.0265 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2010/10/01 15:15:02.0375 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2010/10/01 15:15:02.0421 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 2010/10/01 15:15:02.0468 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 2010/10/01 15:15:02.0500 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2010/10/01 15:15:02.0531 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2010/10/01 15:15:02.0578 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2010/10/01 15:15:02.0609 e1yexpress (340b96044611f8d7ec2514a989d6e5f7) C:\WINDOWS\system32\DRIVERS\e1y5132.sys 2010/10/01 15:15:02.0656 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2010/10/01 15:15:02.0687 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2010/10/01 15:15:02.0718 FilterService (50104c5f1ee1e295781caf9521ca2e56) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys 2010/10/01 15:15:02.0750 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 2010/10/01 15:15:02.0781 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2010/10/01 15:15:02.0796 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 2010/10/01 15:15:02.0843 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2010/10/01 15:15:02.0859 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2010/10/01 15:15:02.0890 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 2010/10/01 15:15:02.0921 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2010/10/01 15:15:02.0968 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2010/10/01 15:15:02.0984 HECI (2df64415a28ce036ac6acec7645a996f) C:\WINDOWS\system32\DRIVERS\HECI.sys 2010/10/01 15:15:03.0015 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2010/10/01 15:15:03.0078 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2010/10/01 15:15:03.0140 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2010/10/01 15:15:03.0296 ialm (faf4620a1fb2af87bafeb497b6112955) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 2010/10/01 15:15:03.0546 iaStor (707c1692214b1c290271067197f075f6) C:\WINDOWS\system32\drivers\iaStor.sys 2010/10/01 15:15:03.0578 IFXTPM (667cfdb801df771f47b7c39373c2d850) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS 2010/10/01 15:15:03.0609 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2010/10/01 15:15:03.0671 INO_FLPY (4eb3cd8cd2210807ada276542eb99b06) C:\WINDOWS\system32\Drivers\ino_flpy.sys 2010/10/01 15:15:03.0703 INO_FLTR (ebfb9e788557aded04aef87247ae56dd) C:\WINDOWS\system32\Drivers\ino_fltr.sys 2010/10/01 15:15:03.0828 IntcAzAudAddService (32915772ccd5bc2bf9762195c002a949) C:\WINDOWS\system32\drivers\RtkHDAud.sys 2010/10/01 15:15:03.0921 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2010/10/01 15:15:03.0937 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 2010/10/01 15:15:03.0968 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2010/10/01 15:15:03.0984 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2010/10/01 15:15:04.0015 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2010/10/01 15:15:04.0046 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2010/10/01 15:15:04.0093 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2010/10/01 15:15:04.0140 isapnp (ffbcfdfa73edec80d0a365f631f5dda0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/10/01 15:15:04.0140 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\isapnp.sys. Real md5: ffbcfdfa73edec80d0a365f631f5dda0, Fake md5: 355836975a67b6554bca60328cd6cb74 2010/10/01 15:15:04.0140 isapnp - detected Rootkit.Win32.TDSS.tdl3 (0) 2010/10/01 15:15:04.0156 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2010/10/01 15:15:04.0187 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2010/10/01 15:15:04.0218 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2010/10/01 15:15:04.0250 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2010/10/01 15:15:04.0328 LVPr2Mon (a6919138f29ae45e90e99fa94737e04c) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys 2010/10/01 15:15:04.0359 LVRS (b895839b8743e400d7c7dae156f74e7e) C:\WINDOWS\system32\DRIVERS\lvrs.sys 2010/10/01 15:15:04.0406 lvselsus (9dd54f584758dbe8db56e218bd60874d) C:\WINDOWS\system32\DRIVERS\lvselsus.sys 2010/10/01 15:15:04.0437 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\WINDOWS\system32\drivers\LVUSBSta.sys 2010/10/01 15:15:04.0562 LVUVC (8bc0d5f6e3898f465a94c6d03afb5a20) C:\WINDOWS\system32\DRIVERS\lvuvc.sys 2010/10/01 15:15:04.0734 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2010/10/01 15:15:04.0781 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 2010/10/01 15:15:04.0812 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2010/10/01 15:15:04.0843 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2010/10/01 15:15:04.0875 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2010/10/01 15:15:04.0921 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2010/10/01 15:15:04.0984 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2010/10/01 15:15:05.0031 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2010/10/01 15:15:05.0078 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010/10/01 15:15:05.0140 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010/10/01 15:15:05.0171 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2010/10/01 15:15:05.0187 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2010/10/01 15:15:05.0218 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2010/10/01 15:15:05.0234 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2010/10/01 15:15:05.0265 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2010/10/01 15:15:05.0312 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2010/10/01 15:15:05.0343 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2010/10/01 15:15:05.0375 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2010/10/01 15:15:05.0390 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2010/10/01 15:15:05.0421 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2010/10/01 15:15:05.0453 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 2010/10/01 15:15:05.0484 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2010/10/01 15:15:05.0515 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2010/10/01 15:15:05.0546 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys 2010/10/01 15:15:05.0671 NETw5x32 (05743fffc2bc88cc8e426321bc6a762e) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys 2010/10/01 15:15:05.0796 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2010/10/01 15:15:05.0828 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2010/10/01 15:15:05.0890 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2010/10/01 15:15:05.0921 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2010/10/01 15:15:05.0937 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2010/10/01 15:15:05.0968 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys 2010/10/01 15:15:06.0000 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2010/10/01 15:15:06.0031 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 2010/10/01 15:15:06.0062 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 2010/10/01 15:15:06.0109 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 2010/10/01 15:15:06.0125 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 2010/10/01 15:15:06.0281 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2010/10/01 15:15:06.0312 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2010/10/01 15:15:06.0359 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2010/10/01 15:15:06.0453 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2010/10/01 15:15:06.0484 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2010/10/01 15:15:06.0515 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2010/10/01 15:15:06.0546 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2010/10/01 15:15:06.0562 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2010/10/01 15:15:06.0593 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2010/10/01 15:15:06.0625 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2010/10/01 15:15:06.0671 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2010/10/01 15:15:06.0703 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 2010/10/01 15:15:06.0765 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 2010/10/01 15:15:06.0796 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2010/10/01 15:15:06.0828 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 2010/10/01 15:15:06.0859 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys 2010/10/01 15:15:06.0890 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys 2010/10/01 15:15:06.0921 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 2010/10/01 15:15:06.0968 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2010/10/01 15:15:07.0000 Sony_EricssonWWSC (5e8a750bc4425345a442c016c6b3bfc9) C:\WINDOWS\system32\DRIVERS\toshscard.sys 2010/10/01 15:15:07.0031 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2010/10/01 15:15:07.0078 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 2010/10/01 15:15:07.0109 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys 2010/10/01 15:15:07.0171 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2010/10/01 15:15:07.0203 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2010/10/01 15:15:07.0218 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2010/10/01 15:15:07.0343 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2010/10/01 15:15:07.0406 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2010/10/01 15:15:07.0453 tdcmdpst (2f8bfbdb5824c71f672779b4b8cf8b01) C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys 2010/10/01 15:15:07.0484 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2010/10/01 15:15:07.0515 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2010/10/01 15:15:07.0546 tdudf (f56a9327c58ff985616c5e197472932c) C:\WINDOWS\system32\DRIVERS\tdudf.sys 2010/10/01 15:15:07.0593 TEchoCan (65855534483d0c1330703100b31cac00) C:\WINDOWS\system32\DRIVERS\TEchoCan.sys 2010/10/01 15:15:07.0625 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2010/10/01 15:15:07.0687 TMEI3E (684bfb1e9abb05d3f48c53f3cd16a3e6) C:\WINDOWS\system32\Drivers\TMEI3E.SYS 2010/10/01 15:15:07.0734 toshbus (2a8dd796d250d1902197b8d66a0c9d23) C:\WINDOWS\system32\DRIVERS\toshbus.sys 2010/10/01 15:15:07.0765 toshcard (f30875249de0cb4763f819d303c737b7) C:\WINDOWS\system32\DRIVERS\toshcard.sys 2010/10/01 15:15:07.0812 toshgps (6a6000426a15314fb859a1ef624af58b) C:\WINDOWS\system32\DRIVERS\toshgps.sys 2010/10/01 15:15:07.0843 toshmdfl (29fa617b4919d689d3a57220f3ac8738) C:\WINDOWS\system32\DRIVERS\toshmdfl.sys 2010/10/01 15:15:07.0875 toshmdfl2 (b45c13838a1a14e1d3d990c424f41114) C:\WINDOWS\system32\DRIVERS\toshmdfl2.sys 2010/10/01 15:15:07.0921 toshmdm (24d3bdbac0ff863acaab6c15400d72e8) C:\WINDOWS\system32\DRIVERS\toshmdm.sys 2010/10/01 15:15:07.0968 toshmdm2 (cdecafefeb5063be89a68a9d863aa72f) C:\WINDOWS\system32\DRIVERS\toshmdm2.sys 2010/10/01 15:15:08.0000 toshnd5 (576140572d75e4371abf2153308ab585) C:\WINDOWS\system32\DRIVERS\toshnd5.sys 2010/10/01 15:15:08.0031 toshunic (9fa0d310c3aeff226196836a2d6d441e) C:\WINDOWS\system32\DRIVERS\toshunic.sys 2010/10/01 15:15:08.0093 tosporte (2c15b4856f929ac7dd144044d8334b54) C:\WINDOWS\system32\DRIVERS\tosporte.sys 2010/10/01 15:15:08.0125 Tosrfbd (a2c4929b3922879eb12914e5b4d484ac) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys 2010/10/01 15:15:08.0156 tosrfbnp (181e217a7a326817d97946d045b3cb46) C:\WINDOWS\system32\Drivers\tosrfbnp.sys 2010/10/01 15:15:08.0187 Tosrfcom (70215935318e3d5455b16037152cbca8) C:\WINDOWS\system32\Drivers\tosrfcom.sys 2010/10/01 15:15:08.0218 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\WINDOWS\system32\DRIVERS\tosrfec.sys 2010/10/01 15:15:08.0234 Tosrfhid (d3f87c46c7c9e5db99fbd3d17121b891) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys 2010/10/01 15:15:08.0265 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys 2010/10/01 15:15:08.0296 Tosrfusb (f6680c77be134c81cc67f91986022701) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys 2010/10/01 15:15:08.0328 tos_sps32 (4399a9bf7d8f49991a07fd86590a1619) C:\WINDOWS\system32\DRIVERS\tos_sps32.sys 2010/10/01 15:15:08.0375 trudf (3f9ba8878aa26d0831116733f9bc53ff) C:\WINDOWS\system32\DRIVERS\trudf.sys 2010/10/01 15:15:08.0406 TVALZ (73d3312955f805054e32fabdca5230b1) C:\WINDOWS\system32\DRIVERS\TVALZ.SYS 2010/10/01 15:15:08.0437 TVALZFL (e03f5ca8d4edb4ce8141a3242e1261f8) C:\WINDOWS\system32\DRIVERS\TVALZFL.sys 2010/10/01 15:15:08.0546 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2010/10/01 15:15:08.0609 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2010/10/01 15:15:08.0671 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys 2010/10/01 15:15:08.0703 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2010/10/01 15:15:08.0734 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2010/10/01 15:15:08.0765 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2010/10/01 15:15:08.0796 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2010/10/01 15:15:08.0828 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2010/10/01 15:15:08.0859 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2010/10/01 15:15:08.0890 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2010/10/01 15:15:08.0921 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 2010/10/01 15:15:08.0953 UVCFTR (237c444fbd1c697a2e3fa60f02c61f22) C:\WINDOWS\system32\Drivers\UVCFTR_S.SYS 2010/10/01 15:15:08.0984 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2010/10/01 15:15:09.0031 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 2010/10/01 15:15:09.0078 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2010/10/01 15:15:09.0109 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 2010/10/01 15:15:09.0171 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2010/10/01 15:15:09.0265 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2010/10/01 15:15:09.0296 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2010/10/01 15:15:09.0328 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2010/10/01 15:15:09.0390 ================================================================================ 2010/10/01 15:15:09.0390 Scan finished 2010/10/01 15:15:09.0390 ================================================================================ 2010/10/01 15:15:09.0390 Detected object count: 1 2010/10/01 15:15:47.0109 isapnp (ffbcfdfa73edec80d0a365f631f5dda0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/10/01 15:15:47.0125 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\isapnp.sys. Real md5: ffbcfdfa73edec80d0a365f631f5dda0, Fake md5: 355836975a67b6554bca60328cd6cb74 2010/10/01 15:15:47.0953 Backup copy found, using it.. 2010/10/01 15:15:47.0968 C:\WINDOWS\system32\DRIVERS\isapnp.sys - will be cured after reboot 2010/10/01 15:15:47.0968 Rootkit.Win32.TDSS.tdl3(isapnp) - User select action: Cure 2010/10/01 15:15:52.0921 Deinitialize success

All processes killed Error: Unable to interpret <GO > in the current context! Error: Unable to interpret < > in the current context! ========== FILES ========== C:\Program Files\Bonjour\Bonjour.Resources\zh_TW.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\zh_CN.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\sv.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\ru.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\pt_PT.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\pt.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\pl.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\nl.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\nb.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\ko.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\ja.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\it.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\fr.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\fi.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\es.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\en_GB.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\en.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\de.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources\da.lproj folder moved successfully. C:\Program Files\Bonjour\Bonjour.Resources folder moved successfully. C:\Program Files\Bonjour folder moved successfully. ========== SERVICES/DRIVERS ========== Service Bonjour Service stopped successfully! Service Bonjour Service deleted successfully! ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: CKORDA ->Temp folder emptied: 9698843 bytes ->Temporary Internet Files folder emptied: 48234346 bytes ->Java cache emptied: 7 bytes ->Flash cache emptied: 55556 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: LocalService ->Temp folder emptied: 115616 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 1535316 bytes ->Flash cache emptied: 1273 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 3072 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 304732 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 35971080 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 384763311 bytes Total Files Cleaned = 458,00 mb OTM by OldTimer - Version 3.1.16.1 log created on 10012010_144930 Files moved on Reboot... C:\Documents and Settings\CKORDA\Local Settings\Temp\Google Toolbar\GoogleToolbarWelcome.log moved successfully. C:\Documents and Settings\CKORDA\Local Settings\Temporary Internet Files\Content.IE5\MWNTLSGK\login[1].htm moved successfully. C:\Documents and Settings\CKORDA\Local Settings\Temporary Internet Files\Content.IE5\MWNTLSGK\logon[2].htm moved successfully. C:\Documents and Settings\CKORDA\Local Settings\Temporary Internet Files\Content.IE5\HF9WG7SK\ban_home_728x90[1].htm moved successfully. C:\Documents and Settings\CKORDA\Local Settings\Temporary Internet Files\Content.IE5\36493K4G\afr[1].htm moved successfully. C:\Documents and Settings\CKORDA\Local Settings\Temporary Internet Files\Content.IE5\36493K4G\infection-a-nouveau-t179794[1].html moved successfully. C:\Documents and Settings\CKORDA\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. C:\Documents and Settings\CKORDA\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully. File C:\WINDOWS\temp\logishrd\LVPrcInj02.dll not found! Registry entries deleted on Reboot...

je ne peux toujours pas utiliser "ci-joint.fr" depuis mon pc. Internet Explorer ne peut afficher cette page web. Meme chose pour poster le log directement dans la réponse de ce forum....... Cijoint.fr - Service gratuit de dépôt de fichiers

voilà m'sieur : Startups@Ease - version 0.97 Beta Log generated on: 01/10/2010 14:09:32 =========== Forced Remove =========== hklm32: "Alcmtr"="ALCMTR.EXE" hklm32: "Adobe Reader Speed Launcher"=""C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"" =============== INTS =============== ========= Consented Removals ========= hkcu: "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" hkcu: "swg"=""C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"" hkcu: "Skype"=""C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized" hklm32: "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" hklm32: "Persistence"="C:\WINDOWS\system32\igfxpers.exe" hklm32: "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" hklm32: "LogitechQuickCamRibbon"=""C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide" hklm32: "tsnp2std"="C:\WINDOWS\tsnp2std.exe" hklm32: "DivXUpdate"=""C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW" hklm32: "QuickTime Task"=""C:\Program Files\QuickTime\qttask.exe" -atboottime" hklm32: "iTunesHelper"=""C:\Program Files\iTunes\iTunesHelper.exe""

voici les logs de RSIT. Je ne peux tjs pas les uploader depuis mon pc (connexion impossible dès que je clique sur "cliquer pour déposer le fichier") Cijoint.fr - Service gratuit de dépôt de fichiers Cijoint.fr - Service gratuit de dépôt de fichiers

Merci. Alors voici le log MBAM. Je redémarre et poste le rapport RSIT. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4726 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 01/10/2010 13:13:36 mbam-log-2010-10-01 (13-13-36).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 232947 Temps écoulé: 43 minute(s), 50 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\CKORDA\Local Settings\Temporary Internet Files\Content.IE5\HQZ3O3OV\sprIconsSRPListView_03[1].gif (Extension.Mismatch) -> Quarantined and deleted successfully.

Bonjour et merci pour la réponse. Je ne sais pas comment désinstaller hijacthis, et je n'accède pas à l'utilitaire windows de désinstallation. voici les liens vers les fichiers demandés : Cijoint.fr - Service gratuit de dépôt de fichiers Cijoint.fr - Service gratuit de dépôt de fichiers ça plante de plus en plus... (( merci d'avance

bonjour, je suis inquiet de ne pas avoir de réponse... Ai-je mal fait qq chose ? merci Ch.

Bonjour, après une désinfection plutôt réussie la semaine dernière, je suis à nouveau "touché" par une bestiole. Symptomes : ralentissements, ouverture d'autres pages que celles cliquées (vers ebay ou gomeo par exemple alors que le lien était différent). Il m'est également impossible de poster mon log ou sur l'évaluation en ligne de hijackthis sur ce site avec mon pc (connexion impossible). Malware Bytes ne trouve rien de mauvais. Merci d'avance. Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 09:58:23, on 29/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\TAMSvr.exe C:\WINDOWS\system32\FpLogonServ.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Toshiba\3GUty\tw3gsvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\00THotkey.exe C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\TouchED\TouchED.exe C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\WINDOWS\system32\TPSMain.exe C:\WINDOWS\system32\TPSODDCtl.exe C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe C:\Program Files\TrueSuite Access Manager\FpNotifier.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\TrueSuite Access Manager\usbnotify.exe C:\Program Files\TrueSuite Access Manager\PwdBank.exe C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe C:\Program Files\Toshiba\3GUty\TW3GCTRL.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\TOSHIBA\TOSHIBA SSD Monitor\TosSENotify.exe C:\WINDOWS\system32\TFNF5.exe C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\CA\eTrustITM\realmon.exe C:\WINDOWS\FixCamera.exe C:\WINDOWS\tsnp2std.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\CA\eTrustITM\InoRpc.exe C:\Program Files\Bouygues\GlobeTrotter Connect\GlobeTrotter Connect.exe C:\Program Files\CA\eTrustITM\InoRT.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\CA\eTrustITM\InoTask.exe c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Intel\AMT\LMS.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE C:\WINDOWS\system32\TODDSrv.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Apple Software Update\SoftwareUpdate.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\CKORDA\Mes documents\Downloads\HiJackThis_v2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iTunes\iTunes.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - c:\program files\shareaza\razawebhook32.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [TAudEffect] C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe /run O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.exe O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon O4 - HKLM\..\Run: [TOSDCR] TOSDCR.EXE O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" O4 - HKLM\..\Run: [TPCHWMsg] %ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [FingerPrintNotifer] "C:\Program Files\TrueSuite Access Manager\FpNotifier.exe" O4 - HKLM\..\Run: [usbMonitor] "C:\Program Files\TrueSuite Access Manager\usbnotify.exe" O4 - HKLM\..\Run: [PwdBank] "C:\Program Files\TrueSuite Access Manager\PwdBank.exe" O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup O4 - HKLM\..\Run: [TOSHIBA_3G_UTY] C:\Program Files\Toshiba\3GUty\TW3GCTRL.exe O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA SSD Monitor\TosSENotify.exe O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program Files\CA\eTrustITM\realmon.exe" -s O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: GlobeTrotter Connect.lnk = C:\Program Files\Bouygues\GlobeTrotter Connect\GlobeTrotter Connect.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Download with &Shareaza - res://c:\program files\shareaza\razawebhook32.dll/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20100506143935 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1245248963462 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1245248947460 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ATFUS - C:\WINDOWS\system32\FpWinLogonNp.dll O20 - Winlogon Notify: TosBtNP - C:\WINDOWS\SYSTEM32\TosBtNP.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Authentec memory manager service (Authentec memory manager) - AuthenTec Inc. - C:\WINDOWS\system32\TAMSvr.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Fingerprint Server (FingerprintServer) - AuthenTec,Inc - C:\WINDOWS\system32\FpLogonServ.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iTechnology iGateway 4.2 (iGateway) - CA, Inc. - C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service RPC eTrust ITM (InoRPC) - CA - C:\Program Files\CA\eTrustITM\InoRpc.exe O23 - Service: Service en temps réel eTrust ITM (InoRT) - CA - C:\Program Files\CA\eTrustITM\InoRT.exe O23 - Service: Service des jobs eTrust ITM (InoTask) - CA - C:\Program Files\CA\eTrustITM\InoTask.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: 3G RF Power Control Utility (TW3GSVC) - TOSHIBA CORPORATION - C:\Program Files\Toshiba\3GUty\tw3gsvc.exe O23 - Service: Intel® Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 17737 bytes

Bonjour, C'est génial, merci. Bravo pour la qualité de l'analyse et la précision des conseils ! Que faire maintenant ? Je laisse MBAM ? Je réactive les analyses temps réel ? Je fait un coup de CCleaner ? merci Ch.

voici le log de MBAM après redémarrage : (en revanche, j'ai un message d'erreur au démarrage de windows fichier neretrv.dll manquant) Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4676 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 23/09/2010 21:11:00 mbam-log-2010-09-23 (21-11-00).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 227671 Temps écoulé: 31 minute(s), 19 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)