Sujet Précédent Sujet Suivant

Ralentissement internet depuis une semaine

Fermé
Kevinvdm - 22 févr. 2009 à 18:01
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 4 mars 2009 à 13:33
Bonjour à tous,


Je me permets de vous demander de l'aide car d'habitude je m'en sors en appliquant les méthodes qu'on peut voir sur les forums, mais là j'ai beau essayé je n'arrive pas à trouver le problème.
J'ai une connexion internet à la base qui est très rapide, quand je vais sur le net, les pages apparaissent instinctivement, et pour les telechargements c'est rapide.

Mais depuis quelques temps, les pages internet mettent enormément de temps à s'afficher, voire ne s'affichent pas du tout. Les telechargements sont super lents des fois en octets par seconde pour des telechargements censés être très rapides comme lorsqu'on télecharge des logiciels gratuits, comme itunes etc

Les autres ordinateurs de la maison n'ont pas ce problème là, je me dis que j'ai surement un bug, ou un virus, mais je ne le trouve pas.

Si cela peut vous aider je met le rapport du logiciel Hijack this:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:40:44, on 22/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\Kevin\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=1006&m=aspire_x3200
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=1006&m=aspire_x3200
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
A voir également:

22 réponses

  • 1
  • 2
Réponse 1 / 22
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
22 févr. 2009 à 19:12
slt

pour voir si tu est infecté:

désactive le tea timer de spybot (mode puis mode avance puis outils puis resident)

_______________


installe malwarebyte et mets le a jour puis colle nous un rapport rapide avec:

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

_______________

colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

_________________


Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
Réponse 2 / 22
Kevinvdm
22 févr. 2009 à 20:08
Merci Jlpjlp pour ton aide, je vais essayer de faire ça au plus vite, mais le souci que j'ai c'est que la connexion internet me fait vraiment trainer pour le scan en ligne par exemple ou les mises à jours des logiciels, soit c'est très long, soit cela n'avance pas du tout...
Là je télecharge les logiciels avec l'autre ordinateur que j'ai du coup, mais si les mises à jours ne se font pas j'espère que cela sera quand même efficace.

Merci encore, je poste tous les rapports dès que j'ai fini !
0
Réponse 3 / 22
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
22 févr. 2009 à 20:14
alors saute le scan en ligne et fais le reste
0
Réponse 4 / 22
Kevinvdm
22 févr. 2009 à 23:47
Voilà donc je n'ai pas réussi à faire le scan en ligne il a bloqué à 40%.

Voici le rapport de malwarebyte où je n'ai pas pu charger la mise à jour :

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1749
Windows 6.0.6001 Service Pack 1

22/02/2009 23:33:11
mbam-log-2009-02-22 (23-33-11).txt

Type de recherche: Examen complet (C:\|D:\|G:\|H:\|)
Eléments examinés: 169980
Temps écoulé: 37 minute(s), 28 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)





Et voici le rapport du RSIT:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Kevin at 2009-02-22 23:34:12
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 222 GB (75%) free of 296 GB
Total RAM: 2814 MB (35% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Daily).job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
C:\Windows\tasks\WebReg Photosmart 2600 series.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-11-26 324936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-10-24 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2009-01-26 2583352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll [2009-01-26 736240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-10 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2009-01-26 2583352]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-03-26 5369856]
"Acer Empowering Technology Monitor"=C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [2008-04-25 319488]
"EmpoweringTechnology"=C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [2008-04-25 319488]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-08-03 582992]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]
"PCMMediaSharing"=C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2008-01-25 204908]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-22 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-22 92704]
"eRecoveryService"= []
"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-26 24064]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-10 148888]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-01-19 506712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-02-11 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-21 2153472]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-26 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-02-22 23:34:12 ----D---- C:\rsit
2009-02-22 23:34:12 ----D---- C:\Program Files\trend micro
2009-02-22 20:20:50 ----D---- C:\Users\Kevin\AppData\Roaming\Malwarebytes
2009-02-22 20:20:41 ----D---- C:\ProgramData\Malwarebytes
2009-02-22 20:20:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-22 19:57:06 ----D---- C:\Program Files\Panda Security
2009-02-22 15:05:20 ----D---- C:\Program Files\a-squared Free
2009-02-22 14:38:12 ----D---- C:\Program Files\Mozilla Firefox
2009-02-22 13:07:01 ----D---- C:\Program Files\CleanUp!
2009-02-22 12:54:26 ----A---- C:\Windows\system32\o4Patch.exe
2009-02-22 12:54:26 ----A---- C:\Windows\system32\Agent.OMZ.Fix.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\WS2Fix.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\VCCLSID.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\VACFix.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\swxcacls.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\swsc.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\swreg.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\SrchSTS.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\Process.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\IEDFix.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\IEDFix.C.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\dumphive.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\404Fix.exe
2009-02-22 12:01:16 ----A---- C:\Windows\system32\lsdelete.exe
2009-02-22 11:14:22 ----HDC---- C:\ProgramData\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-02-22 11:14:17 ----D---- C:\ProgramData\Lavasoft
2009-02-22 11:14:17 ----D---- C:\Program Files\Lavasoft
2009-02-20 18:38:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-20 18:38:11 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-20 18:06:44 ----D---- C:\Users\Kevin\AppData\Roaming\GetRightToGo
2009-02-19 16:00:28 ----A---- C:\Windows\NeroDigital.ini
2009-02-17 14:41:57 ----D---- C:\ProgramData\LightScribe
2009-02-17 14:41:49 ----D---- C:\Users\Kevin\AppData\Roaming\Nero
2009-02-17 14:17:03 ----A---- C:\Windows\Irremote.ini
2009-02-17 13:46:57 ----D---- C:\Program Files\Nero
2009-02-17 13:46:10 ----D---- C:\ProgramData\Nero
2009-02-17 13:46:08 ----D---- C:\Program Files\Common Files\Nero
2009-02-17 13:45:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-02-16 18:39:54 ----D---- C:\Users\Kevin\AppData\Roaming\eSobi
2009-02-15 21:56:34 ----D---- C:\Users\Kevin\AppData\Roaming\Mozilla
2009-02-15 21:56:09 ----D---- C:\Users\Kevin\AppData\Roaming\LimeWire
2009-02-15 21:55:22 ----D---- C:\Program Files\LimeWire
2009-02-15 15:50:19 ----A---- C:\Windows\system32\EncDec.dll
2009-02-15 15:50:13 ----A---- C:\Windows\system32\psisdecd.dll
2009-02-13 18:12:55 ----D---- C:\ProgramData\Pinnacle VideoSpin
2009-02-13 18:11:29 ----D---- C:\ProgramData\VideoSpin
2009-02-13 18:11:29 ----D---- C:\Program Files\Pinnacle
2009-02-13 18:11:29 ----D---- C:\Program Files\Common Files\Yahoo!
2009-02-13 18:08:50 ----D---- C:\ProgramData\Pinnacle
2009-02-13 17:45:45 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2009-02-13 17:45:45 ----A---- C:\Windows\system32\ff_vfw.dll
2009-02-13 17:45:44 ----A---- C:\Windows\system32\pthreadGC2.dll
2009-02-13 17:45:43 ----D---- C:\Program Files\ffdshow
2009-02-11 09:51:14 ----A---- C:\Windows\system32\mshtml.dll
2009-02-11 09:51:11 ----A---- C:\Windows\system32\urlmon.dll
2009-02-11 09:51:11 ----A---- C:\Windows\system32\ieframe.dll
2009-02-11 09:51:09 ----A---- C:\Windows\system32\wininet.dll
2009-02-11 09:51:09 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-11 09:51:09 ----A---- C:\Windows\system32\iertutil.dll
2009-02-11 09:51:08 ----A---- C:\Windows\system32\mstime.dll
2009-02-11 09:51:05 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 20:23:40 ----D---- C:\ProgramData\WEBREG
2009-02-10 20:20:09 ----D---- C:\Users\Kevin\AppData\Roaming\HP
2009-02-10 20:19:24 ----D---- C:\ProgramData\HPSSUPPLY
2009-02-10 20:17:40 ----D---- C:\Program Files\Hewlett-Packard
2009-02-10 20:17:40 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-02-10 20:17:25 ----D---- C:\Program Files\Common Files\HP
2009-02-10 19:51:09 ----D---- C:\Program Files\HP
2009-02-10 19:34:16 ----D---- C:\ProgramData\HP
2009-02-10 19:34:12 ----A---- C:\Windows\system32\hpzids01.dll
2009-02-10 19:34:12 ----A---- C:\Windows\system32\hpowiav1.dll
2009-02-10 19:34:12 ----A---- C:\Windows\system32\hpovst01.dll
2009-02-10 19:34:12 ----A---- C:\Windows\system32\hpotscl1.dll
2009-02-10 19:18:53 ----HD---- C:\Config.Msi
2009-02-10 19:18:34 ----D---- C:\Users\Kevin\AppData\Roaming\Apple Computer
2009-02-10 19:18:27 ----A---- C:\Windows\system32\GEARAspi.dll
2009-02-10 19:18:26 ----DC---- C:\Windows\system32\DRVSTORE
2009-02-10 19:18:10 ----D---- C:\Program Files\iPod
2009-02-10 19:18:08 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-10 19:18:08 ----D---- C:\Program Files\iTunes
2009-02-10 19:17:39 ----D---- C:\Program Files\Bonjour
2009-02-10 19:16:56 ----D---- C:\ProgramData\Apple Computer
2009-02-10 19:16:28 ----D---- C:\Program Files\Apple Software Update
2009-02-10 19:15:41 ----D---- C:\ProgramData\Apple
2009-02-10 19:15:41 ----D---- C:\Program Files\Common Files\Apple
2009-02-10 11:03:10 ----D---- C:\Windows\Sun
2009-02-10 11:02:39 ----A---- C:\Windows\system32\javaws.exe
2009-02-10 11:02:39 ----A---- C:\Windows\system32\javaw.exe
2009-02-10 11:02:39 ----A---- C:\Windows\system32\java.exe
2009-02-10 11:02:39 ----A---- C:\Windows\system32\deploytk.dll
2009-02-10 11:02:24 ----D---- C:\Program Files\Java
2009-02-07 14:53:08 ----D---- C:\Users\Kevin\AppData\Roaming\PIXEL-TECH
2009-02-07 14:52:25 ----D---- C:\ProgramData\PIXEL-TECH
2009-02-07 14:52:23 ----D---- C:\Program Files\Pixel-Tech
2009-02-07 12:51:26 ----D---- C:\Program Files\QuickTime
2009-02-07 12:51:20 ----D---- C:\Program Files\Xilisoft
2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.dll
2009-02-06 12:35:56 ----A---- C:\Windows\system32\LegitCheckControl.DLL
2009-02-05 19:15:00 ----D---- C:\ProgramData\FLEXnet
2009-02-05 18:53:59 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-02-04 15:54:22 ----D---- C:\Program Files\LG PC Suite 2
2009-02-04 15:54:04 ----D---- C:\Users\Kevin\AppData\Roaming\InstallShield
2009-02-04 15:47:00 ----D---- C:\Users\Kevin\AppData\Roaming\LG Electronics
2009-02-04 15:43:15 ----D---- C:\Program Files\LG Electronics
2009-02-04 11:49:10 ----D---- C:\Program Files\SiteAdvisor
2009-01-31 11:38:36 ----D---- C:\ProgramData\eMule
2009-01-31 11:38:11 ----D---- C:\Program Files\eMule
2009-01-30 20:56:15 ----D---- C:\Users\Kevin\AppData\Roaming\WinRAR
2009-01-30 20:55:59 ----D---- C:\Program Files\WinRAR
2009-01-28 18:43:49 ----D---- C:\Users\Kevin\AppData\Roaming\dvdcss
2009-01-28 00:22:19 ----D---- C:\Users\Kevin\AppData\Roaming\skypePM
2009-01-28 00:17:34 ----D---- C:\Users\Kevin\AppData\Roaming\Skype
2009-01-28 00:15:56 ----D---- C:\Program Files\Skype
2009-01-28 00:15:56 ----D---- C:\Program Files\Common Files\Skype
2009-01-28 00:15:53 ----D---- C:\ProgramData\Skype
2009-01-27 14:48:04 ----D---- C:\Users\Kevin\AppData\Roaming\vlc
2009-01-27 14:47:17 ----D---- C:\Program Files\VideoLAN
2009-01-27 00:15:19 ----D---- C:\Program Files\Microsoft
2009-01-27 00:15:04 ----D---- C:\Program Files\Windows Live SkyDrive
2009-01-27 00:14:48 ----D---- C:\Program Files\Windows Live
2009-01-27 00:10:16 ----D---- C:\Program Files\Common Files\Windows Live
2009-01-26 22:37:19 ----A---- C:\Windows\system32\msshooks.dll
2009-01-26 22:37:18 ----A---- C:\Windows\system32\msscb.dll
2009-01-26 22:37:16 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-01-26 22:37:16 ----A---- C:\Windows\system32\propdefs.dll
2009-01-26 22:37:16 ----A---- C:\Windows\system32\msstrc.dll
2009-01-26 22:37:16 ----A---- C:\Windows\system32\mssitlb.dll
2009-01-26 22:37:15 ----A---- C:\Windows\system32\thawbrkr.dll
2009-01-26 22:37:15 ----A---- C:\Windows\system32\srchadmin.dll
2009-01-26 22:37:15 ----A---- C:\Windows\system32\propsys.dll
2009-01-26 22:37:15 ----A---- C:\Windows\system32\mssprxy.dll
2009-01-26 22:37:15 ----A---- C:\Windows\system32\msshsq.dll
2009-01-26 22:37:15 ----A---- C:\Windows\system32\korwbrkr.dll
2009-01-26 22:37:14 ----A---- C:\Windows\system32\xmlfilter.dll
2009-01-26 22:37:14 ----A---- C:\Windows\system32\wsepno.dll
2009-01-26 22:37:14 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-01-26 22:37:14 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-01-26 22:37:14 ----A---- C:\Windows\system32\rtffilt.dll
2009-01-26 22:37:14 ----A---- C:\Windows\system32\offfilt.dll
2009-01-26 22:37:14 ----A---- C:\Windows\system32\nlhtml.dll
2009-01-26 22:37:14 ----A---- C:\Windows\system32\msscntrs.dll
2009-01-26 22:37:14 ----A---- C:\Windows\system32\mimefilt.dll
2009-01-26 22:37:14 ----A---- C:\Windows\system32\chtbrkr.dll
2009-01-26 22:37:14 ----A---- C:\Windows\system32\chsbrkr.dll
2009-01-26 22:37:13 ----A---- C:\Windows\system32\tquery.dll
2009-01-26 22:37:13 ----A---- C:\Windows\system32\mssvp.dll
2009-01-26 22:37:13 ----A---- C:\Windows\system32\mssrch.dll
2009-01-26 22:37:13 ----A---- C:\Windows\system32\mssphtb.dll
2009-01-26 22:37:13 ----A---- C:\Windows\system32\mssph.dll
2009-01-26 22:36:28 ----A---- C:\Windows\system32\tzres.dll
2009-01-26 22:29:10 ----D---- C:\Program Files\MSXML 4.0
2009-01-26 22:23:38 ----D---- C:\Program Files\PokerStars
2009-01-26 22:19:51 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-01-26 22:19:48 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-01-26 22:19:34 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-01-26 22:17:52 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-01-26 22:17:50 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-01-26 22:17:37 ----A---- C:\Windows\system32\shell32.dll
2009-01-26 22:17:12 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-01-26 22:17:12 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-01-26 22:17:12 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-01-26 22:17:10 ----A---- C:\Windows\system32\rpcrt4.dll
2009-01-26 22:17:08 ----A---- C:\Windows\system32\pacerprf.dll
2009-01-26 22:17:05 ----A---- C:\Windows\system32\win32spl.dll
2009-01-26 22:16:56 ----A---- C:\Windows\system32\wmpeffects.dll
2009-01-26 22:16:52 ----A---- C:\Windows\system32\emdmgmt.dll
2009-01-26 22:16:52 ----A---- C:\Windows\system32\dataclen.dll
2009-01-26 22:16:52 ----A---- C:\Windows\system32\cdd.dll
2009-01-26 22:16:50 ----A---- C:\Windows\system32\gdi32.dll
2009-01-26 22:16:45 ----A---- C:\Windows\system32\mf.dll
2009-01-26 22:16:44 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-01-26 22:16:42 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-01-26 22:16:41 ----A---- C:\Windows\system32\logagent.exe
2009-01-26 22:16:38 ----A---- C:\Windows\system32\es.dll
2009-01-26 22:16:36 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-01-26 22:16:29 ----A---- C:\Windows\system32\msxml3.dll
2009-01-26 22:16:26 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-01-26 22:16:24 ----A---- C:\Windows\explorer.exe
2009-01-26 22:16:19 ----A---- C:\Windows\system32\inetcomm.dll
2009-01-26 22:16:17 ----A---- C:\Windows\system32\netapi32.dll
2009-01-26 22:16:15 ----A---- C:\Windows\system32\wersvc.dll
2009-01-26 22:16:15 ----A---- C:\Windows\system32\Faultrep.dll
2009-01-26 22:16:13 ----A---- C:\Windows\system32\vbscript.dll
2009-01-26 22:16:12 ----A---- C:\Windows\system32\wshext.dll
2009-01-26 22:16:12 ----A---- C:\Windows\system32\wscript.exe
2009-01-26 22:16:12 ----A---- C:\Windows\system32\jscript.dll
2009-01-26 22:16:11 ----A---- C:\Windows\system32\scrrun.dll
2009-01-26 22:16:11 ----A---- C:\Windows\system32\scrobj.dll
2009-01-26 22:16:11 ----A---- C:\Windows\system32\cscript.exe
2009-01-26 22:16:09 ----A---- C:\Windows\system32\quartz.dll
2009-01-26 22:15:06 ----A---- C:\Windows\system32\connect.dll
2009-01-26 22:14:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-01-26 22:14:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-01-26 22:13:57 ----A---- C:\Windows\system32\msxml6.dll
2009-01-26 22:08:14 ----A---- C:\Windows\system32\wups2.dll
2009-01-26 22:08:14 ----A---- C:\Windows\system32\wucltux.dll
2009-01-26 22:08:14 ----A---- C:\Windows\system32\wuaueng.dll
2009-01-26 22:08:14 ----A---- C:\Windows\system32\wuauclt.exe
2009-01-26 22:08:10 ----D---- C:\Users\Kevin\AppData\Roaming\Google
2009-01-26 22:08:05 ----A---- C:\Windows\system32\wups.dll
2009-01-26 22:08:05 ----A---- C:\Windows\system32\wudriver.dll
2009-01-26 22:08:05 ----A---- C:\Windows\system32\wuapi.dll
2009-01-26 22:08:00 ----A---- C:\Windows\system32\wuwebv.dll
2009-01-26 22:08:00 ----A---- C:\Windows\system32\wuapp.exe
2009-01-26 19:59:01 ----A---- C:\Windows\system32\WLANUTL.dll
2009-01-26 19:59:01 ----A---- C:\Windows\system32\W32N50.dll
2009-01-26 19:38:51 ----D---- C:\Program Files\Inventel
2009-01-26 19:38:39 ----D---- C:\Users\Kevin\AppData\Roaming\Adobe
2009-01-26 19:38:08 ----D---- C:\Securitoo
2009-01-26 19:28:13 ----D---- C:\Users\Kevin\AppData\Roaming\Macromedia
2009-01-26 19:27:54 ----D---- C:\Users\Kevin\AppData\Roaming\Identities
2009-01-26 19:27:19 ----D---- C:\ProgramData\Google
2009-01-26 19:26:56 ----D---- C:\Program Files\Google
2009-01-26 19:26:32 ----D---- C:\ACERSW
2009-01-26 19:26:08 ----SD---- C:\Users\Kevin\AppData\Roaming\Microsoft
2009-01-26 19:26:08 ----D---- C:\Users\Kevin\AppData\Roaming\Media Center Programs
2009-01-26 19:26:08 ----D---- C:\Users\Kevin\AppData\Roaming\Acer GameZone Console
2009-01-26 19:23:13 ----SHD---- C:\ProgramData\Modèles
2009-01-26 19:23:13 ----SHD---- C:\ProgramData\Menu Démarrer
2009-01-26 19:23:13 ----SHD---- C:\ProgramData\Favoris
2009-01-26 19:23:13 ----SHD---- C:\ProgramData\Bureau
2009-01-26 19:23:13 ----SHD---- C:\Program Files\Fichiers communs

======List of files/folders modified in the last 1 months======

2009-02-22 23:34:17 ----D---- C:\Windows\Temp
2009-02-22 23:34:12 ----RD---- C:\Program Files
2009-02-22 22:37:23 ----D---- C:\Windows\system32\drivers
2009-02-22 20:20:41 ----HD---- C:\ProgramData
2009-02-22 15:15:41 ----SHD---- C:\Windows\Installer
2009-02-22 15:15:34 ----D---- C:\ProgramData\Microsoft Help
2009-02-22 15:05:06 ----D---- C:\Windows\Prefetch
2009-02-22 14:40:32 ----D---- C:\Windows\System32
2009-02-22 14:40:32 ----D---- C:\Windows\inf
2009-02-22 14:40:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-22 14:38:39 ----D---- C:\Windows
2009-02-22 13:09:00 ----D---- C:\Windows\twain_32
2009-02-22 13:08:57 ----D---- C:\Windows\system32\catroot2
2009-02-22 13:08:22 ----D---- C:\TEMP
2009-02-22 11:47:12 ----SHD---- C:\System Volume Information
2009-02-22 11:22:26 ----D---- C:\Windows\system32\catroot
2009-02-22 11:19:47 ----SD---- C:\Windows\Downloaded Program Files
2009-02-22 11:15:06 ----D---- C:\Windows\Tasks
2009-02-22 11:15:06 ----D---- C:\Windows\system32\Tasks
2009-02-22 11:14:15 ----D---- C:\Windows\winsxs
2009-02-21 15:38:29 ----D---- C:\Program Files\Common Files\microsoft shared
2009-02-21 15:35:09 ----D---- C:\Program Files\McAfee
2009-02-17 13:46:08 ----D---- C:\Program Files\Common Files
2009-02-15 19:09:56 ----D---- C:\Windows\ehome
2009-02-13 18:11:41 ----RSD---- C:\Windows\Fonts
2009-02-12 16:50:49 ----D---- C:\Program Files\Windows Mail
2009-02-12 16:46:34 ----D---- C:\ACER
2009-02-10 20:19:56 ----A---- C:\Windows\win.ini
2009-02-10 19:17:30 ----D---- C:\Program Files\Internet Explorer
2009-02-07 12:58:37 ----D---- C:\ProgramData\Adobe
2009-02-05 18:57:19 ----D---- C:\Program Files\Adobe
2009-02-05 18:56:16 ----D---- C:\Program Files\Common Files\Adobe
2009-02-05 18:52:24 ----D---- C:\Windows\system32\WDI
2009-02-04 15:49:31 ----SD---- C:\ProgramData\Microsoft
2009-02-04 15:43:15 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-28 11:43:37 ----D---- C:\ProgramData\SiteAdvisor
2009-01-28 03:45:14 ----D---- C:\Windows\system32\LogFiles
2009-01-27 19:29:20 ----D---- C:\ProgramData\McAfee
2009-01-27 19:23:53 ----D---- C:\Windows\rescache
2009-01-27 11:17:05 ----D---- C:\Windows\Microsoft.NET
2009-01-27 01:20:03 ----D---- C:\Windows\system32\fr-FR
2009-01-27 01:20:01 ----D---- C:\Windows\AppPatch
2009-01-27 01:19:59 ----D---- C:\Windows\PolicyDefinitions
2009-01-26 22:33:14 ----RSD---- C:\Windows\assembly
2009-01-26 22:29:26 ----D---- C:\Program Files\Microsoft Works
2009-01-26 22:06:54 ----D---- C:\Windows\SoftwareDistribution
2009-01-26 21:01:29 ----D---- C:\Windows\Logs
2009-01-26 19:34:02 ----D---- C:\Windows\system32\NDF
2009-01-26 19:28:14 ----D---- C:\Windows\system32\OEM
2009-01-26 19:28:14 ----D---- C:\Windows\Acer_Normal
2009-01-26 19:28:10 ----SHD---- C:\$RECYCLE.BIN
2009-01-26 19:26:37 ----D---- C:\Program Files\Acer
2009-01-26 19:26:08 ----RD---- C:\Users
2009-01-26 19:23:13 ----D---- C:\Program Files\Windows NT
2009-01-26 19:23:12 ----D---- C:\Windows\Debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-04-25 15392]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-03-26 2103512]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2007-11-22 33832]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr28.sys [2008-03-26 338432]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-04-22 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-22 7451040]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 rt70x86;ASUS RT2500 USB Wireless LAN Driver; C:\Windows\system32\DRIVERS\netr70.sys [2006-12-27 245248]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\Windows\system32\PCANDIS5.SYS []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-01-27 421496]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 24576]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\bin32\nSvcAppFlt.exe [2008-01-29 598016]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-19 921936]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-11-26 23880]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nSvcIp;ForceWare IP service; C:\Program Files\bin32\nSvcIp.exe [2008-01-29 163840]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-22 118784]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
R3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-05 655624]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-26 24064]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-26 138168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------



Merci encore pour votre aide !!!!! ;)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
23 févr. 2009 à 13:49
le scan en ligne?
0
Réponse 6 / 22
Kevinvdm
23 févr. 2009 à 14:56
J'ai pas réussi à faire le scan en ligne, il était pourtant bien parti, mais il a bloqué au bout de deux heures à 40%, donc il ne s'est pas terminé.
La connexion internet est encore pire qu'hier, là je reponds de l'autre ordinateur...
0
Réponse 7 / 22
Kevinvdm
23 févr. 2009 à 16:24
J ai enfin réussi le scan en ligne avec panda, voici les resultats, une info qui va peut etre te parler, internet explorer ne fonctionne plus du tout, je vais sur le net avec mozilla firefox et là la connexion est meilleure mais il continue d'y avoir des ralentissements ...

***********************
ANALYSIS: 2009-02-23 16:15:20
PROTECTIONS: 4
MALWARE: 2
SUSPECTS: 4
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Lavasoft Ad-Watch Live! AntiVirus Yes Yes
Spybot - Search and Destroy 1.0.0.6 No Yes
Lavasoft Ad-Watch Live! No Yes
Windows Defender 1.1.1505.0 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@atdmt[3].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@atdmt[2].txt
00484705 Application/IEDefender HackTools No 0 Yes No C:\Users\Kevin\Desktop\SmitfraudFix.zip[SmitfraudFix/IEDFix.C.exe]
00484705 Application/IEDefender HackTools No 0 Yes No C:\Windows\System32\IEDFix.C.exe
00484705 Application/IEDefender HackTools No 0 Yes No C:\Users\Kevin\Desktop\SmitfraudFix\IEDFix.C.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location u`""39
;===================================================================================================================================================================================
No C:\Program Files\Acer GameZone\Big Kahuna Reef\Big Kahuna Reef.exe u`""39
No C:\Program Files\Acer GameZone\Bricks of Egypt\Bricks of Egypt.exe u`""39
No C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\Diner_Dash_Flo_On_The_Go.exe u`""39
No C:\Users\Kevin\Desktop\Mes fichiers reçus\kazaa\kmd.exe u`""39
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
0
Réponse 8 / 22
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
23 févr. 2009 à 22:22
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.


télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

_________________


si des soucis persistent avec internet explorer initialise le:

https://www.pcastuces.com/newsletter/adj/1943.htm
0
Réponse 9 / 22
Kevinvdm
24 févr. 2009 à 00:37
Ok merci beaucoup de ton aide, je pars en déplacement pendant la semaine je m'occupes de ça lundi prochain, si je te tiens au courant.
En tout cas merci encore pour tout le temps que tu m'as consacré c'est vraiment sympa! ;)
0
Réponse 10 / 22
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 févr. 2009 à 12:07
ok . À plus
0
Réponse 11 / 22
Kevinvdm
2 mars 2009 à 13:22
De retour sur mon ordinateur, j'ai procédé comme vous me l'avez indiqué, voici le rapport de combofix:

ComboFix 09-03-01.01 - Kevin 2009-03-02 12:46:18.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2814.1648 [GMT 1:00]
Lancé depuis: c:\users\Kevin\Desktop\ComboFix.exe
AV: Lavasoft Ad-Watch Live! AntiVirus *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\pthreadGC2.dll
c:\windows\system32\SrchSTS.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-02-02 au 2009-03-02 ))))))))))))))))))))))))))))))))))))
.

2009-03-01 15:17 . 2009-03-01 15:17 <REP> d-------- c:\users\Kevin\AppData\Roaming\Template
2009-03-01 15:16 . 2009-03-01 15:17 38 --a------ c:\users\Kevin\AppData\Roaming\wklnhst.dat
2009-02-22 23:34 . 2009-02-22 23:34 <REP> d-------- C:\rsit
2009-02-22 23:34 . 2009-02-22 23:34 <REP> d-------- c:\program files\trend micro
2009-02-22 20:20 . 2009-02-22 20:20 <REP> d-------- c:\users\Kevin\AppData\Roaming\Malwarebytes
2009-02-22 20:20 . 2009-02-22 20:20 <REP> d-------- c:\users\All Users\Malwarebytes
2009-02-22 20:20 . 2009-02-22 20:20 <REP> d-------- c:\programdata\Malwarebytes
2009-02-22 20:20 . 2009-02-22 22:37 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-22 20:20 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-22 20:20 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-22 20:05 . 2008-06-19 16:24 28,544 --a------ c:\windows\System32\drivers\pavboot.sys
2009-02-22 19:57 . 2009-02-22 19:57 <REP> d-------- c:\program files\Panda Security
2009-02-22 15:05 . 2009-02-22 16:40 <REP> d-------- c:\program files\a-squared Free
2009-02-22 14:38 . 2009-02-22 14:38 0 --a------ c:\windows\nsreg.dat
2009-02-22 13:07 . 2009-02-22 13:07 <REP> d-------- c:\program files\CleanUp!
2009-02-22 12:01 . 2009-01-19 15:35 15,688 --a------ c:\windows\System32\lsdelete.exe
2009-02-22 11:22 . 2009-01-19 15:35 64,160 --a------ c:\windows\System32\drivers\Lbd.sys
2009-02-22 11:14 . 2009-02-22 11:14 <REP> d-------- c:\users\All Users\Lavasoft
2009-02-22 11:14 . 2009-02-22 11:14 <REP> d--h-c--- c:\users\All Users\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-02-22 11:14 . 2009-02-22 11:14 <REP> d-------- c:\programdata\Lavasoft
2009-02-22 11:14 . 2009-02-22 11:14 <REP> d--h-c--- c:\programdata\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-02-22 11:14 . 2009-02-22 11:14 <REP> d-------- c:\program files\Lavasoft
2009-02-20 18:38 . 2009-02-20 19:03 <REP> d-------- c:\users\All Users\Spybot - Search & Destroy
2009-02-20 18:38 . 2009-02-20 19:03 <REP> d-------- c:\programdata\Spybot - Search & Destroy
2009-02-20 18:38 . 2009-02-20 18:38 <REP> d-------- c:\program files\Spybot - Search & Destroy
2009-02-20 18:06 . 2009-02-20 18:11 <REP> d-------- c:\users\Kevin\AppData\Roaming\GetRightToGo
2009-02-19 16:00 . 2009-02-19 16:00 69 --a------ c:\windows\NeroDigital.ini
2009-02-17 14:41 . 2009-02-17 14:51 <REP> d-------- c:\users\Kevin\AppData\Roaming\Nero
2009-02-17 14:41 . 2009-02-17 14:41 <REP> d-------- c:\users\All Users\LightScribe
2009-02-17 14:41 . 2009-02-17 14:41 <REP> d-------- c:\programdata\LightScribe
2009-02-17 14:17 . 2009-02-17 14:17 4,767 --a------ c:\windows\Irremote.ini
2009-02-17 13:46 . 2009-02-17 14:03 <REP> d-------- c:\users\All Users\Nero
2009-02-17 13:46 . 2009-02-17 14:03 <REP> d-------- c:\programdata\Nero
2009-02-17 13:46 . 2009-02-17 14:15 <REP> d-------- c:\program files\Nero
2009-02-17 13:46 . 2009-02-17 14:40 <REP> d-------- c:\program files\Common Files\Nero
2009-02-16 18:39 . 2009-02-16 18:39 <REP> d-------- c:\users\Kevin\AppData\Roaming\eSobi
2009-02-15 21:56 . 2009-02-22 13:08 <REP> d-------- c:\users\Kevin\AppData\Roaming\LimeWire
2009-02-15 21:55 . 2009-02-15 21:55 <REP> d-------- c:\program files\LimeWire
2009-02-15 15:50 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-15 15:50 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-15 15:50 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-15 15:50 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-15 15:50 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-13 18:12 . 2009-02-13 18:12 <REP> d-------- c:\users\All Users\Pinnacle VideoSpin
2009-02-13 18:12 . 2009-02-13 18:12 <REP> d-------- c:\programdata\Pinnacle VideoSpin
2009-02-13 18:11 . 2009-02-13 18:11 <REP> d-------- c:\users\All Users\VideoSpin
2009-02-13 18:11 . 2009-02-13 18:11 <REP> d-------- c:\programdata\VideoSpin
2009-02-13 18:11 . 2009-02-13 18:11 <REP> d-------- c:\program files\Pinnacle
2009-02-13 18:11 . 2009-02-13 18:11 <REP> d-------- c:\program files\Common Files\Yahoo!
2009-02-13 18:08 . 2009-02-13 18:08 <REP> d-------- c:\users\All Users\Pinnacle
2009-02-13 18:08 . 2009-02-13 18:08 <REP> d-------- c:\programdata\Pinnacle
2009-02-13 17:45 . 2009-02-13 17:45 <REP> d-------- c:\program files\ffdshow
2009-02-13 17:45 . 2007-12-15 16:11 7,680 --a------ c:\windows\System32\ff_vfw.dll
2009-02-13 17:45 . 2007-01-01 00:00 547 --a------ c:\windows\System32\ff_vfw.dll.manifest
2009-02-11 09:51 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 09:51 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-10 20:23 . 2009-02-10 20:23 <REP> d-------- c:\users\All Users\WEBREG
2009-02-10 20:23 . 2009-02-10 20:23 <REP> d-------- c:\programdata\WEBREG
2009-02-10 20:20 . 2009-02-10 20:24 <REP> d-------- c:\users\Kevin\AppData\Roaming\HP
2009-02-10 20:19 . 2009-02-10 20:19 <REP> d-------- c:\users\All Users\HPSSUPPLY
2009-02-10 20:19 . 2009-02-10 20:19 <REP> d-------- c:\programdata\HPSSUPPLY
2009-02-10 20:17 . 2009-02-10 20:17 <REP> d-------- c:\program files\Hewlett-Packard
2009-02-10 20:17 . 2009-02-10 20:19 <REP> d-------- c:\program files\Common Files\HP
2009-02-10 20:17 . 2009-02-10 20:17 <REP> d-------- c:\program files\Common Files\Hewlett-Packard
2009-02-10 19:51 . 2009-02-10 20:19 <REP> d-------- c:\program files\HP
2009-02-10 19:38 . 2009-02-10 20:23 164,389 --a------ c:\windows\hpoins19.dat
2009-02-10 19:34 . 2009-02-10 20:24 <REP> d-------- c:\users\All Users\HP
2009-02-10 19:34 . 2009-02-10 20:24 <REP> d-------- c:\programdata\HP
2009-02-10 19:34 . 2006-12-16 07:19 675,840 --a------ c:\windows\System32\hpowiav1.dll
2009-02-10 19:34 . 2006-12-16 07:19 573,440 --a------ c:\windows\System32\hpotscl1.dll
2009-02-10 19:34 . 2006-12-16 07:19 303,104 --a------ c:\windows\System32\hpovst01.dll
2009-02-10 19:34 . 2006-11-20 22:36 258,048 --a------ c:\windows\System32\hpzids01.dll
2009-02-10 19:34 . 2007-03-13 20:27 26,952 --a------ c:\windows\hpomdl19.dat
2009-02-10 19:18 . 2009-02-22 11:22 <REP> d----c--- c:\windows\System32\DRVSTORE
2009-02-10 19:18 . 2009-02-10 19:18 <REP> d-------- c:\users\Kevin\AppData\Roaming\Apple Computer
2009-02-10 19:18 . 2009-02-10 19:18 <REP> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-10 19:18 . 2009-02-10 19:18 <REP> d-------- c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-10 19:18 . 2009-02-10 19:18 <REP> d-------- c:\program files\iTunes
2009-02-10 19:18 . 2009-02-10 19:18 <REP> d-------- c:\program files\iPod
2009-02-10 19:18 . 2008-04-17 13:12 107,368 --a------ c:\windows\System32\GEARAspi.dll
2009-02-10 19:18 . 2008-04-17 13:12 15,464 --a------ c:\windows\System32\drivers\GEARAspiWDM.sys
2009-02-10 19:17 . 2009-02-10 19:17 <REP> d-------- c:\program files\Bonjour
2009-02-10 19:16 . 2009-02-10 19:18 <REP> d-------- c:\users\All Users\Apple Computer
2009-02-10 19:16 . 2009-02-10 19:18 <REP> d-------- c:\programdata\Apple Computer
2009-02-10 19:16 . 2009-02-10 19:16 <REP> d-------- c:\program files\Apple Software Update
2009-02-10 19:15 . 2009-02-10 19:15 <REP> d-------- c:\users\All Users\Apple
2009-02-10 19:15 . 2009-02-10 19:15 <REP> d-------- c:\programdata\Apple
2009-02-10 19:15 . 2009-02-10 19:18 <REP> d-------- c:\program files\Common Files\Apple
2009-02-10 11:03 . 2009-02-10 11:03 <REP> d-------- c:\windows\Sun
2009-02-10 11:02 . 2009-02-10 11:02 <REP> d-------- c:\program files\Java
2009-02-10 11:02 . 2009-02-10 11:02 410,984 --a------ c:\windows\System32\deploytk.dll
2009-02-07 14:53 . 2009-02-07 14:53 <REP> d-------- c:\users\Kevin\AppData\Roaming\PIXEL-TECH
2009-02-07 14:52 . 2009-02-07 14:52 <REP> d-------- c:\users\All Users\PIXEL-TECH
2009-02-07 14:52 . 2009-02-07 14:52 <REP> d-------- c:\programdata\PIXEL-TECH
2009-02-07 14:52 . 2009-02-07 14:52 <REP> d-------- c:\program files\Pixel-Tech
2009-02-07 12:51 . 2009-02-07 12:51 <REP> d-------- c:\program files\Xilisoft
2009-02-07 12:51 . 2009-02-10 19:17 <REP> d-------- c:\program files\QuickTime
2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\System32\sirenacm.dll
2009-02-05 19:15 . 2009-02-05 19:15 <REP> d-------- c:\users\All Users\FLEXnet
2009-02-05 19:15 . 2009-02-05 19:15 <REP> d-------- c:\programdata\FLEXnet
2009-02-05 18:53 . 2009-02-05 18:53 <REP> d-------- c:\program files\Common Files\Macrovision Shared
2009-02-04 15:54 . 2009-02-04 15:54 <REP> d-------- c:\users\Kevin\AppData\Roaming\InstallShield
2009-02-04 15:54 . 2009-02-15 17:15 <REP> d-------- c:\program files\LG PC Suite 2
2009-02-04 15:47 . 2009-02-04 15:47 <REP> d-------- c:\users\Kevin\AppData\Roaming\LG Electronics
2009-02-04 15:43 . 2009-02-04 15:43 <REP> d-------- c:\program files\LG Electronics
2009-02-04 15:43 . 2007-07-11 10:45 21,632 --a------ c:\windows\System32\drivers\lgusbmodem.sys
2009-02-04 15:43 . 2007-07-11 15:51 19,840 --a------ c:\windows\System32\drivers\lgusbdiag.sys
2009-02-04 15:43 . 2007-07-11 10:40 12,416 --a------ c:\windows\System32\drivers\lgusbbus.sys
2009-02-04 11:49 . 2009-02-04 11:49 <REP> d-------- c:\program files\SiteAdvisor

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-02 11:38 --------- d-----w c:\users\Kevin\AppData\Roaming\Skype
2009-03-02 10:32 --------- d-----w c:\users\Kevin\AppData\Roaming\skypePM
2009-02-23 11:50 --------- d-----w c:\users\Kevin\AppData\Roaming\dvdcss
2009-02-22 14:15 --------- d-----w c:\programdata\Microsoft Help
2009-02-22 12:08 --------- d-----w c:\program files\eMule
2009-02-21 14:35 --------- d-----w c:\program files\McAfee
2009-02-12 15:50 --------- d-----w c:\program files\Windows Mail
2009-02-09 13:47 --------- d-----w c:\program files\PokerStars
2009-02-05 17:56 --------- d-----w c:\program files\Common Files\Adobe
2009-02-04 14:43 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-31 10:38 --------- d-----w c:\programdata\eMule
2009-01-28 10:43 --------- d-----w c:\programdata\SiteAdvisor
2009-01-27 23:22 56 ---ha-w c:\users\All Users\ezsidmv.dat
2009-01-27 23:22 56 ---ha-w c:\programdata\ezsidmv.dat
2009-01-27 23:15 --------- d-----w c:\programdata\Skype
2009-01-27 23:15 --------- d-----w c:\program files\Skype
2009-01-27 23:15 --------- d-----w c:\program files\Common Files\Skype
2009-01-27 18:29 --------- d-----w c:\programdata\McAfee
2009-01-27 13:51 --------- d-----w c:\users\Kevin\AppData\Roaming\vlc
2009-01-27 13:47 --------- d-----w c:\program files\VideoLAN
2009-01-26 23:15 --------- d-----w c:\program files\Windows Live SkyDrive
2009-01-26 23:15 --------- d-----w c:\program files\Windows Live
2009-01-26 23:15 --------- d-----w c:\program files\Microsoft
2009-01-26 23:10 --------- d-----w c:\program files\Common Files\Windows Live
2009-01-26 21:29 --------- d-----w c:\program files\MSXML 4.0
2009-01-26 21:29 --------- d-----w c:\program files\Microsoft Works
2009-01-26 18:38 --------- d-----w c:\program files\Inventel
2009-01-26 18:27 --------- d-----w c:\program files\Google
2009-01-26 18:26 --------- d-----w c:\program files\Acer
2009-01-26 18:23 --------- d-sh--w c:\programdata\Modèles
2009-01-26 18:23 --------- d-sh--w c:\programdata\Menu Démarrer
2009-01-26 18:23 --------- d-sh--w c:\programdata\Favoris
2009-01-26 18:23 --------- d-sh--w c:\programdata\Bureau
2009-01-26 18:23 --------- d-sh--w c:\program files\Fichiers communs
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 22:38 121392 --a------ c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-26 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 c:\windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-04-25 319488]
"EmpoweringTechnology"="c:\program files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-04-25 319488]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-22 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-22 92704]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-01-26 24064]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-10 148888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-19 506712]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 c:\windows\RtHDVCpl.exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= c:\progra~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM
"vidc.mjpg"= pvmjpg30.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D0C4BE1C-C5B4-4EDF-8FAE-55F438D2DD45}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{AF741220-9BB2-46BB-A55B-A7912912694D}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{D90364C1-473F-4313-B223-9241901080C1}"= c:\program files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician
"{AA766C76-F16E-4FE2-A422-7D2BC7C139D9}"= c:\program files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD
"{42C706D2-3910-46FE-98CE-7F03D2047D4F}"= c:\program files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician
"{5649A2D4-F7CA-4F7C-97E2-374C5D2FDF1C}"= c:\program files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia
"{DEDBB5C9-7C94-4700-B32A-CE4BFF5B1973}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{FB16079E-B65F-45E2-8AEC-A6FAD42159A2}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service
"{88149B78-7766-4162-8F83-D8B6FC8BC0C6}"= c:\program files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator
"{7ACC89C8-89F3-4312-9C9F-199767E21D32}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{C579C023-D32A-41D7-8B1A-6026E5BF1B7B}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4CF58E3F-F7D7-4181-89D9-EE7350074421}"= c:\program files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine
"{DD76C2F8-89EE-4986-880C-2661D4ACB58C}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{140386EE-96E0-4FEF-A02F-6FAC37BDD3A7}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{EF4F573B-DB47-4635-B3BF-FEB2070B6865}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{6A18787C-34F5-43E8-BD37-A88FF14BAB64}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{38BFF5AF-2C45-4A78-A138-33101997BA94}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{6AEEC8E4-82E8-4C7B-A265-0761020E8073}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{AD6FB202-B808-4CC7-A715-9A129CB22C4E}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{4C5DCCF2-8396-4D64-A450-35ABE8C9A84C}"= UDP:5353:Adobe CSI CS4
"{F044210C-2D79-4A79-AF6D-532333E683E9}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{0A8027E7-7813-44D0-97D8-08EAC903C1E6}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{B1369714-DF51-4B03-9929-D6B4C5B3CEDC}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{7DBAB617-E1E5-4C86-926B-A575BB51538D}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{1E3DD199-7194-40D3-B29A-267FF3F5267C}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{BC7C58DC-5A34-443A-BFAC-DCDF439A479D}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{FFE36B39-2316-43B9-B041-D7126A827789}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager
"{440FB75F-21A4-4890-B23D-E1216AD027EB}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager
"{D86446BD-6BBE-4675-B4AC-F69BCB488C87}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:PMSRegisterFile
"{BCC8D649-5329-4AFA-AE11-216E0900B4AE}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:PMSRegisterFile
"{1F7837EB-AEC9-4813-862B-3063735114BB}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\umi.exe:umi
"{81CDDA28-283F-4181-B747-6DF811BA85D1}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\umi.exe:umi
"{28FBC66B-5C02-40EE-ADFF-5449B0E2B5A6}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin
"{F807D886-12B4-4BC7-9B06-30C6D941945E}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [2009-02-22 64160]
R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [2009-02-22 28544]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-05-09 269448]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-05-09 24576]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-19 921936]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2009-01-27 203280]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-02-20 1153368]
R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\System32\drivers\netr28.sys [2008-05-08 338432]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [2008-05-08 43552]
R3 rt70x86;ASUS RT2500 USB Wireless LAN Driver;c:\windows\System32\drivers\netr70.sys [2006-12-27 245248]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-26 24064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'

2009-02-23 c:\windows\Tasks\Ad-Aware Update (Daily).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-19 15:35]

2008-05-09 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

2008-05-09 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

2009-02-17 c:\windows\Tasks\WebReg Photosmart 2600 series.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2006-12-10 21:36]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-eRecoveryService - (no file)


.
------- Examen supplémentaire -------
.
mStart Page = hxxp://fr.fr.acer.yahoo.com
LSP: %SYSTEMROOT%\system32\nvLsp.dll
FF - ProfilePath - c:\users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\gjgbdg5m.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig?hl=fr
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-02 12:48:01
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2009-03-02 12:49:07
ComboFix-quarantined-files.txt 2009-03-02 11:49:04

Avant-CF: 233 163 055 104 octets libres
Après-CF: 233,133,322,240 octets libres

312 --- E O F --- 2009-03-01 10:53:18
0
Réponse 12 / 22
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
2 mars 2009 à 13:31
si des soucis persistent avec internet explorer initialise le:

https://www.pcastuces.com/newsletter/adj/1943.htm
0
Réponse 13 / 22
Kevinvdm
2 mars 2009 à 16:41
Pour internet explorer je l'ai réinitialisé et il a l'air de bien fonctionner maintenant.
Par contre le problème de ralentissement internet, n'est toujours pas réglé, par exemple lorsque je lance internet sur une page comme www.google.fr, il met 5 minutes à charger l'image du sigle GOOGLE.
Ce matin j'ai trouvé deux trojan grace à adware..
Je ne vois vraiment pas d'où cela peut venir.
0
Réponse 14 / 22
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
2 mars 2009 à 16:56
analyse ce fichier sur virus total et colle le rapport: https://www.virustotal.com/gui/


C:\Users\Kevin\Desktop\Mes fichiers reçus\kazaa\kmd.exe

______________________
désactive le tea timer de spybot car tu as déjà windows defender qui fais une analyse en temps réel des espions


puis remets un rapport RSIt
0
Réponse 15 / 22
Kevinvdm
2 mars 2009 à 21:11
Voici le rapport sur le fichier C:\Users\Kevin\Desktop\Mes fichiers reçus\kazaa\kmd.exe

Fichier kmd.exe reçu le 2009.03.02 19:02:58 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 9/38 (23.69%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 7.
L'heure estimée de démarrage est entre 84 et 120 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.02 -
AhnLab-V3 5.0.0.2 2009.02.27 -
AntiVir 7.9.0.98 2009.03.02 -
Authentium 5.1.0.4 2009.03.02 W32/Heuristic-210!Eldorado
Avast 4.8.1335.0 2009.03.02 -
AVG 8.0.0.237 2009.03.01 -
BitDefender 7.2 2009.03.02 -
CAT-QuickHeal 10.00 2009.03.02 (Suspicious) - DNAScan
ClamAV 0.94.1 2009.03.02 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.03.02 -
eSafe 7.0.17.0 2009.03.02 Suspicious File
eTrust-Vet 31.6.6380 2009.03.02 -
F-Prot 4.4.4.56 2009.03.02 W32/Heuristic-210!Eldorado
F-Secure 8.0.14470.0 2009.03.02 W32/Packed_PeX.B
Fortinet 3.117.0.0 2009.03.02 -
GData 19 2009.03.02 -
Ikarus T3.1.1.45.0 2009.03.02 -
K7AntiVirus 7.10.654 2009.03.02 -
Kaspersky 7.0.0.125 2009.03.02 -
McAfee 5540 2009.03.01 -
McAfee+Artemis 5540 2009.03.01 -
Microsoft 1.4306 2009.03.02 -
NOD32 3901 2009.03.02 -
Norman 6.00.06 2009.03.02 W32/Packed_PeX.B
nProtect 2009.1.8.0 2009.03.02 -
Panda 10.0.0.10 2009.03.02 Suspicious file
Prevx1 V2 2009.03.02 -
Rising 21.19.02.00 2009.03.02 -
SecureWeb-Gateway 6.7.6 2009.03.02 -
Sophos 4.39.0 2009.03.02 -
Sunbelt 3.2.1858.2 2009.03.02 VIPRE.Suspicious
Symantec 10 2009.03.02 -
TheHacker 6.3.2.6.268 2009.03.01 -
TrendMicro 8.700.0.1004 2009.03.02 -
VBA32 3.12.10.1 2009.03.01 -
ViRobot 2009.3.2.1630 2009.03.02 -
VirusBuster 4.5.11.0 2009.03.02 Packed/PeX
Information additionnelle
File size: 448000 bytes
MD5...: 966b9ff1fa2961ddf07494b1b0edcfcd
SHA1..: fcc7d4f2cae984de3411aad26818880f7bfa4347
SHA256: 640151f502c3b3ee739843914e464ea119d341a5c050b7ea24802d1b2d30e865
SHA512: 7e49ae7e9db00c7a632e038fdbe57c953232db39d19a9a0cbc85150008e7b7c3
0b1e4f9baa5cee3db43c6136252b6c5a5e30d0434f9da59dff03f620e5b0687c
ssdeep: 12288:/JOxR+4x1+U/iRyKF7dqXiNwMFnqZHHVSIP:/QxRVv/iwKfRNwMqZnVJP
PEiD..: PEX v0.99
TrID..: File type identification
Win64 Executable Generic (80.9%)
Win32 Executable Generic (8.0%)
Win32 Dynamic Link Library (generic) (7.1%)
Generic Win/DOS Executable (1.8%)
DOS Executable Generic (1.8%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x95000
timedatestamp.....: 0x0 (Thu Jan 01 00:00:00 1970)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
0x1000 0x38100 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
0x3a000 0xe96e 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
0x49000 0x5c54 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
0x4f000 0x45598 0x45600 7.57 7da80c548e7ed3202ce6fe62fc0a38dd
.text 0x95000 0x27000 0x27000 8.00 8e15373ebbd9dca48cc7368a9a2ab094

( 2 imports )
> KERNEL32.DLL: GetProcAddress, LoadLibraryA, ExitProcess, VirtualAlloc, VirtualFree, VirtualProtect
> USER32.DLL: MessageBoxA

( 0 exports )
packers (Kaspersky): Pex
packers (F-Prot): Pex
packers (Authentium): Pex



Et voici le rapport RSIT



Logfile of random's system information tool 1.05 (written by random/random)
Run by Kevin at 2009-03-02 20:58:54
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 220 GB (75%) free of 296 GB
Total RAM: 2814 MB (49% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Daily).job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
C:\Windows\tasks\WebReg Photosmart 2600 series.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-11-26 324936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-10-24 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2009-01-26 2583352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll [2009-01-26 736240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-10 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2009-01-26 2583352]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-03-26 5369856]
"Acer Empowering Technology Monitor"=C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [2008-04-25 319488]
"EmpoweringTechnology"=C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [2008-04-25 319488]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-08-03 582992]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]
"PCMMediaSharing"=C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2008-01-25 204908]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-22 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-22 92704]
"eRecoveryService"= []
"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-26 24064]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-10 148888]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-01-19 506712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-21 2153472]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-26 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-03-02 12:49:08 ----A---- C:\ComboFix.txt
2009-03-02 12:45:30 ----A---- C:\Windows\zip.exe
2009-03-02 12:45:30 ----A---- C:\Windows\VFIND.exe
2009-03-02 12:45:30 ----A---- C:\Windows\SWXCACLS.exe
2009-03-02 12:45:30 ----A---- C:\Windows\SWSC.exe
2009-03-02 12:45:30 ----A---- C:\Windows\SWREG.exe
2009-03-02 12:45:30 ----A---- C:\Windows\sed.exe
2009-03-02 12:45:30 ----A---- C:\Windows\NIRCMD.exe
2009-03-02 12:45:30 ----A---- C:\Windows\grep.exe
2009-03-02 12:45:30 ----A---- C:\Windows\fdsv.exe
2009-03-02 12:45:26 ----D---- C:\Windows\ERDNT
2009-03-02 12:45:26 ----D---- C:\ComboFix
2009-03-02 12:45:25 ----A---- C:\Windows\system32\CF6222.exe
2009-03-02 12:45:15 ----D---- C:\Qoobox
2009-03-01 15:17:02 ----D---- C:\Users\Kevin\AppData\Roaming\Template
2009-02-22 23:34:12 ----D---- C:\rsit
2009-02-22 23:34:12 ----D---- C:\Program Files\trend micro
2009-02-22 20:20:50 ----D---- C:\Users\Kevin\AppData\Roaming\Malwarebytes
2009-02-22 20:20:41 ----D---- C:\ProgramData\Malwarebytes
2009-02-22 20:20:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-22 19:57:06 ----D---- C:\Program Files\Panda Security
2009-02-22 15:05:20 ----D---- C:\Program Files\a-squared Free
2009-02-22 14:38:12 ----D---- C:\Program Files\Mozilla Firefox
2009-02-22 13:07:01 ----D---- C:\Program Files\CleanUp!
2009-02-22 12:54:26 ----A---- C:\Windows\system32\o4Patch.exe
2009-02-22 12:54:26 ----A---- C:\Windows\system32\Agent.OMZ.Fix.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\WS2Fix.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\VCCLSID.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\swsc.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\SrchSTS.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\Process.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\IEDFix.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\IEDFix.C.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\dumphive.exe
2009-02-22 12:54:25 ----A---- C:\Windows\system32\404Fix.exe
2009-02-22 12:01:16 ----A---- C:\Windows\system32\lsdelete.exe
2009-02-22 11:14:22 ----HDC---- C:\ProgramData\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-02-22 11:14:17 ----D---- C:\ProgramData\Lavasoft
2009-02-22 11:14:17 ----D---- C:\Program Files\Lavasoft
2009-02-20 18:38:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-20 18:38:11 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-20 18:06:44 ----D---- C:\Users\Kevin\AppData\Roaming\GetRightToGo
2009-02-19 16:00:28 ----A---- C:\Windows\NeroDigital.ini
2009-02-17 14:41:57 ----D---- C:\ProgramData\LightScribe
2009-02-17 14:41:49 ----D---- C:\Users\Kevin\AppData\Roaming\Nero
2009-02-17 14:17:03 ----A---- C:\Windows\Irremote.ini
2009-02-17 13:46:57 ----D---- C:\Program Files\Nero
2009-02-17 13:46:10 ----D---- C:\ProgramData\Nero
2009-02-17 13:46:08 ----D---- C:\Program Files\Common Files\Nero
2009-02-17 13:45:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-02-16 18:39:54 ----D---- C:\Users\Kevin\AppData\Roaming\eSobi
2009-02-15 21:56:34 ----D---- C:\Users\Kevin\AppData\Roaming\Mozilla
2009-02-15 21:56:09 ----D---- C:\Users\Kevin\AppData\Roaming\LimeWire
2009-02-15 21:55:22 ----D---- C:\Program Files\LimeWire
2009-02-15 15:50:19 ----A---- C:\Windows\system32\EncDec.dll
2009-02-15 15:50:13 ----A---- C:\Windows\system32\psisdecd.dll
2009-02-13 18:12:55 ----D---- C:\ProgramData\Pinnacle VideoSpin
2009-02-13 18:11:29 ----D---- C:\ProgramData\VideoSpin
2009-02-13 18:11:29 ----D---- C:\Program Files\Pinnacle
2009-02-13 18:11:29 ----D---- C:\Program Files\Common Files\Yahoo!
2009-02-13 18:08:50 ----D---- C:\ProgramData\Pinnacle
2009-02-13 17:45:45 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2009-02-13 17:45:45 ----A---- C:\Windows\system32\ff_vfw.dll
2009-02-13 17:45:44 ----A---- C:\Windows\system32\pthreadGC2.dll
2009-02-13 17:45:43 ----D---- C:\Program Files\ffdshow
2009-02-11 09:51:14 ----A---- C:\Windows\system32\mshtml.dll
2009-02-11 09:51:11 ----A---- C:\Windows\system32\urlmon.dll
2009-02-11 09:51:11 ----A---- C:\Windows\system32\ieframe.dll
2009-02-11 09:51:09 ----A---- C:\Windows\system32\wininet.dll
2009-02-11 09:51:09 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-11 09:51:09 ----A---- C:\Windows\system32\iertutil.dll
2009-02-11 09:51:08 ----A---- C:\Windows\system32\mstime.dll
2009-02-11 09:51:05 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 20:23:40 ----D---- C:\ProgramData\WEBREG
2009-02-10 20:20:09 ----D---- C:\Users\Kevin\AppData\Roaming\HP
2009-02-10 20:19:24 ----D---- C:\ProgramData\HPSSUPPLY
2009-02-10 20:17:40 ----D---- C:\Program Files\Hewlett-Packard
2009-02-10 20:17:40 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-02-10 20:17:25 ----D---- C:\Program Files\Common Files\HP
2009-02-10 19:51:09 ----D---- C:\Program Files\HP
2009-02-10 19:34:16 ----D---- C:\ProgramData\HP
2009-02-10 19:34:12 ----A---- C:\Windows\system32\hpzids01.dll
2009-02-10 19:34:12 ----A---- C:\Windows\system32\hpowiav1.dll
2009-02-10 19:34:12 ----A---- C:\Windows\system32\hpovst01.dll
2009-02-10 19:34:12 ----A---- C:\Windows\system32\hpotscl1.dll
2009-02-10 19:18:34 ----D---- C:\Users\Kevin\AppData\Roaming\Apple Computer
2009-02-10 19:18:27 ----A---- C:\Windows\system32\GEARAspi.dll
2009-02-10 19:18:26 ----DC---- C:\Windows\system32\DRVSTORE
2009-02-10 19:18:10 ----D---- C:\Program Files\iPod
2009-02-10 19:18:08 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-10 19:18:08 ----D---- C:\Program Files\iTunes
2009-02-10 19:17:39 ----D---- C:\Program Files\Bonjour
2009-02-10 19:16:56 ----D---- C:\ProgramData\Apple Computer
2009-02-10 19:16:28 ----D---- C:\Program Files\Apple Software Update
2009-02-10 19:15:41 ----D---- C:\ProgramData\Apple
2009-02-10 19:15:41 ----D---- C:\Program Files\Common Files\Apple
2009-02-10 11:03:10 ----D---- C:\Windows\Sun
2009-02-10 11:02:39 ----A---- C:\Windows\system32\javaws.exe
2009-02-10 11:02:39 ----A---- C:\Windows\system32\javaw.exe
2009-02-10 11:02:39 ----A---- C:\Windows\system32\java.exe
2009-02-10 11:02:39 ----A---- C:\Windows\system32\deploytk.dll
2009-02-10 11:02:24 ----D---- C:\Program Files\Java
2009-02-07 14:53:08 ----D---- C:\Users\Kevin\AppData\Roaming\PIXEL-TECH
2009-02-07 14:52:25 ----D---- C:\ProgramData\PIXEL-TECH
2009-02-07 14:52:23 ----D---- C:\Program Files\Pixel-Tech
2009-02-07 12:51:26 ----D---- C:\Program Files\QuickTime
2009-02-07 12:51:20 ----D---- C:\Program Files\Xilisoft
2009-02-06 18:52:40 ----A---- C:\Windows\system32\sirenacm.dll
2009-02-06 12:35:56 ----A---- C:\Windows\system32\LegitCheckControl.DLL
2009-02-05 19:15:00 ----D---- C:\ProgramData\FLEXnet
2009-02-05 18:53:59 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-02-04 15:54:22 ----D---- C:\Program Files\LG PC Suite 2
2009-02-04 15:54:04 ----D---- C:\Users\Kevin\AppData\Roaming\InstallShield
2009-02-04 15:47:00 ----D---- C:\Users\Kevin\AppData\Roaming\LG Electronics
2009-02-04 15:43:15 ----D---- C:\Program Files\LG Electronics
2009-02-04 11:49:10 ----D---- C:\Program Files\SiteAdvisor

======List of files/folders modified in the last 1 months======

2009-03-03 02:46:40 ----D---- C:\Windows\system32\config
2009-03-03 02:46:37 ----D---- C:\Windows\system32\spool
2009-03-03 02:46:37 ----D---- C:\Windows\system32\Msdtc
2009-03-03 02:46:37 ----D---- C:\Windows\system32\fr-FR
2009-03-03 02:46:37 ----D---- C:\Windows\system32\CodeIntegrity
2009-03-03 02:46:37 ----D---- C:\Windows\system32\catroot2
2009-03-03 02:46:37 ----D---- C:\Windows
2009-03-03 02:46:36 ----D---- C:\Windows\system32\wbem
2009-03-03 02:46:36 ----D---- C:\Windows\registration
2009-03-03 02:46:36 ----D---- C:\ACER
2009-03-02 20:59:03 ----D---- C:\Windows\Temp
2009-03-02 20:58:54 ----D---- C:\Windows\Prefetch
2009-03-02 20:51:23 ----D---- C:\Windows\system32\Tasks
2009-03-02 20:51:22 ----D---- C:\Windows\Tasks
2009-03-02 20:48:11 ----D---- C:\Users\Kevin\AppData\Roaming\Skype
2009-03-02 18:29:21 ----SHD---- C:\System Volume Information
2009-03-02 17:52:20 ----D---- C:\Windows\System32
2009-03-02 17:52:20 ----D---- C:\Windows\inf
2009-03-02 17:52:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-03-02 16:00:41 ----D---- C:\Users\Kevin\AppData\Roaming\skypePM
2009-03-02 12:47:15 ----D---- C:\Windows\system32\drivers
2009-03-02 12:47:15 ----D---- C:\Windows\AppPatch
2009-03-02 12:47:14 ----D---- C:\Program Files\Common Files
2009-03-01 15:17:02 ----SD---- C:\Users\Kevin\AppData\Roaming\Microsoft
2009-02-23 12:50:35 ----D---- C:\Users\Kevin\AppData\Roaming\dvdcss
2009-02-22 23:34:12 ----RD---- C:\Program Files
2009-02-22 20:20:41 ----HD---- C:\ProgramData
2009-02-22 15:15:41 ----SHD---- C:\Windows\Installer
2009-02-22 15:15:34 ----D---- C:\ProgramData\Microsoft Help
2009-02-22 13:09:00 ----D---- C:\Windows\twain_32
2009-02-22 13:08:44 ----D---- C:\Program Files\eMule
2009-02-22 13:08:22 ----D---- C:\TEMP
2009-02-22 11:22:26 ----D---- C:\Windows\system32\catroot
2009-02-22 11:19:47 ----SD---- C:\Windows\Downloaded Program Files
2009-02-22 11:14:15 ----D---- C:\Windows\winsxs
2009-02-21 15:38:29 ----D---- C:\Program Files\Common Files\microsoft shared
2009-02-21 15:35:09 ----D---- C:\Program Files\McAfee
2009-02-16 20:32:31 ----D---- C:\Users\Kevin\AppData\Roaming\Adobe
2009-02-15 19:09:56 ----D---- C:\Windows\ehome
2009-02-13 18:11:41 ----RSD---- C:\Windows\Fonts
2009-02-12 16:50:49 ----D---- C:\Program Files\Windows Mail
2009-02-10 20:19:56 ----A---- C:\Windows\win.ini
2009-02-10 19:17:30 ----D---- C:\Program Files\Internet Explorer
2009-02-09 14:47:11 ----D---- C:\Program Files\PokerStars
2009-02-07 12:58:37 ----D---- C:\ProgramData\Adobe
2009-02-05 18:57:19 ----D---- C:\Program Files\Adobe
2009-02-05 18:56:16 ----D---- C:\Program Files\Common Files\Adobe
2009-02-05 18:52:24 ----D---- C:\Windows\system32\WDI
2009-02-04 15:49:31 ----SD---- C:\ProgramData\Microsoft
2009-02-04 15:43:15 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-04-25 15392]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-03-26 2103512]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr28.sys [2008-03-26 338432]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-04-22 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-22 7451040]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 rt70x86;ASUS RT2500 USB Wireless LAN Driver; C:\Windows\system32\DRIVERS\netr70.sys [2006-12-27 245248]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\Windows\system32\PCANDIS5.SYS []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-01-27 421496]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 24576]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\bin32\nSvcAppFlt.exe [2008-01-29 598016]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-19 921936]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-11-26 23880]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]R2 nSvcIp;ForceWare IP service; C:\Program Files\bin32\nSvcIp.exe [2008-01-29 163840]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-22 118784]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-05 655624]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-26 24064]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-26 138168]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

J'ai mis en gras ces 3 fichiers car je pense que le problème peut provenir de l'application "svchost.exe", en effet je me demande si c'est pas un virus car je ne sais pas comment j'ai eu cette application mais je me souviens que c'est depuis ce jour là que les problèmes ont commencé...
0
Réponse 16 / 22
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
2 mars 2009 à 21:27
les probleme datent de 1 an ? janvier 2008???


un peu de lecture

http://www.commentcamarche.net/contents/processus/svchost exe.php3


______________


télécharge OTMoveIt

http://oldtimer.geekstogo.com/OTMoveIt3.exe

(de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.




:files
C:\Users\Kevin\Desktop\Mes fichiers reçus\kazaa\kmd.exe


clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
0
Réponse 17 / 22
Kevinvdm
2 mars 2009 à 23:14
Non ça ne date pas de janvier 2008, car je ne possède cet ordinateur que depuis janvier 2009...
J'avais lu l'article que tu a mis en lien, mais c'est quand même étrange, car quand on fait une petite recherche sur le net, on a l'impression que cette applications scvhost.exe, est à l'origine ou est liée à pas mal de soucis informatiques?

Je ne sais pas si c'est lié au même problème mais je viens de m'apercevoir que mon clavier ne fonctionne pas lorsque j'utilise Word ou Excel ... Ca devient dur :)


En ce qui concerne la suppression du fichier avec OTMoveit, c'est réglé:

========== FILES ==========
C:\Users\Kevin\Desktop\Mes fichiers reçus\kazaa moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03022009_225353
0
Réponse 18 / 22
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
3 mars 2009 à 10:04
repare vista:

http://www.vista-xp.fr/forum/topic39.html
0
Réponse 19 / 22
Kevinvdm
3 mars 2009 à 16:58
Merci pour tout jlpjlp, Internet marche beaucoup mieux aujourd'hui, je ne vais pas m'enflammer, mais c'est très agréable de retrouver une vitesse convenable.
Pour la reparation de Vista, c'est assez complexe car je n'ai pas eu le DVD, j'ai un ordinateur Acer, donc j'ai un fichier Acer recovery qui s'occupe de tout ca, je vais voir comment je peux faire avec cette application...
0
Réponse 20 / 22
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
3 mars 2009 à 17:00
ok si tout es ok alors ne repare pas laisse

pour virer ce qui a été utilisé:

http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
0

Discussions similaires

Formaté mais pas de connexion Internet ?
VissErale -
VissErale -

4 réponses
FOTOSE (allemagne)
lix -
pierre -

12 réponses
35 GO à l'étranger
Laurence -
Laurence -

2 réponses
Je tiens combien de temps avec 2Go d'internet ?
champi100 -
dadout -

7 réponses
Comment consulter mon solde internet Lycamobile ?
MohandAmokraneHANDALA -
Matthews89 -

17 réponses