AU SECOURS!!! J'AI UN VIRUS DE TYPE BEAGLE!!! Résolu

Question

Bonjour, Tout le monde =)

j'ai vraiment besoin de votre aide j'ai des virus de type beagle sur mon ordi puis des rookits mais la total la comment faire pour s'en debarasser j'ai essayer le logiciel findkill puis eliglaba sa na rien fais aider moi svp

V-X · Answer

Salut,

poste tes rapports de findykill et d'ellibagla.

merci

christorock · Answer

ok mais je ne les ai plus donc je vais devoir les refaires

christorock · Answer

----------------- FindyKill V4.711 ------------------ * User : christopher - PC-DE-CHRISTO * Emplacement : C:\Program Files\FindyKill * Outils Mis a jours le 05/01/09 par Chiquitine29 * Recherche effectuée à 22:22:10 le 07/01/2009 * Windows Vista - Internet Explorer 7.0.6001.18000 ((((((((((((((((( *** Recherche *** )))))))))))))))))) --------------- [ Processus actifs ] ---------------- C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32 vvsvc.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32 undll32.exe C:\Windows\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32 askeng.exe C:\Windows\Explorer.EXE C:\Windows\system32 askeng.exe C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Windows\System32 vraidservice.exe C:\Windows\System32 undll32.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\WebcamMax\CAMTHINS.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\ONSPEED\onspeedcore.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Windows\system32 undll32.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Users\christopher\Local Settings\APPLIC~1\dllhst3g.exe C:\Windows\system32\WUDFHost.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\christopher\AppData\Roaming\drivers\winupgro.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conime.exe --------------- [ Processus infectieux stoppés ] ---------------- "C:\Users\christopher\AppData\Roaming\drivers\winupgro.exe" (5012) --------------- [ Fichiers/Dossiers infectieux ] ---------------- »»»» Presence des fichiers dans C: Found ! [07/01/2009 08:08] - C:\InfoSat.txt »»»» Presence des fichiers dans C:\Windows »»»» Presence des fichiers dans C:\Windows\Prefetch »»»» Presence des fichiers dans C:\Windows\system32 »»»» Presence des fichiers dans C:\Windows\system32\drivers »»»» Presence des fichiers dans C:\Users\christopher\AppData\Roaming Found ! [07/01/2009 22:11] - "C:\Users\christopher\AppData\Roaming\drivers" Found ! [07/01/2009 22:10] - "C:\Users\christopher\AppData\Roaming\drivers\srosa2.sys" Found ! [23/01/2005 02:07] - "C:\Users\christopher\AppData\Roaming\drivers\winupgro.exe" Found ! [07/01/2009 22:19] - "C:\Users\christopher\AppData\Roaming\drivers\downld" »»»» Presence des fichiers dans C:\Users\CHRIST~1\AppData\Local\Temp Found ! - C:\Users\CHRIST~1\AppData\Local\Temp\Rar$EX00.434\Onspeed.Crack.[deXter].exe Found ! - C:\Users\CHRIST~1\AppData\Local\Temp\Rar$EX00.870\install_crack.exe »»»» Presence des fichiers dans C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5 --------------- [ Registre / Startup ] ---------------- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion un] RocketDock="F:\RocketDock\RocketDock.exe" SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background drvsyskit=C:\Users\christopher\AppData\Roaming\drivers\winupgro.exe eMuleAutoStart=F:\christopher\logiciel\eMule\emule.exe -AutoStart HKEY_CURRENT_USER\software\microsoft\windows\currentversion un\AdobeUpdater= = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion un] Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide Acer Empowering Technology Monitor=C:\Acer\Empowering Technology\SysMonitor.exe eDataSecurity Loader=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe PCMMediaSharing=C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe mcagent_exe=C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey NVRaidService=C:\Windows\system32 vraidservice.exe AdobeCS4ServiceManager="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin NvCplDaemon=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup NvMediaCenter=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit LogitechCommunicationsManager="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" LogitechQuickCamRibbon="C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide WebcamMaxMoniter="C:\Program Files\WebcamMax\CAMTHINS.exe" /m avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe SlipStream="C:\Program Files\ONSPEED\onspeedcore.exe" HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un\OptionalComponents= = HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un\OptionalComponents\IMAIL= Installed=1 = HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un\OptionalComponents\MAPI= NoChange=1 Installed=1 = HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un\OptionalComponents\MSFS= Installed=1 = [HKEY_CURRENT_USER\software\local appwizard-generated applications\install_crack] [HKEY_CURRENT_USER\software\local appwizard-generated applications\Registrar] [HKEY_CURRENT_USER\software\local appwizard-generated applications\RocketDock] [HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro] --------------- [ Registre / Clés infectieuses ] ---------------- Found ! - HKEY_USERS\S-1-5-21-3330372320-3260314469-3726213641-1000\Software\Local AppWizard-Generated Applications\install_crack Found ! - HKEY_USERS\S-1-5-21-3330372320-3260314469-3726213641-1000\Software\Local AppWizard-Generated Applications\winupgro Found ! - HKEY_USERS\S-1-5-21-3330372320-3260314469-3726213641-1000\Software\bisoft Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_crack Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s Found ! - HKEY_CURRENT_USER\Software\bisoft Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | drvsyskit Found ! - [HKEY_USERS\S-1-5-21-3330372320-3260314469-3726213641-1000\Software\Microsoft\Windows\CurrentVersion\Run] | drvsyskit /!\ Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1 /!\ Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1 --------------- [ Etat / Services ] ---------------- +- Services : [ Auto=2 / Demande=3 / Désactivé=4 ] /!\ Ndisuio - Type de démarrage = 4 EapHost - Type de démarrage = 2 Wlansvc - Type de démarrage = 2 /!\ SharedAccess - Type de démarrage = 4 /!\ wuauserv - Type de démarrage = 4 /!\ wscsvc - Type de démarrage = 4 /!\ WinDefend - Type de démarrage = 4 /!\ UAC is Disable --------------- [ Recherche dans supports amovibles] ---------------- +- Informations : C: - Lecteur fixe D: - Lecteur fixe E: - Lecteur fixe F: - Lecteur fixe +- presence des fichiers : --------------- [ Registre / Mountpoint2 ] ---------------- -> Not found ! ------------------- ! Fin du rapport ! --------------------

christorock · Answer

qu'es-ce que je fais maintenat?

V-X · Answer

Re,

Findykill de chiquitine29 option 2:

&#x25B6 Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir

&#x25B6 Double-clique sur le raccourci FindyKill sur ton bureau

&#x25B6 Au menu principal, choisisl'option 2 (Suppression)

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

&#x25B6 Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

V-X · Answer

Re,

Regarde le poste n°5

christorock · Answer

oui, d'accord mais je vais te dire un truc hier aussi j'ai fais sa avec findykill puis a la derniere etape il verifier d'autre infection il me disait entre 10 et 15 min puis j'attend il ce passe rien puis je laissee tourner toute la nuit et le lendemaain il y avait toujours recherche de des autres infection sa n'avai pas bougé puis bas j'ai quitter et du couup j'ai pas eu le rapport mais sa aver quand meme marcher ma securiter etai reparti bas jusqu'a maintenant donc j'espere que le logiciel findykill marchera cette fois ci...

V-X · Answer

Re,

Si dans 20 minutes rien je t'envoie un mp pour te donner un lien qui te permettra de supprimer ce beagle.

A++

christorock · Answer

d'accord merci je vais procer a l'etape de supression a t'alleure

christorock · Answer

wé bas comme j'avais di sa ne marche toujours pas bas je vais attendre jusqu'à 23h après la sa fera largement + de 15min il cherche toujours la

V-X · Answer

Re,

Bon je tes mp pour le lien .

Poste moi le rapport sur le forum pas en mp.

christorock · Answer

----------------- FindyKill V4.711 ------------------

* User : christopher - PC-DE-CHRISTO
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 22:39:59 the 07/01/2009
* Windows Vista - Internet Explorer 7.0.6001.18000
 
 
((((((((((((((( *** deleting *** ))))))))))))))))))  
 
 
--------------- [ Active Processes ] ----------------  
 

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32
vvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32undll32.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32unonce.exe
C:\Windows\system32	askeng.exe
C:\Windows\system32\conime.exe
 
--------------- [ Infected files / folders ] ----------------  
 
 
»»»» Supression files in C: 
 
Deleted ! - C:\InfoSat.txt  
 
»»»» Supression files in C:\Windows 
 
 
»»»» Supression files in C:\Windows\Prefetch 
 
 
»»»» Supression files in C:\Windows\system32 
 
 
»»»» Supression files in C:\Windows\system32\drivers 
 
 
»»»» Supression files in C:\Users\christopher\AppData\Roaming 
 
Deleted ! - "C:\Users\christopher\AppData\Roaming\drivers\srosa2.sys"  
Deleted ! - "C:\Users\christopher\AppData\Roaming\drivers\winupgro.exe"  
Deleted ! - "C:\Users\christopher\AppData\Roaming\drivers\downld"  
Deleted ! - "C:\Users\christopher\AppData\Roaming\drivers"  
 
»»»» Supression files in C:\Users\CHRIST~1\AppData\Local\Temp 
 
Deleted ! - C:\Users\CHRIST~1\AppData\Local\Temp\Rar$EX00.434\Onspeed.Crack.[deXter].exe     
Deleted ! - C:\Users\CHRIST~1\AppData\Local\Temp\Rar$EX00.870\install_crack.exe     
 
»»»» Supression files in C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5 
 
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64[4].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_1[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_1[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_1[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_1[4].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_1[5].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_1[6].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_1[7].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_1[8].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_2[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_3[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_3[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_3[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_3[4].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\1ZBQQ93P\b64_5[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_1[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_1[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_1[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_1[4].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_1[5].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_1[6].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_2[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_2[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_2[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_3[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\b64_3[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\file[1].txt    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\2L977EI3\file[2].txt    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64[4].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_1[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_1[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_1[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_1[4].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_1[5].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_1[6].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_2[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_2[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_2[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_2[4].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_2[5].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_3[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_3[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_3[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_3[4].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\b64_3[5].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\CNJFQF2J\file[1].txt    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64[4].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64_1[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64_1[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64_2[1].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64_2[2].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64_2[3].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64_2[4].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64_2[5].jpg    
Deleted ! - C:\Users\christopher\Local Settings\Temporary Internet Files\Content.IE5\I6IALE4Q\b64_2[6].jpg    
 
--------------- [  Registry / Infected keys ] ---------------- 
 
Deleted ! - HKEY_CURRENT_USER\Software\bisoft   
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe   
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe   
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe   
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe   
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe   
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe   
Deleted ! - HKEY_USERS\S-1-5-21-3330372320-3260314469-3726213641-1000\Software\Local AppWizard-Generated Applications\install_crack   
Deleted ! - HKEY_USERS\S-1-5-21-3330372320-3260314469-3726213641-1000\Software\Local AppWizard-Generated Applications\winupgro   
 
--------------- [ States / Restarting of services ] ---------------- 
 


+- Services : [ Auto=2 / Request=3 / Disable=4 ] 

Ndisuio - Type of startup  = 3 
 
EapHost - Type of startup  = 2 
 
Wlansvc - Type of startup  = 2 
 
SharedAccess - Type of startup  = 2 
 
wuauserv - Type of startup  = 2 
 
wscsvc - Type of startup  = 2 
 
WinDefend - Type of startup  = 2 
 
-> UAC is Enable  
 
---------------   [ Cleaning removable drives ] ----------------  
 
+- Informations : 

C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
F: - Lecteur fixe
 
+- deleting files : 
 
 
--------------- [ Registry / Mountpoint2 ] ----------------  
 
 
 -> Not found ! 
 
 
--------------- [ Searching Other Infections ] ----------------  
 
 
Références de comparaison Bagle MD5 :

0f9eeeada1694dde3b1817e2833e1a22  C:\Users\christopher\AppData\Roaming\drivers\winupgro.exe 

Suspect ! - e92f97a719253ab1478aa339fdcf7a36  C:\Program Files\AVSMedia\VideoTools\CaptureWizard\CaptureWizard.exe  
Suspect ! - 999b02bd932b793ff4462f827d1f7867  C:\Program Files\AVSMedia\VideoTools\DVDtoGO\AVSDVDtoGO.exe  
Suspect ! - f69f7baea045f74733b2a12ce1bd8780  C:\Program Files\AVSMedia\VideoTools\VideoConverter\AVSVideoConverter.exe  
Suspect ! - a7b43a3222ed5fcb2afa48d6baa204d2  C:\Program Files\AVSMedia\VideoTools\VideoConverter\Registration.exe  
Suspect ! - 7edbb6ecdd3d2fecd0be248da03155a2  C:\Program Files\AVSMedia\VideoTools\VideoReMaker\AVSVideoReMaker.exe  
Suspect ! - f9beaf03b4edc6b5d04fe86a2d2e84a0  C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\AVSDVDMenuEditor.exe  
Suspect ! - d89f1cb21e3fb8c0d75058932d5b302e  C:\Program Files\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe  
Suspect ! - 21e6353f1d6fdbeb85948cfebbb0d6b4  C:\Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe  
 
--------------- [ Searching Cracks / Keygen ] ----------------  
 
C:\Users\christopher\Downloads\eMule\Incoming\Onspeed.5.0.181.Full.Setup.and.Crack.v2.2._deXter_.zip
 
 
---------------- ! End of report ! ------------------

christorock · Answer

c bon enfaite ms il a mis + de 20min ce con lol

V-X · Answer

Re,

Fait quand même combofix.=> voir ton mp.

merci

V-X · Answer

Re,

Et poste le rapport de findykill option 2

christorock · Answer

d'accord

christorock · Answer

wi bas je les faits non?

V-X · Answer

Re,

C'est pas fini croit moi

Poste le rapport et passe combofix.

christorock · Answer

mais tu veux quel rapport? celle de findykill je les deja poster le 2 et la je vais faire ce que tu ma passer

V-X · Answer

Re


Pas vue avant.=>fait combofix voir ton mp.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :


:files
C:\Users\christopher\Downloads\eMule\Incoming\Onspeed.5.0.181.Full.Setup.and.Crack.v2.2._deXter_.zip 

:commands
[purity]
[emptytemp]
[reboot] 



---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

christorock · Answer

bas j'ai deja fais ton logiciel que tu ma dit est c'est qu'il est puissant tout c'est bien passé je te met le rapport tout de suite

christorock · Answer

ComboFix 09-01-07.01 - christopher 2009-01-07 23:13:46.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2815.1798 [GMT 1:00] Lancé depuis: c:\users\christopher\Desktop\killbagle.exe * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Services.exe c:\windows\system32\mpg4c32.dll f: ocketdock\RocketDock.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-07 au 2009-01-07 )))))))))))))))))))))))))))))))))))) . 2009-01-07 16:19 . 2009-01-07 16:19 d-------- c:\users\christopher\AppData\Roaming\SlipStream 2009-01-07 16:19 . 2009-01-07 16:19 d-------- c:\users\CHRIST~1\AppData\Roaming\SlipStream 2009-01-07 16:19 . 2006-08-03 17:33 86,016 --a------ c:\windows\System32\sliprt.dll 2009-01-07 13:41 . 2009-01-07 13:41 d-------- c:\program files\Alwil Software 2009-01-07 13:41 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys 2009-01-06 21:37 . 2009-01-07 23:01 d-------- c:\program files\FindyKill 2009-01-06 06:55 . 2008-12-29 01:29 81,920 --a------ c:\windows\system\spoolsv.exe 2009-01-06 05:00 . 2008-12-29 01:29 81,920 --a------ c:\windows\ieudinit.exe 2009-01-06 01:48 . 2008-12-29 01:29 81,920 --a------ c:\windows\system\cisvc.exe 2009-01-06 00:11 . 2008-12-29 01:29 81,920 --a------ c:\users\christopher\AppData\Roaming svp.exe 2009-01-06 00:11 . 2008-12-29 01:29 81,920 --a------ c:\users\CHRIST~1\AppData\Roaming svp.exe 2009-01-05 23:08 . 2008-12-29 01:29 81,920 --a------ c:\windows\system\mstsc.exe 2009-01-04 19:08 . 2008-12-29 01:29 81,920 --a------ c:\windows\cisvc.exe 2009-01-04 18:00 . 2009-01-06 22:08 240,633,820 --a------ c:\windows\MEMORY.DMP 2009-01-04 15:37 . 2009-01-04 15:37 d-------- c:\users\All Users\WebcamMax 2009-01-04 15:37 . 2009-01-04 15:37 d-------- c:\progra~2\WebcamMax 2009-01-04 15:36 . 2009-01-04 15:37 d-------- c:\users\christopher\AppData\Roaming\Webcammax 2009-01-04 15:36 . 2009-01-04 15:37 d-------- c:\users\CHRIST~1\AppData\Roaming\Webcammax 2009-01-04 15:30 . 2009-01-04 16:12 d-------- c:\program files\WebcamMax 2009-01-02 22:37 . 2009-01-02 22:37 d-------- c:\program files\MSN Messenger 2009-01-02 21:56 . 2009-01-07 16:19 d-------- c:\program files\ONSPEED 2009-01-02 03:57 . 2009-01-02 03:57 d-------- c:\program files\inKline Global 2009-01-02 00:50 . 2009-01-04 21:15 d-------- c:\program files\Windows Live Safety Center 2009-01-01 22:26 . 2009-01-01 22:26 d-------- c:\program files\Robust.ws 2009-01-01 22:26 . 2005-08-27 03:38 1,435,272 --a------ c:\windows\System32\Flash8.ocx 2009-01-01 22:26 . 2000-05-22 06:00 647,872 --a------ c:\windows\System32\MSCOMCT2.OCX 2009-01-01 22:26 . 2004-02-05 21:53 389,120 --a------ c:\windows\System32\actskn43.ocx 2009-01-01 22:26 . 2004-01-08 01:43 253,952 --a------ c:\windows\System32\histogram.ocx 2009-01-01 22:26 . 2004-01-09 11:54 188,416 --a------ c:\windows\System32\actsplash.ocx 2008-12-30 18:53 . 2008-12-30 21:13 d-------- c:\program files\PhotoFiltre Studio 2008-12-30 18:53 . 2008-12-30 18:53 45 ---h----- c:\windows\dne 0656.dat 2008-12-29 20:53 . 2008-12-29 20:53 d-------- c:\program files\Common Files\Logitech 2008-12-29 12:06 . 2008-12-29 13:14 376 --a------ c:\windows\ODBC.INI 2008-12-29 12:06 . 2008-12-29 13:14 35 --a------ c:\windows\vbaddin.ini 2008-12-29 12:04 . 2008-12-29 12:04 d-------- c:\program files\Microsoft FrontPage 2008-12-29 12:03 . 2008-12-29 12:03 d-------- c:\users\christopher\AppData\Roaming\Microsoft Web Folders 2008-12-29 12:03 . 2008-12-29 12:03 d-------- c:\users\CHRIST~1\AppData\Roaming\Microsoft Web Folders 2008-12-29 03:02 . 2008-12-29 03:02 d-------- c:\program files\Microsoft CAPICOM 2.1.0.2 2008-12-28 19:45 . 2009-01-02 22:38 d-------- c:\program files\MessengerDiscovery 2008-12-28 19:45 . 2004-03-09 01:00 609,824 --a------ c:\windows\System32\COMCTL32.ocx 2008-12-28 19:45 . 2004-03-08 23:00 152,848 --a------ c:\windows\System32\comdlg32.OCX 2008-12-28 19:45 . 2004-03-09 01:00 124,688 --a------ c:\windows\System32\MSWINSCK.ocx 2008-12-28 19:36 . 2008-12-28 19:37 d-------- c:\program files\Messenger Plus! Live 2008-12-28 19:33 . 2008-12-28 19:33 d-------- c:\program files\Microsoft SQL Server Compact Edition 2008-12-28 19:30 . 2008-12-28 19:31 d--hsc--- c:\program files\Common Files\WindowsLiveInstaller 2008-12-28 19:29 . 2008-12-28 19:29 d-------- c:\users\All Users\WLInstaller 2008-12-28 19:29 . 2008-12-29 03:02 d-------- c:\program files\Windows Live 2008-12-28 19:29 . 2008-12-28 19:29 d-------- c:\progra~2\WLInstaller 2008-12-28 15:28 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll 2008-12-28 15:28 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe 2008-12-28 15:28 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll 2008-12-28 15:28 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll 2008-12-28 15:28 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll 2008-12-28 15:28 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl 2008-12-28 15:28 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll 2008-12-28 15:27 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe 2008-12-28 15:20 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll 2008-12-28 15:20 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll 2008-12-28 15:20 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll 2008-12-28 15:20 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll 2008-12-28 15:20 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32 etfxperf.dll 2008-12-28 08:08 . 2009-01-07 22:39 0 --a------ c:\windows\System32\drivers\lvuvc.hs 2008-12-28 01:51 . 2008-12-28 01:51 d-------- c:\users\christopher\AppData\Roaming\Leadertech 2008-12-28 01:51 . 2008-12-28 01:51 d-------- c:\users\CHRIST~1\AppData\Roaming\Leadertech 2008-12-28 01:50 . 2008-12-28 01:50 d-------- c:\users\All Users\Logitech 2008-12-28 01:50 . 2008-12-29 09:55 d-------- c:\users\All Users\Logishrd 2008-12-28 01:50 . 2008-12-28 01:50 d-------- c:\program files\Logitech 2008-12-28 01:50 . 2008-12-28 01:50 d-------- c:\progra~2\Logitech 2008-12-28 01:50 . 2008-12-29 09:55 d-------- c:\progra~2\Logishrd 2008-12-28 01:46 . 2008-12-28 01:51 d-------- c:\program files\Common Files\logishrd 2008-12-28 01:03 . 2009-01-04 01:32 d-------- c:\users\christopher\AppData\Roaming\skypePM 2008-12-28 01:03 . 2009-01-04 01:32 d-------- c:\users\CHRIST~1\AppData\Roaming\skypePM 2008-12-28 01:03 . 2008-12-28 01:03 56 --ah----- c:\users\All Users\ezsidmv.dat 2008-12-28 01:03 . 2008-12-28 01:03 56 --ah----- c:\progra~2\ezsidmv.dat 2008-12-28 00:59 . 2009-01-04 03:33 d-------- c:\users\christopher\AppData\Roaming\Skype 2008-12-28 00:59 . 2009-01-04 03:33 d-------- c:\users\CHRIST~1\AppData\Roaming\Skype 2008-12-28 00:58 . 2008-12-28 00:59 d-------- c:\users\All Users\Skype 2008-12-28 00:58 . 2008-12-28 00:59 d-------- c:\program files\Skype 2008-12-28 00:58 . 2008-12-28 00:58 d-------- c:\program files\Common Files\Skype 2008-12-28 00:58 . 2008-12-28 00:59 d-------- c:\progra~2\Skype 2008-12-27 00:18 . 2008-12-28 08:24 d-------- c:\users\All Users\NOS 2008-12-27 00:18 . 2008-12-28 08:24 d-------- c:\program files\NOS 2008-12-27 00:18 . 2008-12-28 08:24 d-------- c:\progra~2\NOS 2008-12-23 01:41 . 2008-12-23 01:41 d-------- c:\program files\Softick 2008-12-22 01:08 . 2008-12-22 01:08 d--h----- c:\program files\Temp 2008-12-21 23:56 . 2008-12-21 23:56 d-------- c:\users\All Users\ma-config.com 2008-12-21 23:56 . 2008-12-21 23:56 d-------- c:\progra~2\ma-config.com 2008-12-21 22:20 . 2008-12-21 22:20 d-------- c:\program files\Guitar Pro 5 2008-12-20 20:13 . 2008-12-20 20:15 d-------- c:\users\christopher\AppData\Roaming\fretsonfire 2008-12-20 20:13 . 2008-12-20 20:15 d-------- c:\users\CHRIST~1\AppData\Roaming\fretsonfire 2008-12-20 19:57 . 2008-12-20 20:13 d-------- c:\program files\Frets on Fire 2008-12-20 15:45 . 2008-12-20 15:45 d-------- c:\users\christopher\Library 2008-12-20 15:45 . 2008-12-20 15:45 d-------- c:\users\christopher\AppData\Roaming\com.adobe.ExMan 2008-12-20 15:45 . 2008-12-20 15:45 d-------- c:\users\CHRIST~1\AppData\Roaming\com.adobe.ExMan 2008-12-20 09:02 . 2008-12-30 12:12 d-------- c:\users\christopher\AppData\Roaming\SPORE 2008-12-20 09:02 . 2008-12-30 12:12 d-------- c:\users\CHRIST~1\AppData\Roaming\SPORE 2008-12-20 08:57 . 2008-12-20 08:57 d-------- c:\program files\Electronic Arts 2008-12-19 23:05 . 2008-12-19 23:05 d-------- c:\users\All Users\FLEXnet 2008-12-19 23:05 . 2008-12-19 23:05 d-------- c:\progra~2\FLEXnet 2008-12-19 22:58 . 2008-12-19 22:58 d-------- c:\program files\Adobe Media Player 2008-12-19 22:57 . 2008-12-19 22:57 d-------- c:\program files\Common Files\Adobe AIR 2008-12-19 22:54 . 2008-12-19 22:54 d-------- c:\program files\Common Files\Macrovision Shared 2008-12-19 21:24 . 2008-12-19 21:24 362,240 --a------ c:\windows\System32\TuneUpDefragService.exe 2008-12-19 19:23 . 2008-12-19 19:23 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2008-12-18 21:33 . 2008-12-18 21:45 d-------- c:\program files\TuneUp Utilities 2009 2008-12-18 21:32 . 2008-12-18 21:32 d--hs---- c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357} 2008-12-18 21:32 . 2008-12-18 21:32 d--hs---- c:\progra~2\{55A29068-F2CE-456C-9148-C869879E2357} 2008-12-18 20:42 . 2008-12-18 20:42 d-------- c:\program files\CAPCOM 2008-12-18 14:43 . 2009-01-05 00:06 d-------- c:\program files\Free Video Converter 2008-12-18 14:19 . 2008-12-18 14:19 d-------- c:\users\christopher\AppData\Roaming\AVSMedia 2008-12-18 14:19 . 2008-12-18 14:19 d-------- c:\users\CHRIST~1\AppData\Roaming\AVSMedia 2008-12-18 14:19 . 2008-12-18 14:19 d-------- c:\users\All Users\AVS4YOU 2008-12-18 14:19 . 2008-12-18 14:19 d-------- c:\progra~2\AVS4YOU 2008-12-18 14:12 . 2008-12-18 14:13 d-------- c:\program files\Common Files\AVSMedia 2008-12-18 14:12 . 2008-12-18 14:12 d-------- c:\program files\AVSMedia 2008-12-18 14:12 . 2007-02-27 19:36 974,848 --a------ c:\windows\System32\mfc70.dll 2008-12-18 13:50 . 2008-12-18 13:50 d-------- c:\program files\AviSynth 2.5 2008-12-18 13:50 . 2004-02-22 10:11 719,872 --a------ c:\windows\System32\devil.dll 2008-12-18 13:45 . 2008-12-18 13:46 d-------- c:\users\christopher\AppData\Roaming\SolidWorks 2008-12-18 13:45 . 2008-12-18 13:46 d-------- c:\users\CHRIST~1\AppData\Roaming\SolidWorks 2008-12-18 13:44 . 2008-12-18 13:44 d-------- c:\program files\Common Files\PX Storage Engine 2008-12-18 13:44 . 2008-10-08 03:03 43,872 --------- c:\windows\System32\drivers\PxHelp20.sys 2008-12-18 13:44 . 2008-10-08 03:03 9,200 --------- c:\windows\System32\drivers\cdralw2k.sys 2008-12-18 13:44 . 2008-10-08 03:03 9,072 --------- c:\windows\System32\drivers\cdr4_xp.sys 2008-12-18 13:34 . 2008-12-18 13:38 d-------- c:\program files\VirtualDJ . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-02 02:57 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-30 17:39 1 ----a-w c:\program files\MSWINSCK.OCX 2008-12-26 23:21 --------- d-----w c:\program files\Common Files\Adobe 2008-12-24 07:50 --------- d-----w c:\program files\McAfee 2008-12-22 00:08 319,456 ----a-w c:\windows\DIFxAPI.dll 2008-12-21 23:11 --------- d-----w c:\progra~2\NVIDIA 2008-12-18 14:02 1,051,136 ----a-w c:\windows\system32\drivers\CamthWDM.sys 2008-12-16 22:46 --------- d-----w c:\progra~2\Microsoft Help 2008-12-16 22:41 --------- d-----w c:\program files\Microsoft Works 2008-12-16 14:15 --------- d-----w c:\program files\Windows Mail 2008-12-16 13:45 --------- d-----w c:\progra~2\SiteAdvisor 2008-12-16 13:40 --------- d-----w c:\progra~2\McAfee 2008-12-16 13:32 --------- d-sh--w c:\program files\Fichiers communs 2008-12-16 13:32 --------- d-sh--w c:\progra~2\Modèles 2008-12-16 13:32 --------- d-sh--w c:\progra~2\Menu Démarrer 2008-12-16 13:32 --------- d-sh--w c:\progra~2\Favoris 2008-12-16 13:32 --------- d-sh--w c:\progra~2\Bureau 2008-12-02 09:13 453,152 ----a-w c:\windows\System32 vuninst.exe 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll 2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe 2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll 2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll 2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll 2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll 2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 23:38 121392 --a------ c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-28 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896] "PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-06 582992] "NVRaidService"="c:\windows\system32 vraidservice.exe" [2007-12-07 196128] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-02 13683232] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-02 92704] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184] "WebcamMaxMoniter"="c:\program files\WebcamMax\CAMTHINS.exe" [2007-03-07 81920] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "SlipStream"="c:\program files\ONSPEED\onspeedcore.exe" [2006-08-03 258048] c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\ ONSPEED.lnk - c:\program files\ONSPEED\onspeedgui.exe [2009-01-07 172032] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion un-] "Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" /background "Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized "WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe "Google Update"="c:\users\christopher\AppData\Local\Google\Update\GoogleUpdate.exe" /c [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un-] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Modem Booster"=c:\program files\inKline Global\Modem Booster\modembtr.exe "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3330372320-3260314469-3726213641-1000] "EnableNotificationsRef"=dword:00000007 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{9A0FC0E6-C41A-491D-85B2-7B42B0C4D7B6}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{9272E7EA-E5B0-4E65-AA03-61B849992A79}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{0590D135-20CF-4616-83A2-B4D64D7A7ADC}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live "{40F60C6C-DD8E-40B8-AB34-5061C567E010}"= c:\program files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine "{EC714915-D3A6-43D3-B785-23155F4ED9A6}"= c:\program files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia "{8FB6D042-3CF4-407D-A2E9-A1CE05C41456}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect "{542BA28B-703D-48DB-B83F-94E757E578BF}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service "{B34DAF09-668F-41FD-94EB-A7A892360F5C}"= c:\program files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD "{A924C65E-76C0-4E34-9E09-9FC3F7E6691A}"= c:\program files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician "{F051E17E-51EF-4830-B367-F6DA497077E5}"= c:\program files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator "{F158742F-48F9-4833-8369-7CBA8CC22457}"= c:\program files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician "{57072285-1559-4EA8-9BA9-D616D959450E}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent "{51BA392C-367C-4322-8CA1-C7F13B0AE3EF}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "{736FFC80-67FA-414F-B458-5E4A1AE6C4CA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{A7CC4713-4DA2-4EFF-B786-2405708B101C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{E5B6D03F-FA9F-49D6-AD2A-0210E2149E89}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{DCF25856-082C-4F74-A2E6-DDD3DE119659}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{BE42A89E-CED0-429D-82F2-E52B89EA621D}"= UDP:f:\christopher\logiciel\eMule\emule.exe:emule "{F86E75B9-F9AD-470C-88ED-4F3751C4EA60}"= TCP:f:\christopher\logiciel\eMule\emule.exe:emule "TCP Query User{2C21758B-D7AC-448E-8659-B153FE33E1D5}c:\program files\mozilla firefox\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{D3B72852-301A-4061-A91E-7DB0D0E24B5E}c:\program files\mozilla firefox\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox "{1C602423-1E42-470F-B612-651AA6263590}"= UDP:5353:Adobe CSI CS4 "{F2FD5502-682B-4BAD-A2AD-6D43C635CDFB}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "{18B5B73C-53A3-4765-8A73-CC47AFDCA4A5}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "{90B9EC54-6855-42D1-8123-63856EA20FCA}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{35CB9A95-A47D-464C-9F2F-CCB9777F897A}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{745445A4-80C4-4DBD-A7D9-B4527DFF4C4F}"= c:\program files\Skype\Phone\Skype.exe:Skype "{7DB93C13-1857-40C5-AC5E-EA131797DE37}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{B5218947-6408-4043-988D-D123072DE330}c:\program files\messengerdiscovery\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon "UDP Query User{1804D025-4827-4981-8186-ED42F1A47E2E}c:\program files\messengerdiscovery\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon "{91370525-6D54-4A31-8251-FCB1716974CF}"= UDP:c:\program files\ONSPEED\onspeedgui.exe:ONSPEED "{C6488604-1E29-4B00-BA31-653CD0F8993F}"= TCP:c:\program files\ONSPEED\onspeedgui.exe:ONSPEED R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-01-07 111184] R4 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-03-21 269448] R4 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-01-07 20560] R4 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-01-07 51792] R4 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CamthWDM.sys [2007-01-11 1051136] R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2008-12-16 203280] S3 maconfservice;Ma-Config Service; [x] S3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\System32\drivers vhda32v.sys [2008-03-21 30752] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-RocketDock - f: ocketdock\RocketDock.exe HKLM-Explorer_Run-Spool - c:\users\CHRIST~1\AppData\Local\Temp\spoolsv.exe HKCU-Explorer_Run-DllHst - c:\users\CHRIST~1\LOCALS~1\APPLIC~1\dllhst3g.exe HKU-Default-Explorer_Run-Logman - c:\users\CHRIST~1\LOCALS~1\APPLIC~1\logman.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://fr.fr.acer.yahoo.com mStart Page = hxxp://fr.fr.acer.yahoo.com IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\progra~1\ONSPEED\sliplsp.dll FF - ProfilePath - c:\users\CHRIST~1\AppData\Roaming\Mozilla\Firefox\Profiles\hy0xd75n.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1529850&SearchSource=3&q= FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\ma-config.com phardwaredetection.dll FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0 pctrl.dll FF - plugin: c:\program files\Microsoft\Office Live pOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins p-mswmp.dll FF - plugin: c:\users\christopher\AppData\Local\Google\Update\1.2.133.33 pGoogleOneClick7.dll FF - plugin: c:\users\christopher\AppData\Roaming\Mozilla\Firefox\Profiles\hy0xd75n.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins phardwaredetection.dll ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-07 23:15:29 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(7880) c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll . Heure de fin: 2009-01-07 23:16:50 ComboFix-quarantined-files.txt 2009-01-07 22:16:46 Avant-CF: 93,320,609,792 octets libres Après-CF: 93,289,861,120 octets libres 312 --- E O F --- 2008-12-29 02:03:11

V-X · Answer

Re,

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :


:files
C:\Users\christopher\Downloads\eMule\Incoming\Onspeed.5.0.181.Full.Setup.and.Crack.v2.2._deXter_.zip

:commands
[purity]
[emptytemp]
[reboot]



---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

christorock · Answer

Error: Unable to interpret in the current context! Error: Unable to interpret in the current context! ========== COMMANDS ========== File delete failed. C:\Users\CHRIST~1\AppData\Local\Temp\etilqs_uogQHosqpHMaKXWTKeee scheduled to be deleted on reboot. File delete failed. C:\Users\CHRIST~1\AppData\Local\Temp\~DF2AFB.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. File delete failed. C:\Windows emp\logishrd\LVPrcInj01.dll scheduled to be deleted on reboot. File delete failed. C:\Windows emp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be deleted on reboot. File delete failed. C:\Windows emp\CLDigitalHome\PCMMediaServer.log scheduled to be deleted on reboot. File delete failed. C:\Windows emp\sqlite_FGBBpdskx4HDdlr scheduled to be deleted on reboot. File delete failed. C:\Windows emp\sqlite_TKhYFMYe4lA7YzV scheduled to be deleted on reboot. File delete failed. C:\Windows emp\sqlite_yu3Uf4asWTgol0B scheduled to be deleted on reboot. Windows Temp folder emptied. File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01072009_232257 Files moved on Reboot... File C:\Users\CHRIST~1\AppData\Local\Temp\etilqs_uogQHosqpHMaKXWTKeee not found! C:\Users\CHRIST~1\AppData\Local\Temp\~DF2AFB.tmp moved successfully. DllUnregisterServer procedure not found in C:\Windows emp\logishrd\LVPrcInj01.dll C:\Windows emp\logishrd\LVPrcInj01.dll NOT unregistered. File move failed. C:\Windows emp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot. File move failed. C:\Windows emp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot. File move failed. C:\Windows emp\CLDigitalHome\PCMMediaServer.log scheduled to be moved on reboot. C:\Windows emp\sqlite_FGBBpdskx4HDdlr moved successfully. C:\Windows emp\sqlite_TKhYFMYe4lA7YzV moved successfully. C:\Windows emp\sqlite_yu3Uf4asWTgol0B moved successfully. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_001_ moved successfully. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_002_ moved successfully. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_003_ moved successfully. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_MAP_ moved successfully. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\urlclassifier3.sqlite moved successfully. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\XUL.mfl moved successfully.

V-X · Answer

Re,

Redémarre ton pc normalement et fait ce qui suit.

&#x25B6 Télécharge hijackthis

&#x25B6 Enregistre la cible sous .... "le bureau" 

&#x25B6 Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

&#x25B6 Clique sur Install ensuite sur "I Accept"

&#x25B6 Clique sur" Do a scan system and save log file"

&#x25B6 Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse 

&#x25B6 Tuto hijackthis(Merci à Balltrap34)

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

christorock · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:34:50, on 07/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32
vraidservice.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\WebcamMax\CAMTHINS.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ONSPEED\onspeedgui.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: eCATRegistrar Class - {02336F51-24CA-4422-AB63-18841ADF35E6} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\ONSPEED\PBHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ONSPEED - {4BC3AC04-3E56-411D-B465-4FEA06654611} - (no file)
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32
vraidservice.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\CAMTHINS.exe" /m
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeedgui.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - Logitech Inc. - (no file)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32
vvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

V-X · Answer

Re,

&#x25B6 Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte

&#x25B6 Mets le à jour

&#x25B6 Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.

&#x25B6 Sélectionne Exécuter un examen complet si ce n'est pas déjà fait

&#x25B6 clique sur Rechercher

&#x25B6 Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

&#x25B6 Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

&#x25B6 Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

&#x25B6 Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune. 


Tutoriel pour MalwareByte's

christorock · Answer

et je fais quoi du logiciel que tu ma passer je quitte la fenetre ou je dois faires des trucs comme fix checked?

christorock · Answer

Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1629
Windows 6.0.6001 Service Pack 1

07/01/2009 23:45:02
mbam-log-2009-01-07 (23-45-02).txt

Type de recherche: Examen rapide
Eléments examinés: 51018
Temps écoulé: 2 minute(s), 32 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Windows\system\mstsc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\system\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\Users\christopher\AppData\Roaming\Microsoft\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

V-X · Answer

Re,

Fait un examen complet avec malwarebyte STP

christorock · Answer

wi bas enfaite c'est ce que j'ai fais ms le truc ce que jepensais ac tou ce que tu ma dit e faire il y aurai plus aucun fichier infectueux ms si j'y crois pas. mais la oui jetai entrain de faire un scan complet mai seulement du c:

V-X · Answer

Re,

fait uniquement alors la partie ou tu était infecter

christorock · Answer

oui d'accord bas c'est que sur cette partie de toute facon puis tu me conseille quoi comme logiciel pour enfin arreter d'avoir ses infection car c'est la 2eme fois la

V-X · Answer

Re,

Arrête de télécharger des cracks tout simplement.

christorock · Answer

car c'etait a cause de sa que j'ai eu ce probleme??!!

V-X · Answer

Re,

Ben oué!!

christorock · Answer

Okok je vois oui ba quand on a un naviguateur qui rame tu essaille le + possible de l'acellerer c'est pour sa que j'ai telecharger ce crak donc bas je vais desisntaller ce logiciel et puis wé bas je ne telecharge pas trop de crak mis wé je vais faire comme ta dis alors d'arreter de telecharger de crak

christorock · Answer

oui, mais la mon ordi il detecte + d'antivirus je dois reprendre avast?

V-X · Answer

Re,

Et passe malwarebyte en scan complet

V-X · Answer

Re,

Oui le beagle a manger ton antivirus.

&#x25B6 Je te conseil D'installer cet Antivirus:

ANTIVIR

&#x25B6 Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches. 

&#x25B6 Dans Antivir, choisis Outils puis Configuration.

&#x25B6 Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.

christorock · Answer

je vais le faire recraché moi lol oui, depuis 25min il scan le disque dur c: et il a rien detecter depuis

christorock · Answer

Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1629
Windows 6.0.6001 Service Pack 1

08/01/2009 00:20:55
mbam-log-2009-01-08 (00-20-55).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 152292
Temps écoulé: 34 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

V-X · Answer

Re,

&#x25B6 Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

&#x25B6 Double clique sur RSIT.exe pour lancer l'outil.

&#x25B6 Clique sur ' continue ' à l'écran Disclaimer.

&#x25B6 Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

&#x25B6 Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

christorock · Answer

Logfile of random's system information tool 1.05 (written by random/random)
Run by christopher at 2009-01-08 00:25:37
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
System drive C: has 88 GB (59%) free of 148 GB
Total RAM: 2815 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:25:42, on 08/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32
vraidservice.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\WebcamMax\CAMTHINS.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Alwil Software\Avast4\aswRunDll.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Windows\system32\werfault.exe
C:\Windows\system32\Dwm.exe
C:\Users\christopher\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\christopher.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: eCATRegistrar Class - {02336F51-24CA-4422-AB63-18841ADF35E6} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\ONSPEED\PBHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ONSPEED - {4BC3AC04-3E56-411D-B465-4FEA06654611} - (no file)
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32
vraidservice.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\CAMTHINS.exe" /m
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeedgui.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - Logitech Inc. - (no file)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32
vvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

christorock · Answer

info.txt logfile of random's system information tool 1.05 2009-01-08 00:25:45 ======Uninstall list====== 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} Acer Arcade Live Main Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\SETUP.exe" -uninstall Acer DV Magician-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6EFFB76-4A07-11DA-9D78-000129760D75}\SETUP.exe" -uninstall Acer DVDivine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\SETUP.exe" -uninstall Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -runfromtemp -l0x040c -removeonly Acer ePerformance Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}\setup.exe" -l0x40c -removeonly Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -runfromtemp -l0x040c -removeonly Acer GameZone Console DTV 2.0.1.1-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe" Acer HomeMedia Connect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}\SETUP.exe" -uninstall Acer HomeMedia Trial Creator-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B580C409-E16F-44FF-904D-3AE94E113BE0}\SETUP.EXE" -uninstall Acer HomeMedia-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\SETUP.exe" -uninstall Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly Acer SlideShow DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41581EF5-45A7-11DA-9D78-000129760D75}\SETUP.exe" -uninstall Acer VideoMagician-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\SETUP.exe" -uninstall Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E} Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8} Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0} Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191} Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02} Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4} Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F} Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100} Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D} Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF} Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683} Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A} Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C} Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5} Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972} Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794} Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67} Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C} Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C} Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A} Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353} Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD} Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1 Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494} Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623} Adobe Photoshop Lightroom 2.1-->MsiExec.exe /I{42A96544-2842-444E-8A27-A61848DDEC87} Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA} Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7} Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23} Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230} Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF} Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739} AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4} AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4} Agatha Christie Death on the Nile-->"C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\Uninstall.exe" "C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\install.log" Alice Greenfingers-->"C:\Program Files\Acer GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files\Acer GameZone\Alice Greenfingers\install.log" Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\unins000.exe" AVS Video Tools 5.6-->"C:\Program Files\AVSMedia\VideoTools\unins000.exe" Azada-->"C:\Program Files\Acer GameZone\Azada\Uninstall.exe" "C:\Program Files\Acer GameZone\Azada\install.log" Backspin Billiards-->"C:\Program Files\Acer GameZone\Backspin Billiards\Uninstall.exe" "C:\Program Files\Acer GameZone\Backspin Billiards\install.log" Big Kahuna Reef-->"C:\Program Files\Acer GameZone\Big Kahuna Reef\Uninstall.exe" "C:\Program Files\Acer GameZone\Big Kahuna Reef\install.log" Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe" Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} Bricks of Egypt-->"C:\Program Files\Acer GameZone\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Acer GameZone\Bricks of Egypt\install.log" Cake Mania-->"C:\Program Files\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files\Acer GameZone\Cake Mania\install.log" Chicken Invaders 3-->"C:\Program Files\Acer GameZone\Chicken Invaders 3\Uninstall.exe" "C:\Program Files\Acer GameZone\Chicken Invaders 3\install.log" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Chuzzle-->"C:\Program Files\Acer GameZone\Chuzzle\Uninstall.exe" "C:\Program Files\Acer GameZone\Chuzzle\install.log" Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D} Diner Dash Flo on the Go-->"C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\Uninstall.exe" "C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\install.log" eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x040c FindyKill-->C:\Program Files\FindyKill\Uninstal.exe Free Video Converter V 1.4-->"C:\Program Files\Free Video Converter\unins000.exe" Frets On Fire-->"C:\Program Files\Frets on Fire\Uninstall.exe" Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068} Google Gears-->MsiExec.exe /I{95774351-6087-3A3B-8CA8-70BEE49D2BD5} Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Internet Speed Booster 1.0.0.0-->"C:\Program Files\Robust.ws\Internet Speed Booster\unins000.exe" iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371} Jewel Quest Solitaire-->"C:\Program Files\Acer GameZone\Jewel Quest Solitaire\Uninstall.exe" "C:\Program Files\Acer GameZone\Jewel Quest Solitaire\install.log" Kick N Rush-->"C:\Program Files\Acer GameZone\Kick N Rush\Uninstall.exe" "C:\Program Files\Acer GameZone\Kick N Rush\install.log" kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243} Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876} Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A} Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A} Mahjong Escape Ancient China-->"C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\install.log" Mahjongg Artifacts-->"C:\Program Files\Acer GameZone\Mahjongg Artifacts\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjongg Artifacts\install.log" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" MessengerDiscovery Live 1.4.5408-->"C:\Program Files\MessengerDiscovery\unins000.exe" Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C} Modem Booster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B840B57-B667-11D5-80AA-0000B494D9A6}\Setup.exe" -l0x9 Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Mystery Case Files - Huntsville-->"C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\install.log" Mystery Solitaire - Secret Island-->"C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\install.log" NTI Backup NOW! 4.7-->C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe -runfromtemp -l0x040c NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7 NVIDIA Drivers-->C:\Windows\system32 vuninst.exe UninstallGUI ONSPEED-->C:\Program Files\ONSPEED\uninstall\uninstall.exe Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F} PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9} PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe" Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8} QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} RegCure 1.5.0.0-->C:\Program Files\RegCure\uninst.exe resident evil 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFFCDB41-C2DA-47D6-96FF-03C05C0BEA22}\install.exe" -l0x40c -removeonly RocketDock 1.3.5-->"F:\RocketDock\unins000.exe" SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B} Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} SPORE™-->"C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x040c -removeonly Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434} TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357} Turbo Pizza-->"C:\Program Files\Acer GameZone\Turbo Pizza\Uninstall.exe" "C:\Program Files\Acer GameZone\Turbo Pizza\install.log" Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498} Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe WebcamMax-->"C:\Program Files\WebcamMax\uninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe" Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D} Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A} Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe Zuma Deluxe-->"C:\Program Files\Acer GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Zuma Deluxe\install.log" ======Security center information====== AS: Spybot - Search and Destroy (disabled) (outdated) AS: Windows Defender System event log Computer Name: PC-de-christo Event Code: 7036 Message: Le service Windows Update est entré dans l'état : en cours d'exécution. Record Number: 27823 Source Name: Service Control Manager Time Written: 20090107223523.000000-000 Event Type: Information User: Computer Name: PC-de-christo Event Code: 10029 Message: DCOM a démarré le service TrustedInstaller avec les arguments « » de façon à exécuter le serveur : {752073A1-23F2-4396-85F0-8FDB879ED0ED} Record Number: 27824 Source Name: Microsoft-Windows-DistributedCOM Time Written: 20090107223615.000000-000 Event Type: Information User: Computer Name: PC-de-christo Event Code: 7036 Message: Le service Programme d’installation de modules Windows est entré dans l'état : en cours d'exécution. Record Number: 27825 Source Name: Service Control Manager Time Written: 20090107223616.000000-000 Event Type: Information User: Computer Name: PC-de-christo Event Code: 7036 Message: Le service Programme d’installation de modules Windows est entré dans l'état : arrêté. Record Number: 27826 Source Name: Service Control Manager Time Written: 20090107224616.000000-000 Event Type: Information User: Computer Name: PC-de-christo Event Code: 7036 Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté. Record Number: 27827 Source Name: Service Control Manager Time Written: 20090107224945.000000-000 Event Type: Information User: Application event log Computer Name: PC-de-christo Event Code: 3013 Message: Impossible de mettre à jour l'entrée dans la configuration de hachage. Contexte : Application , Catalogue SystemIndex Détails : Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f) Record Number: 26478 Source Name: Microsoft-Windows-Search Time Written: 20090107223519.000000-000 Event Type: Erreur User: Computer Name: PC-de-christo Event Code: 3013 Message: Impossible de mettre à jour l'entrée dans la configuration de hachage. Contexte : Application , Catalogue SystemIndex Détails : Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f) Record Number: 26479 Source Name: Microsoft-Windows-Search Time Written: 20090107223519.000000-000 Event Type: Erreur User: Computer Name: PC-de-christo Event Code: 1 Message: Le service Centre de sécurité Windows a démarré. Record Number: 26480 Source Name: SecurityCenter Time Written: 20090107223520.000000-000 Event Type: Information User: Computer Name: PC-de-christo Event Code: 3013 Message: Impossible de mettre à jour l'entrée dans la configuration de hachage. Contexte : Application , Catalogue SystemIndex Détails : Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f) Record Number: 26481 Source Name: Microsoft-Windows-Search Time Written: 20090107224536.000000-000 Event Type: Erreur User: Computer Name: PC-de-christo Event Code: 5 Message: Unsupported service control request (see data below) Record Number: 26482 Source Name: LightScribeService Time Written: 20090107232545.000000-000 Event Type: Information User: Security event log Computer Name: PC-de-christo Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\mbamswissarmy.sys Record Number: 4817 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090107224203.023840-000 Event Type: Échec de l'audit User: Computer Name: PC-de-christo Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Program Files\Alwil Software\Avast4\Setup\INF\aswSP.sys Record Number: 4818 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090107225025.249840-000 Event Type: Échec de l'audit User: Computer Name: PC-de-christo Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Program Files\Alwil Software\Avast4\Setup\INF\aswSP.sys Record Number: 4819 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090107225025.293840-000 Event Type: Échec de l'audit User: Computer Name: PC-de-christo Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Program Files\Alwil Software\Avast4\Setup\INF\aswSP.sys Record Number: 4820 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090107225025.315840-000 Event Type: Échec de l'audit User: Computer Name: PC-de-christo Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Program Files\Alwil Software\Avast4\Setup\INF\aswSP.sys Record Number: 4821 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090107225025.336840-000 Event Type: Échec de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Acer\Empowering Technology\eDataSecurity\;C:\Acer\Empowering Technology\eDataSecurity\x86;C:\Acer\Empowering Technology\eDataSecurity\x64;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Samsung\Samsung PC Studio 3\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip -----------------EOF-----------------

V-X · Answer

Re,

&#x25B6 Télécharge UsbFix (de Chiquitine29) sur ton Bureau :

&#x25B6 Lance l'installation avec les paramètres par défaut.

&#x25B6 Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.

&#x25B6 Double-clique sur le raccourci UsbFix sur ton Bureau.

&#x25B6 Choisit l'option 1

&#x25B6 Le PC va redémarrer.

&#x25B6 Après redémarrage, poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

christorock · Answer

-------------- UsbFix V2.413.9 --------------- * User : christopher - PC-DE-CHRISTO * Outils mis a jours le 05/01/2009 par Chiquitine29 et Chimay8 * Recherche effectuée à 0:43:03 le 08/01/2009 * Windows Vista - Internet Explorer 7.0.6001.18000 --------------- [ Processus actifs ] ---------------- C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32 vvsvc.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\LogonUI.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32 undll32.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Windows\system32\svchost.exe C:\Windows\system32\userinit.exe C:\Windows\system32\Dwm.exe C:\Windows\system32 askeng.exe C:\Windows\Explorer.EXE C:\Windows\system32 askeng.exe C:\Windows\system32 askeng.exe C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Windows\system32 undll32.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32 unonce.exe C:\Windows\system32\conime.exe --------------- [ Informations lecteurs ] ---------------- C: - Lecteur fixe D: - Lecteur fixe E: - Lecteur fixe F: - Lecteur fixe --------------- [ Lecteur C ] ---------------- C: - Lecteur fixe +- Listing des fichiers présents : [18/09/2006 22:43][--a------] C:\autoexec.bat [07/01/2009 23:16][--a------] C:\ComboFix.txt [07/01/2009 23:16][--a------] C:\FindyKill.txt [07/01/2009 23:16][--a------] C:\MDL 2.0 Debug.txt [07/01/2009 23:16][--a------] C:\UsbFix.txt [18/09/2006 22:43][--a------] C:\config.sys [18/09/2006 22:43][--a------] C:\hiberfil.sys [18/09/2006 22:43][--a------] C:\pagefile.sys --------------- [ Lecteur D ] ---------------- D: - Lecteur fixe +- Listing des fichiers présents : [12/04/2008 12:54][--a------] D:\AUTOEXEC.BAT [02/03/2006 13:00][-rahs----] D:\NTDETECT.COM [19/06/2008 05:55][-r-hs----] D:\boot.ini [18/06/2008 03:10][-rah-----] D:\RTHDCPL_Dump.txt [12/04/2008 12:54][--a------] D:\CONFIG.SYS [12/04/2008 12:54][--a------] D:\IO.SYS [12/04/2008 12:54][--a------] D:\MSDOS.SYS [12/04/2008 12:54][--a------] D:\pagefile.sys --------------- [ Lecteur E ] ---------------- E: - Lecteur fixe +- Listing des fichiers présents : --------------- [ Lecteur F ] ---------------- F: - Lecteur fixe +- Listing des fichiers présents : --------------- [ Registre / Startup ] ---------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\Windows\system32\userinit.exe," [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion un] SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background HKEY_CURRENT_USER\software\microsoft\windows\currentversion un\AdobeUpdater= = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion un] Acer Empowering Technology Monitor=C:\Acer\Empowering Technology\SysMonitor.exe eDataSecurity Loader=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe PCMMediaSharing=C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe mcagent_exe=C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey NVRaidService=C:\Windows\system32 vraidservice.exe AdobeCS4ServiceManager="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin NvCplDaemon=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup NvMediaCenter=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit LogitechCommunicationsManager="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" LogitechQuickCamRibbon="C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide WebcamMaxMoniter="C:\Program Files\WebcamMax\CAMTHINS.exe" /m avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe SlipStream="C:\Program Files\ONSPEED\onspeedcore.exe" avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un\OptionalComponents= = HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un\OptionalComponents\IMAIL= Installed=1 = HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un\OptionalComponents\MAPI= NoChange=1 Installed=1 = HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un\OptionalComponents\MSFS= Installed=1 = --------------- [ Registre / Mountpoint2 ] ---------------- -> Recherche négative. --------------- [ Nettoyage des disques ] ---------------- Supprimé ! - [22/05/2008 02:49][--ahs----] E:\THUMBS.DB --------------- [ Resumé ] ---------------- -> /!\ Le resultat doit etre interprété par un spécialiste /!\ [18/09/2006 22:43][--a------] C:\autoexec.bat [12/04/2008 12:54][--a------] D:\AUTOEXEC.BAT [02/03/2006 13:00][-rahs----] D:\NTDETECT.COM [19/06/2008 05:55][-r-hs----] D:\boot.ini --------------- [ Vaccination ] ---------------- C:\autorun.inf -> Dossier autorun.inf crée par UsbFix ! D:\autorun.inf -> Dossier autorun.inf crée par UsbFix ! E:\autorun.inf -> Dossier autorun.inf crée par UsbFix ! F:\autorun.inf -> Dossier autorun.inf crée par UsbFix ! --------------- ! Fin du rapport ! ----------------

V-X · Answer

Re,

Peut tu redémarrer ton pc et refaire un log avec rsit et le poster en deux fois.

merci

christorock · Answer

d'accord

christorock · Answer

Logfile of random's system information tool 1.05 (written by random/random)
Run by christopher at 2009-01-08 00:57:02
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
System drive C: has 87 GB (59%) free of 148 GB
Total RAM: 2815 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:57:22, on 08/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32
vraidservice.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\WebcamMax\CAMTHINS.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\christopher\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\christopher.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: eCATRegistrar Class - {02336F51-24CA-4422-AB63-18841ADF35E6} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\ONSPEED\PBHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ONSPEED - {4BC3AC04-3E56-411D-B465-4FEA06654611} - (no file)
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32
vraidservice.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\CAMTHINS.exe" /m
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeedgui.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - Logitech Inc. - (no file)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32
vvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

V-X · Answer

Re,

Le même rapport mais coupe le en deux et poste l'ai.

Il ne passe pas complétement sur le forum.

merci

christorock · Answer

Donc voila mais je suis desoler mais je vais devoir te laisser. en tout ka  jte dis merci pour tout ce que tu ma fais c'est tres genille merci bocoup pour ton aide sérieux =) passe une bone soirer. a++

christorock · Answer

Logfile of random's system information tool 1.05 (written by random/random)
Run by christopher at 2009-01-08 01:04:01
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
System drive C: has 87 GB (59%) free of 148 GB
Total RAM: 2815 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:04:07, on 08/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32
vraidservice.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\WebcamMax\CAMTHINS.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\christopher\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\christopher.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: eCATRegistrar Class - {02336F51-24CA-4422-AB63-18841ADF35E6} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\ONSPEED\PBHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ONSPEED - {4BC3AC04-3E56-411D-B465-4FEA06654611} - (no file)
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32
vraidservice.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\CAMTHINS.exe" /m
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeedgui.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - Logitech Inc. - (no file)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32
vvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

V-X · Answer

Re,

C'est pas fini il en reste ....

Reposte demain le même rapport et en deux fois cette fois ci.

A++

christorock · Answer

2008-12-16 14:49:55 ----A---- C:\Windows\system32\iertutil.dll
2008-12-16 14:49:54 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-16 14:49:46 ----A---- C:\Windows\system32
etapi32.dll
2008-12-16 14:49:43 ----A---- C:\Windows\system32\emdmgmt.dll
2008-12-16 14:49:43 ----A---- C:\Windows\system32\dataclen.dll
2008-12-16 14:49:42 ----A---- C:\Windows\system32\cdd.dll
2008-12-16 14:49:35 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-16 14:49:32 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-16 14:49:32 ----A---- C:\Windows\system32\gameux.dll
2008-12-16 14:49:29 ----A---- C:\Windows\system32\wmpeffects.dll
2008-12-16 14:49:27 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-12-16 14:49:27 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-12-16 14:49:27 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-12-16 14:49:22 ----A---- C:\Windows\system32\wersvc.dll
2008-12-16 14:49:22 ----A---- C:\Windows\system32\Faultrep.dll
2008-12-16 14:49:20 ----A---- C:\Windows\system32\win32spl.dll
2008-12-16 14:49:18 ----A---- C:\Windows\explorer.exe
2008-12-16 14:49:17 ----A---- C:\Windows\system32\connect.dll
2008-12-16 14:49:08 ----A---- C:\Windows\system32\inetcomm.dll
2008-12-16 14:48:31 ----D---- C:\Users\christopher\AppData\Roaming\TuneUp Software
2008-12-16 14:48:13 ----A---- C:\Windows\system32\quartz.dll
2008-12-16 14:48:12 ----A---- C:\Windows\system32\msxml6.dll
2008-12-16 14:48:07 ----A---- C:\Windows\system32
tkrnlpa.exe
2008-12-16 14:48:06 ----A---- C:\Windows\system32
toskrnl.exe
2008-12-16 14:43:01 ----D---- C:\Windows\Acer_Wide
2008-12-16 14:43:01 ----D---- C:\Program Files\Acer Inc
2008-12-16 14:43:01 ----A---- C:\Windows\Acer(Wide).ini
2008-12-16 14:43:01 ----A---- C:\Windows\Acer(Normal).ini
2008-12-16 14:42:31 ----D---- C:\Windows\Acer_Normal
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerzht.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerzhc.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServertr.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerth.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServersv.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServersl.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServersk.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerru.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerptb.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerpt.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerpl.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerno.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServernl.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerko.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerja.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerit.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerhu.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerhe.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerfr.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerfi.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServeres.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerenu.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServereng.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerel.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerde.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerda.dll
2008-12-16 14:41:14 ----A---- C:\Windows\system32\NvRaidServercs.dll
2008-12-16 14:41:14 ----A---- C:\Windows\system32\NvRaidServerar.dll
2008-12-16 14:41:14 ----A---- C:\Windows\system32\NvRaidServer.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionzht.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionzhc.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectiontr.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionth.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionsv.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionsl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionsk.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionru.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionptb.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionpt.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionpl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionno.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionnl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionko.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionja.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardzht.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardzhc.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardtr.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardth.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardsv.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardsl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardsk.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardru.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardptb.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardpt.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardpl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardno.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardnl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardko.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardja.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvzht.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvzhc.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvtr.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvth.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvsv.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvsl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvsk.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvru.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvptb.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvpt.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvpl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvno.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvnl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvko.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvja.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionit.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionhu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionhe.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionfr.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionfi.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectiones.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionenu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectioneng.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionel.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionde.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionda.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectioncs.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionar.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32
vsataconnection.exe
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardit.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardhu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardhe.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardfr.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardfi.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardes.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardenu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardeng.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardel.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardde.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardda.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardcs.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardar.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvit.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvhu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvhe.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvfr.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvfi.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSves.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvenu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSveng.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvel.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvde.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvda.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvcs.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvar.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32
vraidservice.exe
2008-12-16 14:41:11 ----A---- C:\Windows\system32\NvRaidWizard.dll
2008-12-16 14:39:51 ----D---- C:\Users\christopher\AppData\Roaming\Macromedia
2008-12-16 14:39:51 ----D---- C:\Users\christopher\AppData\Roaming\Adobe
2008-12-16 14:38:52 ----A---- C:\Windows\system32\Remove_eRecovery.exe
2008-12-16 14:38:52 ----A---- C:\Windows\system32\LauncheRyAgentUser.exe
2008-12-16 14:38:52 ----A---- C:\Windows\system32\ClearEvent.exe
2008-12-16 14:38:52 ----A---- C:\Windows\system32\CheckD2DSystem.exe
2008-12-16 14:38:52 ----A---- C:\Windows\system32\Acer EULA.txt
2008-12-16 14:38:19 ----D---- C:\Program Files\ATI
2008-12-16 14:37:18 ----SHD---- C:\$RECYCLE.BIN
2008-12-16 14:36:59 ----D---- C:\Users\christopher\AppData\Roaming\Identities
2008-12-16 14:36:23 ----SD---- C:\Users\christopher\AppData\Roaming\Microsoft
2008-12-16 14:36:23 ----D---- C:\Users\christopher\AppData\Roaming\Media Center Programs
2008-12-16 14:36:23 ----D---- C:\Users\christopher\AppData\Roaming\Acer GameZone Console
2008-12-16 14:33:31 ----A---- C:\Windows\system32\wups2.dll
2008-12-16 14:33:31 ----A---- C:\Windows\system32\wucltux.dll
2008-12-16 14:33:31 ----A---- C:\Windows\system32\wuaueng.dll
2008-12-16 14:33:31 ----A---- C:\Windows\system32\wuauclt.exe
2008-12-16 14:33:21 ----A---- C:\Windows\system32\wups.dll
2008-12-16 14:33:21 ----A---- C:\Windows\system32\wudriver.dll
2008-12-16 14:33:21 ----A---- C:\Windows\system32\wuapi.dll
2008-12-16 14:33:16 ----A---- C:\Windows\system32\wuwebv.dll
2008-12-16 14:33:16 ----A---- C:\Windows\system32\wuapp.exe
2008-12-16 14:32:49 ----SHD---- C:\ProgramData\Modèles
2008-12-16 14:32:49 ----SHD---- C:\ProgramData\Menu Démarrer
2008-12-16 14:32:49 ----SHD---- C:\ProgramData\Favoris
2008-12-16 14:32:49 ----SHD---- C:\ProgramData\Bureau
2008-12-16 14:32:49 ----SHD---- C:\Program Files\Fichiers communs
2008-12-16 14:29:17 ----D---- C:\Windows\SoftwareDistribution

======List of files/folders modified in the last 1 months======

2009-01-08 01:04:04 ----D---- C:\Windows\Temp
2009-01-08 00:41:06 ----D---- C:\Program Files
2009-01-08 00:34:35 ----D---- C:\Windows\system32\drivers
2009-01-08 00:34:33 ----D---- C:\ProgramData
2009-01-08 00:33:36 ----SHD---- C:\System Volume Information
2009-01-07 23:45:02 ----D---- C:\Windows\system
2009-01-07 23:17:31 ----D---- C:\Windows\system32\NDF
2009-01-07 23:16:55 ----D---- C:\Windows\system32\fr-FR
2009-01-07 23:16:55 ----D---- C:\Windows\System32
2009-01-07 23:16:53 ----D---- C:\Windows
2009-01-07 23:15:33 ----A---- C:\Windows\system.ini
2009-01-07 23:14:32 ----D---- C:\Windows\AppPatch
2009-01-07 23:14:32 ----D---- C:\Program Files\Common Files
2009-01-07 23:12:59 ----D---- C:\Windows\system32\catroot2
2009-01-07 22:41:41 ----D---- C:\Windows\system32\WDI
2009-01-07 16:19:48 ----D---- C:\Windows\system32\Tasks
2009-01-07 15:42:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-07 15:42:10 ----D---- C:\Windows\inf
2009-01-02 23:53:49 ----SHD---- C:\Windows\Installer
2009-01-02 17:58:09 ----D---- C:\Windows\Prefetch
2009-01-02 17:52:29 ----D---- C:\Windows\Tasks
2009-01-02 03:57:26 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-31 03:22:22 ----SHD---- C:\Boot
2008-12-31 03:22:21 ----D---- C:\Windows\system32\config
2008-12-29 13:14:38 ----A---- C:\Windows\win.ini
2008-12-29 13:14:30 ----RSD---- C:\Windows\Fonts
2008-12-29 13:13:27 ----D---- C:\Windows\ShellNew
2008-12-29 12:06:25 ----D---- C:\Windows\Help
2008-12-29 12:05:30 ----RSD---- C:\Windows\Media
2008-12-29 12:05:21 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-29 12:05:14 ----D---- C:\Program Files\Common Files\System
2008-12-29 12:04:31 ----D---- C:\Windows\MSAgent
2008-12-29 00:50:28 ----D---- C:\Windows\Microsoft.NET
2008-12-29 00:50:17 ----RSD---- C:\Windows\assembly
2008-12-28 19:32:20 ----D---- C:\Windows\winsxs
2008-12-28 19:29:58 ----D---- C:\Windows\system32\catroot
2008-12-28 17:24:46 ----D---- C:\Windowsescache
2008-12-28 17:06:29 ----D---- C:\Windows\system32\XPSViewer
2008-12-28 17:06:29 ----D---- C:\Windows\system32\wbem
2008-12-28 17:06:29 ----D---- C:\Windows\system32\en-US
2008-12-28 08:44:24 ----RD---- C:\Users
2008-12-28 01:46:37 ----D---- C:\Windows	wain_32
2008-12-27 00:22:05 ----D---- C:\ProgramData\Adobe
2008-12-27 00:21:57 ----D---- C:\Program Files\Common Files\Adobe
2008-12-27 00:21:57 ----D---- C:\Program Files\Adobe
2008-12-24 08:50:03 ----D---- C:\Program Files\McAfee
2008-12-22 01:08:11 ----A---- C:\Windows\DIFxAPI.dll
2008-12-22 00:11:33 ----D---- C:\ProgramData\NVIDIA
2008-12-19 00:20:11 ----D---- C:\Windows\Logs
2008-12-16 23:46:37 ----D---- C:\ProgramData\Microsoft Help
2008-12-16 23:41:51 ----D---- C:\Program Files\Microsoft Works
2008-12-16 19:34:18 ----D---- C:\Windows\system32\LogFiles
2008-12-16 19:15:41 ----D---- C:\ProgramData\Microsoft
2008-12-16 16:34:47 ----D---- C:\Program Files\Internet Explorer
2008-12-16 15:15:18 ----D---- C:\Windows\ehome
2008-12-16 15:15:18 ----D---- C:\Program Files\Windows Mail
2008-12-16 15:15:14 ----D---- C:\Windows\PolicyDefinitions
2008-12-16 15:15:09 ----D---- C:\Windows\system32\migration
2008-12-16 15:15:08 ----D---- C:\Windows\system32\Boot
2008-12-16 15:09:17 ----D---- C:\Windows\Debug
2008-12-16 14:46:48 ----A---- C:\Windows\Alaunch.ini
2008-12-16 14:46:38 ----D---- C:\AcerSW
2008-12-16 14:45:19 ----D---- C:\ProgramData\SiteAdvisor
2008-12-16 14:40:06 ----D---- C:\ProgramData\McAfee
2008-12-16 14:33:01 ----D---- C:\Windows\system32estore
2008-12-16 14:32:49 ----D---- C:\Program Files\Windows NT
2008-12-16 14:29:28 ----D---- C:\Windows\Panther
2008-12-09 15:24:38 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-11-26 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-11-26 51792]
R2 CamthWDM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\CamthWDM.sys [2008-12-18 1051136]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R2 tvicport;tvicport; \??\C:\Windows\system32\drivers	vicport.sys [2007-11-06 14544]
R2 zntport;zntport; \??\C:\Windows\system32\drivers\zntport.sys [2007-11-06 6080]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 LVUVC;Logitech QuickCam S5500(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2008-07-26 4658584]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-03-21 6144]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS
vmfdx32.sys [2007-11-18 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS
vlddmkm.sys [2008-12-02 7643904]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS
vsmu.sys [2007-07-07 12032]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 catchme;catchme; \??\C:\killbagle\catchme.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2007-11-22 79304]
S3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2007-11-22 35240]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2007-12-02 40488]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVHDA;Service for NVIDIA HDMI Audio Driver; C:\Windows\system32\drivers
vhda32v.sys [2007-07-16 30752]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-06-13 247808]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448]
R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2007-10-17 28672]
R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-10-08 203280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32
vvsvc.exe [2008-12-02 207392]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
S2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-01-06 767976]
S2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-01-06 2458128]
S2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-01-06 359248]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-01-06 144704]
S2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-01-06 23880]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-19 655624]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-01-06 695624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-12-19 362240]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
S4 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
S4 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]

-----------------EOF-----------------

christorock · Answer

voila je les faits il me restera koi a faire?

V-X · Answer

Re,

Cherche ce fichier la=>C:\Program Files\RegCure  et supprime le .

&#x25B6 Télécharge  sur ton bureau MSNFix

&#x25B6  Enregistrez le fichier sur votre bureau.
    
&#x25B6 Ne pas double-cliquer sur le fichier
    
&#x25B6 Faites un clic droit sur le fichier puis Extraire tout, le but étant de récupérer un dossier MSNFix 

&#x25B6 Double-cliquez sur le dossier MSNFix afin de l'ouvrir
    
&#x25B6 Vous trouverez dedans un nouveau dossier ainsi qu'un fichier MSNFix.bat (le .bat peut ne pas apparaître chez vous).
    
&#x25B6 Double-cliquez sur MSNFix.bat

&#x25B6 Exécute l'option R.
Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage.

Note : Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur.

- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.t, poste-le.

V-X · Answer

RE,

Fait le poste 58.

A++

christorock · Answer

reuh, si tu est la c'est juste pourte dire qu'il me met sur accés refuser sur 9 ligne.

christorock · Answer

non, enfaite c'etait parce que le controle de compte d'utilisateur a eté activer donc j'ai du le desactivé maintenant la sa scan

christorock · Answer

re, cetai pour te dire que le logiciel que tu ma passer ne marche pas msnfix

V-X · Answer

Re,

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :

:files
c:\windows\ieudinit.exe
C:\Program Files\RegCure 
C:\Windows	asks\RegCure.job 

:commands
[purity]
[emptytemp]
[reboot] 



---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

christorock · Answer

========== FILES ==========
c:\windows\ieudinit.exe moved successfully.
File/Folder C:\Program Files\RegCure not found.
C:\Windows	asks\RegCure.job moved successfully.
========== COMMANDS ==========
File delete failed. C:\Users\CHRIST~1\AppData\Local\Temp\etilqs_So7zqPZWGs3dBDyZLOhb scheduled to be deleted on reboot.
File delete failed. C:\Users\CHRIST~1\AppData\Local\Temp\~DF6CF5.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\CHRIST~1\AppData\Local\Temp\~DF7C5B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\CHRIST~1\AppData\Local\Temp\~DFD4BC.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows	emp\logishrd\LVPrcInj01.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows	emp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows	emp\CLDigitalHome\PCMMediaServer.log scheduled to be deleted on reboot.
File delete failed. C:\Windows	emp\sqlite_LTBVrVeRBR8GKPE scheduled to be deleted on reboot.
File delete failed. C:\Windows	emp\sqlite_SchH6zn10ReLUMD scheduled to be deleted on reboot.
File delete failed. C:\Windows	emp\sqlite_u7SGv7nmpECeffI scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
 
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01082009_192523

Files moved on Reboot...
File C:\Users\CHRIST~1\AppData\Local\Temp\etilqs_So7zqPZWGs3dBDyZLOhb not found!
C:\Users\CHRIST~1\AppData\Local\Temp\~DF6CF5.tmp moved successfully.
C:\Users\CHRIST~1\AppData\Local\Temp\~DF7C5B.tmp moved successfully.
C:\Users\CHRIST~1\AppData\Local\Temp\~DFD4BC.tmp moved successfully.
DllUnregisterServer procedure not found in C:\Windows	emp\logishrd\LVPrcInj01.dll
C:\Windows	emp\logishrd\LVPrcInj01.dll NOT unregistered.
File move failed. C:\Windows	emp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File move failed. C:\Windows	emp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows	emp\CLDigitalHome\PCMMediaServer.log scheduled to be moved on reboot.
C:\Windows	emp\sqlite_LTBVrVeRBR8GKPE moved successfully.
C:\Windows	emp\sqlite_SchH6zn10ReLUMD moved successfully.
C:\Windows	emp\sqlite_u7SGv7nmpECeffI moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_001_ moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_002_ moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_003_ moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\urlclassifier3.sqlite moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\XUL.mfl moved successfully.

V-X · Answer

Re,

Redémarre ton pc normalement et refait un rapport avec RSIT.

Tu le poste en deux fois comme hier STP

christorock · Answer

d'accord dsl du retard jetai entrain de mangé

christorock · Answer

parcontre je vais devoir couper en 2 le post

christorock · Answer

Logfile of random's system information tool 1.05 (written by random/random)
Run by christopher at 2009-01-08 20:04:22
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
System drive C: has 86 GB (58%) free of 148 GB
Total RAM: 2815 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:04:30, on 08/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32
vraidservice.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\WebcamMax\CAMTHINS.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Users\christopher\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\christopher.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: eCATRegistrar Class - {02336F51-24CA-4422-AB63-18841ADF35E6} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\ONSPEED\PBHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ONSPEED - {4BC3AC04-3E56-411D-B465-4FEA06654611} - (no file)
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32
vraidservice.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\CAMTHINS.exe" /m
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeedgui.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - Logitech Inc. - (no file)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32
vvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

christorock · Answer

2008-12-16 14:51:44 ----A---- C:\Windows\system32\wshext.dll
2008-12-16 14:51:44 ----A---- C:\Windows\system32\wscript.exe
2008-12-16 14:51:44 ----A---- C:\Windows\system32\scrrun.dll
2008-12-16 14:51:44 ----A---- C:\Windows\system32\scrobj.dll
2008-12-16 14:51:44 ----A---- C:\Windows\system32\cscript.exe
2008-12-16 14:51:41 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-12-16 14:51:37 ----A---- C:\Windows\system32pcrt4.dll
2008-12-16 14:51:35 ----A---- C:\Windows\system32\pacerprf.dll
2008-12-16 14:51:33 ----A---- C:\Windows\system32\es.dll
2008-12-16 14:51:15 ----A---- C:\Windows\system32\msxml3.dll
2008-12-16 14:51:08 ----A---- C:\Windows\system32\kd1394.dll
2008-12-16 14:51:07 ----A---- C:\Windows\system32\winload.exe
2008-12-16 14:51:07 ----A---- C:\Windows\system32\ci.dll
2008-12-16 14:51:05 ----A---- C:\Windows\system32\winresume.exe
2008-12-16 14:50:49 ----A---- C:\Windows\system32\srcore.dll
2008-12-16 14:50:48 ----A---- C:\Windows\system32\srclient.dll
2008-12-16 14:50:48 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-12-16 14:50:48 ----A---- C:\Windows\system32strui.exe
2008-12-16 14:50:47 ----A---- C:\Windows\system32\srdelayed.exe
2008-12-16 14:50:46 ----A---- C:\Windows\system32\kbd106n.dll
2008-12-16 14:50:21 ----A---- C:\Windows\system32\shell32.dll
2008-12-16 14:50:10 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-16 14:50:10 ----A---- C:\Windows\system32\mf.dll
2008-12-16 14:50:08 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-16 14:50:07 ----A---- C:\Windows\system32\logagent.exe
2008-12-16 14:49:58 ----A---- C:\Windows\system32\ieframe.dll
2008-12-16 14:49:57 ----A---- C:\Windows\system32\wininet.dll
2008-12-16 14:49:57 ----A---- C:\Windows\system32\urlmon.dll
2008-12-16 14:49:55 ----A---- C:\Windows\system32\mstime.dll
2008-12-16 14:49:55 ----A---- C:\Windows\system32\iertutil.dll
2008-12-16 14:49:54 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-16 14:49:46 ----A---- C:\Windows\system32
etapi32.dll
2008-12-16 14:49:43 ----A---- C:\Windows\system32\emdmgmt.dll
2008-12-16 14:49:43 ----A---- C:\Windows\system32\dataclen.dll
2008-12-16 14:49:42 ----A---- C:\Windows\system32\cdd.dll
2008-12-16 14:49:35 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-16 14:49:32 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-16 14:49:32 ----A---- C:\Windows\system32\gameux.dll
2008-12-16 14:49:29 ----A---- C:\Windows\system32\wmpeffects.dll
2008-12-16 14:49:27 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-12-16 14:49:27 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-12-16 14:49:27 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-12-16 14:49:22 ----A---- C:\Windows\system32\wersvc.dll
2008-12-16 14:49:22 ----A---- C:\Windows\system32\Faultrep.dll
2008-12-16 14:49:20 ----A---- C:\Windows\system32\win32spl.dll
2008-12-16 14:49:18 ----A---- C:\Windows\explorer.exe
2008-12-16 14:49:17 ----A---- C:\Windows\system32\connect.dll
2008-12-16 14:49:08 ----A---- C:\Windows\system32\inetcomm.dll
2008-12-16 14:48:31 ----D---- C:\Users\christopher\AppData\Roaming\TuneUp Software
2008-12-16 14:48:13 ----A---- C:\Windows\system32\quartz.dll
2008-12-16 14:48:12 ----A---- C:\Windows\system32\msxml6.dll
2008-12-16 14:48:07 ----A---- C:\Windows\system32
tkrnlpa.exe
2008-12-16 14:48:06 ----A---- C:\Windows\system32
toskrnl.exe
2008-12-16 14:43:01 ----D---- C:\Windows\Acer_Wide
2008-12-16 14:43:01 ----D---- C:\Program Files\Acer Inc
2008-12-16 14:43:01 ----A---- C:\Windows\Acer(Wide).ini
2008-12-16 14:43:01 ----A---- C:\Windows\Acer(Normal).ini
2008-12-16 14:42:31 ----D---- C:\Windows\Acer_Normal
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerzht.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerzhc.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServertr.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerth.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServersv.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServersl.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServersk.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerru.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerptb.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerpt.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerpl.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerno.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServernl.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerko.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerja.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerit.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerhu.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerhe.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerfr.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerfi.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServeres.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerenu.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServereng.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerel.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerde.dll
2008-12-16 14:41:15 ----A---- C:\Windows\system32\NvRaidServerda.dll
2008-12-16 14:41:14 ----A---- C:\Windows\system32\NvRaidServercs.dll
2008-12-16 14:41:14 ----A---- C:\Windows\system32\NvRaidServerar.dll
2008-12-16 14:41:14 ----A---- C:\Windows\system32\NvRaidServer.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionzht.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionzhc.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectiontr.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionth.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionsv.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionsl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionsk.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionru.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionptb.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionpt.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionpl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionno.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionnl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionko.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvSataConnectionja.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardzht.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardzhc.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardtr.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardth.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardsv.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardsl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardsk.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardru.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardptb.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardpt.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardpl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardno.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardnl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardko.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidWizardja.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvzht.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvzhc.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvtr.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvth.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvsv.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvsl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvsk.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvru.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvptb.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvpt.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvpl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvno.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvnl.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvko.dll
2008-12-16 14:41:13 ----A---- C:\Windows\system32\NvRaidSvja.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionit.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionhu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionhe.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionfr.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionfi.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectiones.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionenu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectioneng.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionel.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionde.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionda.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectioncs.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvSataConnectionar.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32
vsataconnection.exe
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardit.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardhu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardhe.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardfr.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardfi.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardes.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardenu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardeng.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardel.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardde.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardda.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardcs.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidWizardar.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvit.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvhu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvhe.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvfr.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvfi.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSves.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvenu.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSveng.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvel.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvde.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvda.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvcs.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32\NvRaidSvar.dll
2008-12-16 14:41:12 ----A---- C:\Windows\system32
vraidservice.exe
2008-12-16 14:41:11 ----A---- C:\Windows\system32\NvRaidWizard.dll
2008-12-16 14:39:51 ----D---- C:\Users\christopher\AppData\Roaming\Macromedia
2008-12-16 14:39:51 ----D---- C:\Users\christopher\AppData\Roaming\Adobe
2008-12-16 14:38:52 ----A---- C:\Windows\system32\Remove_eRecovery.exe
2008-12-16 14:38:52 ----A---- C:\Windows\system32\LauncheRyAgentUser.exe
2008-12-16 14:38:52 ----A---- C:\Windows\system32\ClearEvent.exe
2008-12-16 14:38:52 ----A---- C:\Windows\system32\CheckD2DSystem.exe
2008-12-16 14:38:52 ----A---- C:\Windows\system32\Acer EULA.txt
2008-12-16 14:38:19 ----D---- C:\Program Files\ATI
2008-12-16 14:37:18 ----SHD---- C:\$RECYCLE.BIN
2008-12-16 14:36:59 ----D---- C:\Users\christopher\AppData\Roaming\Identities
2008-12-16 14:36:23 ----SD---- C:\Users\christopher\AppData\Roaming\Microsoft
2008-12-16 14:36:23 ----D---- C:\Users\christopher\AppData\Roaming\Media Center Programs
2008-12-16 14:36:23 ----D---- C:\Users\christopher\AppData\Roaming\Acer GameZone Console
2008-12-16 14:33:31 ----A---- C:\Windows\system32\wups2.dll
2008-12-16 14:33:31 ----A---- C:\Windows\system32\wucltux.dll
2008-12-16 14:33:31 ----A---- C:\Windows\system32\wuaueng.dll
2008-12-16 14:33:31 ----A---- C:\Windows\system32\wuauclt.exe
2008-12-16 14:33:21 ----A---- C:\Windows\system32\wups.dll
2008-12-16 14:33:21 ----A---- C:\Windows\system32\wudriver.dll
2008-12-16 14:33:21 ----A---- C:\Windows\system32\wuapi.dll
2008-12-16 14:33:16 ----A---- C:\Windows\system32\wuwebv.dll
2008-12-16 14:33:16 ----A---- C:\Windows\system32\wuapp.exe
2008-12-16 14:32:49 ----SHD---- C:\ProgramData\Modèles
2008-12-16 14:32:49 ----SHD---- C:\ProgramData\Menu Démarrer
2008-12-16 14:32:49 ----SHD---- C:\ProgramData\Favoris
2008-12-16 14:32:49 ----SHD---- C:\ProgramData\Bureau
2008-12-16 14:32:49 ----SHD---- C:\Program Files\Fichiers communs
2008-12-16 14:29:17 ----D---- C:\Windows\SoftwareDistribution

======List of files/folders modified in the last 1 months======

2009-01-08 20:04:30 ----D---- C:\Windows\Prefetch
2009-01-08 20:04:09 ----D---- C:\Windows\Temp
2009-01-08 19:25:24 ----D---- C:\Windows\Tasks
2009-01-08 19:25:24 ----D---- C:\Windows
2009-01-08 19:24:21 ----D---- C:\Windows\System32
2009-01-08 19:24:15 ----D---- C:\Windows\system32\drivers
2009-01-08 17:10:59 ----SHD---- C:\System Volume Information
2009-01-08 09:22:43 ----D---- C:\Program Files
2009-01-08 00:34:33 ----D---- C:\ProgramData
2009-01-07 23:45:02 ----D---- C:\Windows\system
2009-01-07 23:17:31 ----D---- C:\Windows\system32\NDF
2009-01-07 23:16:55 ----D---- C:\Windows\system32\fr-FR
2009-01-07 23:15:33 ----A---- C:\Windows\system.ini
2009-01-07 23:14:32 ----D---- C:\Windows\AppPatch
2009-01-07 23:14:32 ----D---- C:\Program Files\Common Files
2009-01-07 23:12:59 ----D---- C:\Windows\system32\catroot2
2009-01-07 22:41:41 ----D---- C:\Windows\system32\WDI
2009-01-07 16:19:48 ----D---- C:\Windows\system32\Tasks
2009-01-07 15:42:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-07 15:42:10 ----D---- C:\Windows\inf
2009-01-02 23:53:49 ----SHD---- C:\Windows\Installer
2009-01-02 03:57:26 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-31 03:22:22 ----SHD---- C:\Boot
2008-12-31 03:22:21 ----D---- C:\Windows\system32\config
2008-12-29 13:14:38 ----A---- C:\Windows\win.ini
2008-12-29 13:14:30 ----RSD---- C:\Windows\Fonts
2008-12-29 13:13:27 ----D---- C:\Windows\ShellNew
2008-12-29 12:06:25 ----D---- C:\Windows\Help
2008-12-29 12:05:30 ----RSD---- C:\Windows\Media
2008-12-29 12:05:21 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-29 12:05:14 ----D---- C:\Program Files\Common Files\System
2008-12-29 12:04:31 ----D---- C:\Windows\MSAgent
2008-12-29 00:50:28 ----D---- C:\Windows\Microsoft.NET
2008-12-29 00:50:17 ----RSD---- C:\Windows\assembly
2008-12-28 19:32:20 ----D---- C:\Windows\winsxs
2008-12-28 19:29:58 ----D---- C:\Windows\system32\catroot
2008-12-28 17:24:46 ----D---- C:\Windowsescache
2008-12-28 17:06:29 ----D---- C:\Windows\system32\XPSViewer
2008-12-28 17:06:29 ----D---- C:\Windows\system32\wbem
2008-12-28 17:06:29 ----D---- C:\Windows\system32\en-US
2008-12-28 08:44:24 ----RD---- C:\Users
2008-12-28 01:46:37 ----D---- C:\Windows	wain_32
2008-12-27 00:22:05 ----D---- C:\ProgramData\Adobe
2008-12-27 00:21:57 ----D---- C:\Program Files\Common Files\Adobe
2008-12-27 00:21:57 ----D---- C:\Program Files\Adobe
2008-12-24 08:50:03 ----D---- C:\Program Files\McAfee
2008-12-22 01:08:11 ----A---- C:\Windows\DIFxAPI.dll
2008-12-22 00:11:33 ----D---- C:\ProgramData\NVIDIA
2008-12-19 00:20:11 ----D---- C:\Windows\Logs
2008-12-16 23:46:37 ----D---- C:\ProgramData\Microsoft Help
2008-12-16 23:41:51 ----D---- C:\Program Files\Microsoft Works
2008-12-16 19:34:18 ----D---- C:\Windows\system32\LogFiles
2008-12-16 19:15:41 ----D---- C:\ProgramData\Microsoft
2008-12-16 16:34:47 ----D---- C:\Program Files\Internet Explorer
2008-12-16 15:15:18 ----D---- C:\Windows\ehome
2008-12-16 15:15:18 ----D---- C:\Program Files\Windows Mail
2008-12-16 15:15:14 ----D---- C:\Windows\PolicyDefinitions
2008-12-16 15:15:09 ----D---- C:\Windows\system32\migration
2008-12-16 15:15:08 ----D---- C:\Windows\system32\Boot
2008-12-16 15:09:17 ----D---- C:\Windows\Debug
2008-12-16 14:46:48 ----A---- C:\Windows\Alaunch.ini
2008-12-16 14:46:38 ----D---- C:\AcerSW
2008-12-16 14:45:19 ----D---- C:\ProgramData\SiteAdvisor
2008-12-16 14:40:06 ----D---- C:\ProgramData\McAfee
2008-12-16 14:33:01 ----D---- C:\Windows\system32estore
2008-12-16 14:32:49 ----D---- C:\Program Files\Windows NT
2008-12-16 14:29:28 ----D---- C:\Windows\Panther
2008-12-09 15:24:38 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 CamthWDM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\CamthWDM.sys [2008-12-18 1051136]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R2 tvicport;tvicport; \??\C:\Windows\system32\drivers	vicport.sys [2007-11-06 14544]
R2 zntport;zntport; \??\C:\Windows\system32\drivers\zntport.sys [2007-11-06 6080]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 LVUVC;Logitech QuickCam S5500(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2008-07-26 4658584]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-03-21 6144]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS
vmfdx32.sys [2007-11-18 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS
vlddmkm.sys [2008-12-02 7643904]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS
vsmu.sys [2007-07-07 12032]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 catchme;catchme; \??\C:\killbagle\catchme.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2007-11-22 79304]
S3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2007-11-22 35240]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2007-12-02 40488]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVHDA;Service for NVIDIA HDMI Audio Driver; C:\Windows\system32\drivers
vhda32v.sys [2007-07-16 30752]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-06-13 247808]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448]
R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2007-10-17 28672]
R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-10-08 203280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32
vvsvc.exe [2008-12-02 207392]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
S2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-01-06 767976]
S2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-01-06 2458128]
S2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-01-06 359248]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-01-06 144704]
S2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-01-06 23880]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-19 655624]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-01-06 695624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-12-19 362240]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]

-----------------EOF-----------------

christorock · Answer

qu'es-ce que je fais maintenant?

V-X · Answer

Re,

Télécharge toolscleaner sur ton Bureau : 

toolscleaner

* Double-clique sur ToolsCleaner2.exe et laisse le travailler 

* Clique sur Recherche et laisse le scan se terminer. 

* Clique sur Suppression pour finaliser. 

* Tu peux, si tu le souhaites, te servir des Options facultatives. 

* Clique sur Quitter, pour que le rapport puisse se créer. 

* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
&#x25B6 Aller dans le Menu Démarrer puis dans Programmes,

 &#x25B6 Ensuite dans Accessoires et enfin dans Outils système,

&#x25B6 Choisir Restauration du système,

 &#x25B6 Sélectionner Restaurer mon ordinateur à une heure antérieure,

&#x25B6 Cliquer sur Suivant,

 &#x25B6 Choisir dans le calendrier affiché la date du point de restauration (à gauche),

&#x25B6 Choisir dans la liste de droite (si un choix est possible) le point de restauration précis,

 &#x25B6 Cliquer sur Suivant,

&#x25B6 Cliquer à nouveau sur Suivant,

&#x25B6 Le système va redémarrer pour restaurer les fichiers systèmes modifiés. 
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Des informations intéressantes pour toi et ton PC :

Conserve malwarebyte et CCLEANER et fait des scans régukliers avec malwarebyte en mode normal et en mode sans échec.

Nettoie ton PC avec CCLEANER toutes les semaines suit les information donner précèdement.

&#x25B6 Comportement à adopter avec son PC :ici
et pourquoi ( exemple ) :ici

&#x25B6 Surveillance :
Effectue des scan réguliers de surveillance (une fois tous les 15 jours, par exemple) avec ton antivirus puis avec ton anti-spyware (après les avoir mis à jour bien sur !) et supprime ce qu'ils peuvent trouver (où mets en quarantaine, en pensant à la vider ultérieurement).

&#x25B6 Pourquoi ? Pour éviter de se retrouver dans ce genre de situation ( peu commune mais ...) :
->ici

=============================================================

=> Il faut mettre a jour la console Java régulièrement aussi :

Pourquoi

Donc pour se faire, rends toi ici et télécharge la dernière version (si ta version actuelle n'est pas à jour) ou ici
Après avoir installé la dernière version, désinstalle les anciennes versions (de Java) afin d’éliminer les failles de sécurité présentes dans ces anciennes versions.
via Démarrer / Paramètres / Panneau de config / et dans Ajout/Suppression de programmes navigue jusqu'aux anciennes versions de la console Java qui s'y trouvent, puis clique sur « Supprimer », suis les invites de commandes dans la boite de dialogue qui va s'ouvrir afin d'amener la désinstallation à son terme.
Fais cela pour chacune d'elles, une à une, fais redémarrer ton PC quand cela te sera demandé .
Retourne ensuite chez Java ci-dessus et clique sur le bouton "Vérifier l'installation" pour t'assurer que tout est en ordre.

=============================================================

&#x25B6 Afin d’éviter les autres failles de sécurité des différents programmes présents sur ton PC :

Vérifie tes mises à jours des différents softs régulièrement ici et mets à jour ce qui ne l’est pas. ici
 Tutoriel
-Autre possibilité, t'abonner gratuitement a "la lettre hebdomadaire de secuser.com" ici a gauche en bas de page.

===========================================================

&#x25B6 teste l'efficacité de ton pare-feu ici ( à titre indicatif ):
ici

&#x25B6 tests firewall: ici

 &#x25B6 Un complément au pare-feu pour fermer les ports risqués (dangereux, s’ils restent ouverts) :

ZebProtect (application ne nécessitant pas d’installation à lancer et paramétrer une unique fois) ici

 Tutoriel

================================================================
 &#x25B6 Pour une meilleur sécurité lorsque tu surfes , je te conseille d'utiliser FireFox :
télécharge le ici -> firefox firefox

( Attention : toujours garder IE sur son PC ! Il est indispensable pour les mises à jour de ton système ainsi que pour pas mal de choses, comme les scan d'antivirus en ligne, ect... )

Tutorial pour sécuriser Firefox

=================================================================
 Rappel sur les principales causes d'infection :


&#x25B6 L'utilisation de cracks ou keygens est à proscrire, de même que le surf sur les sites de téléchargement de ceux-ci :

 Les dangers des cracks

&#x25B6 Le crack dans toute sa splendeur, journal d'une infection attendue :
ici

&#x25B6 Autres exemples en image , où comment s'infiltre une infection par un pseudo crack :
ici


&#x25B6 Le P2P ( l'utilisation de logiciels comme eMule, Sharazaa, LimeWire, Bit torrent):

Les conséquences du P2P

&#x25B6 Pourquoi éviter le P2P :
> ici
> et ici
> et la


&#x25B6 Faire attention avec les ActiveX :
ici
et comment :
là


&#x25B6 Prévention sur deux autres types d'infection d'actualité :

&#x25B6 MSN prévention :
ici
-> autre danger grandissant , le " phishing " (= hameçonnage ) :
ici


&#x25B6 Infection par supports amovibles (clefs usb, flash, DD externes ..) :
ici
ici

=================================================================
&#x25B6 Prévention & Sécurité sur internet

projet anti-malware

christorock · Answer

[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

-->- Recherche: 

C:\Combofix.txt: trouvé !
C:\FindyKill.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\Program Files\UsbFix: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\UsbFix: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\FindyKill: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UsbFix: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FindyKill: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UsbFix\UsbFix.lnk: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\UsbFix: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\FindyKill: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\UsbFix: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\FindyKill: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\UsbFix\UsbFix.lnk: trouvé !
C:\Users\christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\UsbFix: trouvé !
C:\Users\christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\FindyKill: trouvé !
C:\Users\christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UsbFix: trouvé !
C:\Users\christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FindyKill: trouvé !
C:\Users\christopher\Desktop\HijackThis.lnk: trouvé !
C:\Users\christopher\Desktop\Msnfix.zip: trouvé !
C:\Users\christopher\Desktop\HJTInstall.exe: trouvé !
C:\Users\christopher\Desktop\UsbFix.exe: trouvé !
C:\Users\christopher\Desktop\UsbFix.lnk: trouvé !
C:\Users\christopher\Desktop\OTMoveIt3.exe: trouvé !
C:\Users\christopher\Desktop\Rsit.exe: trouvé !
C:\Users\christopher\Desktop\MsnFix: trouvé !
C:\Users\christopher\Desktop\MSNFix\MsnFix: trouvé !
C:\Windows\msnfix.txt: trouvé !

---------------------------------
-->- Suppression: 

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: supprimé !
C:\Users\christopher\Desktop\HijackThis.lnk: supprimé !
C:\Users\christopher\Desktop\Msnfix.zip: ERREUR DE SUPPRESSION !!
C:\Users\christopher\Desktop\HJTInstall.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\FindyKill.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UsbFix\UsbFix.lnk: supprimé !
C:\Users\christopher\Desktop\UsbFix.exe: supprimé !
C:\Users\christopher\Desktop\UsbFix.lnk: supprimé !
C:\Users\christopher\Desktop\OTMoveIt3.exe: supprimé !
C:\Users\christopher\Desktop\Rsit.exe: supprimé !
C:\Windows\msnfix.txt: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Rsit: supprimé !
C:\Program Files\UsbFix: supprimé !
C:\Program Files\FindyKill: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\UsbFix: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\FindyKill: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UsbFix: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FindyKill: supprimé !
C:\Users\christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\UsbFix: ERREUR DE SUPPRESSION !!
C:\Users\christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\FindyKill: ERREUR DE SUPPRESSION !!
C:\Users\christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UsbFix: supprimé !
C:\Users\christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FindyKill: supprimé !
C:\Users\christopher\Desktop\MsnFix: supprimé !

Point de restauration crée !

christorock · Answer

Donc voila je crois que c'est fini non?

V-X · Answer

Re,

Oui a moins que tu es d'autres soucis ?

christorock · Answer

oui, c bon je crois^^ bas jte dis merci pour tout de m'avoir aidé =) Bonne soirée a toi

V-X · Answer

Re,

OKI.

Tu peut mettre en résolu:

Comment mettre en résolu le topic

AU SECOURS!!! J'AI UN VIRUS DE TYPE BEAGLE!!!

75 réponses

Votre réponse

Discussions similaires

Newsletters