Virus bagle
chouchou0108
Messages postés
9
Statut
Membre
-
^^Marie^^ Messages postés 126523 Date d'inscription Statut Membre Dernière intervention -
^^Marie^^ Messages postés 126523 Date d'inscription Statut Membre Dernière intervention -
Bonjour à tous,
voila j'ai chopé un virus hier en téléchargant un logiciel ce matin en allumant mon PC mon anti virus avast ne pouvais plus fonctionner
je suis donc allé chercher sur le net une solution mais après avoir essayer toutes les méthodes cité sur le forum je ni arriv toujour pas je pensai donc devoir formater mon PC seulement je l'ai acheté il ya a 15 jour il s'agit d'un acer aspire 7730 zg et je n'ai aucun CD donc que doije faire je suis déséspérer !!!
voila j'ai chopé un virus hier en téléchargant un logiciel ce matin en allumant mon PC mon anti virus avast ne pouvais plus fonctionner
je suis donc allé chercher sur le net une solution mais après avoir essayer toutes les méthodes cité sur le forum je ni arriv toujour pas je pensai donc devoir formater mon PC seulement je l'ai acheté il ya a 15 jour il s'agit d'un acer aspire 7730 zg et je n'ai aucun CD donc que doije faire je suis déséspérer !!!
A voir également:
- Virus bagle
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
8 réponses
Bonjour,
"il s'agit d'un acer aspire 7730 zg et je n'ai aucun CD"
--> C'est à toi de le créer.
--> Désactive l'UAC le temps de la désinfection.
--> Télécharge FindyKill (de Chiquitine29) sur ton Bureau.
--> Lance l'installation avec les paramètres par défaut.
--> Double-clique sur le raccourci FindyKill sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci FindyKill et choisir Exécuter en tant qu'administrateur)
--> Au menu principal, choisis l'option 1 (Recherche).
--> Poste le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
"il s'agit d'un acer aspire 7730 zg et je n'ai aucun CD"
--> C'est à toi de le créer.
--> Désactive l'UAC le temps de la désinfection.
--> Télécharge FindyKill (de Chiquitine29) sur ton Bureau.
--> Lance l'installation avec les paramètres par défaut.
--> Double-clique sur le raccourci FindyKill sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci FindyKill et choisir Exécuter en tant qu'administrateur)
--> Au menu principal, choisis l'option 1 (Recherche).
--> Poste le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
Merci pour ta réponse seulement " FindyKill " ne fonctionne pas je rentre le f pour francais le 1 pour recherche et il me met acces refusé
as tu d'autre solutions ???
as tu d'autre solutions ???
J'ai tout bien suivi jai desactivé le uca et lancer le FindyKill f pour francais 1 pour recherche et toujours la meme chose je comprend pas pk mais je lavais deja fait tt a l'heure et ca me metai la meme chose
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
par contre jai lancer le combofix voila les résultats :
ComboFix 09-05-16.05 - Anaïs 17/05/2009 16:11.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.33.1036.18.3066.2101 [GMT 2:00]
Lancé depuis: c:\users\Anaïs\Desktop\Combo-Fix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-04-17 au 2009-05-17 ))))))))))))))))))))))))))))))))))))
.
2009-05-17 13:56 . 2009-05-17 13:56 -------- d-----w c:\windows\LastGood
2009-05-17 12:30 . 2009-05-17 12:33 -------- d-----w C:\FindyKill
2009-05-17 11:23 . 2009-05-17 11:23 -------- d-----w c:\program files\Common Files\PC Tools
2009-05-17 11:23 . 2009-05-17 12:56 -------- d-----w c:\program files\Spyware Doctor
2009-05-17 10:49 . 2009-05-17 11:02 -------- d-----w C:\Bases
2009-05-17 10:49 . 2009-05-17 11:01 -------- d-----w C:\Downloads
2009-05-17 10:46 . 2009-05-17 10:46 -------- d-----w C:\Kaspersky
2009-05-17 10:05 . 2009-05-17 10:05 -------- d-----w c:\program files\AxBx
2009-05-10 11:28 . 2007-04-09 11:23 28040 ----a-w c:\windows\system32\mdimon.dll
2009-05-10 11:24 . 2009-05-10 11:26 -------- d-----w c:\windows\SHELLNEW
2009-05-10 11:22 . 2009-05-10 11:22 -------- d-----w c:\program files\Microsoft.NET
2009-05-09 19:37 . 2009-05-10 14:15 -------- d-----w c:\program files\WinX DVD Player 3.0
2009-05-09 19:34 . 2009-05-09 19:34 14 ----a-w c:\windows\system32\SystemInfo32.sys
2009-05-09 19:34 . 2009-05-09 19:34 -------- d-----w c:\programdata\DVD X Studios
2009-05-09 19:34 . 2009-05-09 19:34 -------- d-----w c:\users\All Users\DVD X Studios
2009-05-08 19:35 . 2009-05-08 19:35 -------- d-----w c:\windows\system32\Adobe
2009-05-07 19:37 . 2009-05-17 09:51 -------- d-----w c:\program files\Sony Ericsson
2009-05-06 19:49 . 2009-05-06 19:49 -------- d-----w c:\program files\CCleaner
2009-05-04 19:20 . 2009-05-04 19:20 -------- d-----w c:\programdata\Estsoft
2009-05-04 19:20 . 2009-05-04 19:20 -------- d-----w c:\users\All Users\Estsoft
2009-05-04 19:19 . 2009-05-04 19:19 -------- d-----w c:\program files\ESTsoft
2009-05-04 19:08 . 2009-05-04 19:12 -------- d-----w c:\programdata\WinZip
2009-05-04 19:08 . 2009-05-04 19:12 -------- d-----w c:\users\All Users\WinZip
2009-05-04 18:47 . 2009-05-04 18:47 -------- d-----w C:\EGIS_Drive
2009-05-03 19:26 . 2009-05-03 19:26 -------- d-----w c:\program files\eMule
2009-05-03 18:05 . 2009-05-03 18:38 -------- d-----w c:\program files\Star Downloader
2009-05-03 17:59 . 2009-05-03 17:59 10 ----a-w c:\windows\popcinfo.dat
2009-05-03 17:43 . 2009-05-03 17:43 -------- d-----w c:\program files\Software Informer
2009-05-03 17:43 . 2009-05-03 18:14 -------- d-----w c:\program files\Free Download Manager
2009-05-03 17:03 . 2009-05-03 17:03 -------- d-----w c:\programdata\Azureus
2009-05-03 17:03 . 2009-05-03 17:03 -------- d-----w c:\users\All Users\Azureus
2009-05-03 16:45 . 2009-05-03 16:45 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-03 16:45 . 2009-05-03 16:45 -------- d-----w c:\program files\Java
2009-05-03 16:44 . 2009-05-03 16:51 -------- d-----w c:\program files\LimeWire
2009-05-03 09:19 . 2009-05-03 09:19 -------- d-----r c:\windows\system32\config\systemprofile\Music
2009-05-02 13:59 . 2009-05-02 13:59 -------- d-----w c:\program files\VideoLAN
2009-05-02 13:50 . 2009-05-03 19:27 -------- d-----w c:\programdata\eMule
2009-05-02 13:50 . 2009-05-03 19:27 -------- d-----w c:\users\All Users\eMule
2009-05-02 13:14 . 2009-05-02 13:14 -------- d-----w c:\program files\Opera
2009-05-02 13:13 . 2009-02-05 20:06 51792 ----a-w c:\windows\system32\drivers\aswMonFlt.sys
2009-05-02 13:13 . 2009-05-02 13:13 -------- d-----w c:\program files\Alwil Software
2009-05-02 12:20 . 2009-05-02 12:20 -------- d-----w c:\programdata\PlayFirst
2009-05-02 12:20 . 2009-05-02 12:20 -------- d-----w c:\users\All Users\PlayFirst
2009-05-02 12:10 . 2009-05-02 12:10 -------- d-----w c:\programdata\SpinTop Games
2009-05-02 12:10 . 2009-05-02 12:10 -------- d-----w c:\users\All Users\SpinTop Games
2009-05-02 10:07 . 2009-05-04 20:00 -------- d-----w c:\program files\Microsoft Silverlight
2009-05-02 10:07 . 2009-02-06 16:08 55280 ----a-w c:\windows\system32\drivers\fssfltr.sys
2009-05-02 10:07 . 2009-05-02 10:07 -------- dc----w c:\windows\system32\DRVSTORE
2009-05-02 10:05 . 2009-05-02 10:05 -------- d-----w c:\program files\Microsoft Sync Framework
2009-05-02 09:34 . 2008-06-20 01:14 97800 ----a-w c:\windows\system32\infocardapi.dll
2009-05-02 09:34 . 2008-06-20 01:14 105016 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-02 09:34 . 2008-06-20 01:14 622080 ----a-w c:\windows\system32\icardagt.exe
2009-05-02 09:34 . 2008-06-20 01:14 11264 ----a-w c:\windows\system32\icardres.dll
2009-05-02 09:34 . 2008-06-20 01:14 43544 ----a-w c:\windows\system32\PresentationHostProxy.dll
2009-05-02 09:34 . 2008-06-20 01:14 781344 ----a-w c:\windows\system32\PresentationNative_v0300.dll
2009-05-02 09:34 . 2008-06-20 01:14 326160 ----a-w c:\windows\system32\PresentationHost.exe
2009-05-02 09:26 . 2008-07-27 18:03 96760 ----a-w c:\windows\system32\dfshim.dll
2009-05-02 09:26 . 2008-07-27 18:03 282112 ----a-w c:\windows\system32\mscoree.dll
2009-05-02 09:26 . 2008-07-27 18:03 41984 ----a-w c:\windows\system32\netfxperf.dll
2009-05-02 09:26 . 2008-07-27 18:03 158720 ----a-w c:\windows\system32\mscorier.dll
2009-05-02 09:26 . 2008-07-27 18:03 83968 ----a-w c:\windows\system32\mscories.dll
2009-05-02 09:25 . 2009-03-03 04:39 551424 ----a-w c:\windows\system32\rpcss.dll
2009-05-02 09:25 . 2009-03-03 04:46 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-05-02 09:25 . 2009-03-03 04:46 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-05-02 09:25 . 2009-03-03 03:04 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-05-02 09:25 . 2009-03-03 04:39 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-05-02 09:25 . 2009-03-03 04:39 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-05-02 09:25 . 2009-03-03 04:37 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-05-02 09:25 . 2009-03-03 04:37 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-05-02 09:25 . 2009-03-03 04:37 54784 ----a-w c:\windows\system32\iasads.dll
2009-05-02 09:25 . 2009-03-03 02:38 17408 ----a-w c:\windows\system32\iashost.exe
2009-05-02 09:24 . 2008-11-27 04:43 268288 ----a-w c:\windows\system32\schannel.dll
2009-05-02 09:16 . 2007-12-16 16:57 75776 ----a-w c:\windows\system32\drivers\WSVD.sys
2009-05-02 09:13 . 2008-10-16 21:09 43544 ----a-w c:\windows\system32\wups2.dll
2009-05-02 09:13 . 2008-10-16 21:09 51224 ----a-w c:\windows\system32\wuauclt.exe
2009-05-02 09:13 . 2008-10-16 20:56 1524736 ----a-w c:\windows\system32\wucltux.dll
2009-05-02 09:13 . 2008-10-16 21:13 1809944 ----a-w c:\windows\system32\wuaueng.dll
2009-05-02 09:13 . 2008-10-16 21:08 34328 ----a-w c:\windows\system32\wups.dll
2009-05-02 09:13 . 2008-10-16 20:55 83456 ----a-w c:\windows\system32\wudriver.dll
2009-05-02 09:13 . 2008-10-16 21:12 561688 ----a-w c:\windows\system32\wuapi.dll
2009-05-02 09:13 . 2008-10-16 12:08 162064 ----a-w c:\windows\system32\wuwebv.dll
2009-05-02 09:13 . 2008-10-16 11:56 31232 ----a-w c:\windows\system32\wuapp.exe
2009-05-02 09:03 . 2009-05-17 12:56 -------- d---a-w c:\programdata\TEMP
2009-05-02 09:03 . 2009-05-17 12:56 -------- d---a-w c:\users\All Users\TEMP
2009-05-02 08:59 . 2009-05-02 08:59 -------- d-----w C:\ACERSW
2009-05-02 08:59 . 2009-05-02 09:44 -------- d-----w c:\users\All Users\Google
2009-05-02 08:57 . 2009-05-02 08:57 -------- d-----r c:\windows\system32\config\systemprofile\Contacts
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-17 13:43 . 2009-02-09 11:22 48639 ----a-w c:\users\All Users\nvModes.dat
2009-05-17 13:43 . 2009-02-09 11:22 48639 ----a-w c:\programdata\nvModes.dat
2009-05-17 13:22 . 2008-01-21 07:23 669566 ----a-w c:\windows\system32\perfh00C.dat
2009-05-17 13:22 . 2008-01-21 07:23 123556 ----a-w c:\windows\system32\perfc00C.dat
2009-05-14 05:15 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-10 11:24 . 2009-02-02 15:09 -------- d-----w c:\program files\Microsoft Works
2009-05-10 11:14 . 2009-02-02 15:20 -------- d-----w c:\program files\Microsoft
2009-05-02 13:03 . 2009-02-02 15:05 -------- d-----w c:\program files\Google
2009-05-02 12:42 . 2009-02-02 14:52 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-02 12:42 . 2009-02-02 15:59 -------- d-----w c:\program files\eSobi
2009-05-02 10:20 . 2009-05-02 10:20 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-02 10:07 . 2009-02-02 15:20 -------- d-----w c:\program files\Windows Live
2009-05-02 08:59 . 2009-02-02 15:04 -------- d-----w c:\program files\Acer
2009-05-02 08:58 . 2009-05-02 08:58 -------- d-sh--w c:\program files\Fichiers communs
2009-03-17 03:38 . 2009-05-02 09:23 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-05-02 09:23 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-03 04:40 . 2009-05-02 09:21 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:37 . 2009-05-02 09:21 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 02:28 . 2009-05-02 09:21 26624 ----a-w c:\windows\system32\ieUnatt.exe
2008-01-21 02:57 . 2006-11-02 12:48 174 --sha-w c:\program files\desktop.ini
.
((((((((((((((((((((((((((((( SnapShot@2009-05-17_12.51.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-17 13:56 . 2009-05-17 13:56 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80KOR.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80JPN.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ITA.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80FRA.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ESP.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 57344 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 65536 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80DEU.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 45056 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHT.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 40960 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHS.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 57344 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80u.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 69632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80.dll
+ 2009-05-17 13:55 . 2009-05-17 13:55 95744 c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1\ATL80.dll
+ 2009-05-07 05:40 . 2009-05-17 13:56 20095 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
+ 2008-01-21 01:58 . 2009-05-17 13:44 55152 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2009-05-17 13:44 86180 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-05-02 09:00 . 2009-05-17 13:43 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-02 09:00 . 2009-05-17 11:19 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-05-02 09:00 . 2009-05-17 13:43 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-02 09:00 . 2009-05-17 11:19 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-02 09:00 . 2009-05-17 11:19 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-02 09:00 . 2009-05-17 13:43 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 10:25 . 2009-05-17 13:56 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-05-07 19:38 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-05-07 19:38 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2009-05-17 13:56 51200 c:\windows\inf\infpub.dat
+ 2009-05-02 09:00 . 2009-05-17 13:44 7592 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-585606286-3289861126-3581687657-1000_UserData.bin
+ 2009-05-17 13:42 . 2009-05-17 13:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-05-17 13:42 . 2009-05-17 13:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2009-05-17 13:22 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-05-14 08:29 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-05-14 08:29 101250 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-05-17 13:22 101250 c:\windows\System32\perfc009.dat
- 2006-11-02 10:25 . 2009-05-07 19:38 143360 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2009-05-17 13:56 143360 c:\windows\inf\infstrng.dat
+ 2009-05-17 13:56 . 2009-05-17 13:56 1079808 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 1093632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80.dll
- 2006-11-02 10:22 . 2009-05-14 05:31 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2006-11-02 10:22 . 2009-05-17 13:56 6291456 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-05-17 14:11 . 2009-05-17 14:11 5967872 c:\windows\ERDNT\Hiv-backup\schema.dat
+ 2006-11-02 10:24 . 2009-05-06 22:16 24699336 c:\windows\System32\mrt.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 22:38 121392 ----a-w c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-02 68856]
"Software Informer"="c:\program files\Software Informer\softinfo.exe" [2009-04-23 1814597]
"eMuleAutoStart"="c:\program files\eMule\emule.exe" [2009-02-22 5668864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-23 397312]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-28 13601312]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-28 92704]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-02 821768]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-03-18 173352]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-05-17 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-03 136600]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-28 6111232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-585606286-3289861126-3581687657-1000]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D7BEA3BA-DB38-4A07-849A-28BEF2CC5C43}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{FF268D69-76B3-437C-B2BC-7F3E9FB5CED7}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{ED0C526E-F489-4050-8AC7-69B23A096053}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{F582D081-F13E-4C70-A3A5-32B9645AE68C}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{26265DBE-5860-4DEE-BF63-A1BCBD655377}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{750C0F3B-F4E8-4E88-ABFA-0AEE9BDD338E}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{0D6F5300-178B-4ADE-ACC5-B77D2B5597E0}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{9366C5A5-F66A-49D1-8AE0-EC7D810D81EB}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{9C07A94C-7D82-41B0-84A0-3EBADCBF0115}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie
"{CFEC9030-5AA8-40D9-B74B-28E104EBA8AA}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program
"{C470EECD-709F-457E-9EDD-2D8A94A291A1}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia
"{428079AB-6F85-4523-A2B0-13AA0C82E238}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{DF0A015E-3452-4887-847C-547BD0E12FEF}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{F7B02806-2857-4215-BC5E-A24D3ECC0CA1}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{79A34B3A-C722-4F36-8BEC-66D21BE789C9}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{BC812F4A-696D-4EE7-A08E-85EC0DC40249}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{4B9BBAF8-D076-44C4-B10B-35DDAED746F3}c:\\program files\\sony ericsson\\update service\\update service.exe"= UDP:c:\program files\sony ericsson\update service\update service.exe:Update Service
"UDP Query User{30C4B74F-89A6-47E0-BC71-D8B6EBFB3F5E}c:\\program files\\sony ericsson\\update service\\update service.exe"= TCP:c:\program files\sony ericsson\update service\update service.exe:Update Service
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\[u]0/u00.fcl [09/02/2009 13:05 61424]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [02/05/2009 15:13 51792]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03/03/2008 14:11 16384]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [09/02/2009 13:07 81504]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [02/02/2009 17:04 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [06/04/2008 23:42 50424]
R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [09/02/2009 13:07 122368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [04/04/2008 04:03 131072]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [14/01/2009 17:53 226656]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [28/03/2008 05:44 210432]
R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [03/02/2009 00:11 81296]
R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28/03/2007 08:51 43008]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [02/05/2009 12:07 55280]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ;c:\windows\System32\drivers\NETw5v32.sys [03/02/2009 00:11 3658752]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [02/05/2009 11:16 75776]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.yougoo.fr/meteo
mStart Page = hxxp://www.cooxer.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-17 16:16
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\[u]0/u00.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'Explorer.exe'(4604)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\System32\SysHook.dll
.
Heure de fin: 2009-05-17 16:18
ComboFix-quarantined-files.txt 2009-05-17 14:18
ComboFix2.txt 2009-05-17 12:54
Avant-CF: 77 646 462 976 octets libres
Après-CF: 74 864 476 160 octets libres
285 --- E O F --- 2009-05-17 13:40
ComboFix 09-05-16.05 - Anaïs 17/05/2009 16:11.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.33.1036.18.3066.2101 [GMT 2:00]
Lancé depuis: c:\users\Anaïs\Desktop\Combo-Fix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-04-17 au 2009-05-17 ))))))))))))))))))))))))))))))))))))
.
2009-05-17 13:56 . 2009-05-17 13:56 -------- d-----w c:\windows\LastGood
2009-05-17 12:30 . 2009-05-17 12:33 -------- d-----w C:\FindyKill
2009-05-17 11:23 . 2009-05-17 11:23 -------- d-----w c:\program files\Common Files\PC Tools
2009-05-17 11:23 . 2009-05-17 12:56 -------- d-----w c:\program files\Spyware Doctor
2009-05-17 10:49 . 2009-05-17 11:02 -------- d-----w C:\Bases
2009-05-17 10:49 . 2009-05-17 11:01 -------- d-----w C:\Downloads
2009-05-17 10:46 . 2009-05-17 10:46 -------- d-----w C:\Kaspersky
2009-05-17 10:05 . 2009-05-17 10:05 -------- d-----w c:\program files\AxBx
2009-05-10 11:28 . 2007-04-09 11:23 28040 ----a-w c:\windows\system32\mdimon.dll
2009-05-10 11:24 . 2009-05-10 11:26 -------- d-----w c:\windows\SHELLNEW
2009-05-10 11:22 . 2009-05-10 11:22 -------- d-----w c:\program files\Microsoft.NET
2009-05-09 19:37 . 2009-05-10 14:15 -------- d-----w c:\program files\WinX DVD Player 3.0
2009-05-09 19:34 . 2009-05-09 19:34 14 ----a-w c:\windows\system32\SystemInfo32.sys
2009-05-09 19:34 . 2009-05-09 19:34 -------- d-----w c:\programdata\DVD X Studios
2009-05-09 19:34 . 2009-05-09 19:34 -------- d-----w c:\users\All Users\DVD X Studios
2009-05-08 19:35 . 2009-05-08 19:35 -------- d-----w c:\windows\system32\Adobe
2009-05-07 19:37 . 2009-05-17 09:51 -------- d-----w c:\program files\Sony Ericsson
2009-05-06 19:49 . 2009-05-06 19:49 -------- d-----w c:\program files\CCleaner
2009-05-04 19:20 . 2009-05-04 19:20 -------- d-----w c:\programdata\Estsoft
2009-05-04 19:20 . 2009-05-04 19:20 -------- d-----w c:\users\All Users\Estsoft
2009-05-04 19:19 . 2009-05-04 19:19 -------- d-----w c:\program files\ESTsoft
2009-05-04 19:08 . 2009-05-04 19:12 -------- d-----w c:\programdata\WinZip
2009-05-04 19:08 . 2009-05-04 19:12 -------- d-----w c:\users\All Users\WinZip
2009-05-04 18:47 . 2009-05-04 18:47 -------- d-----w C:\EGIS_Drive
2009-05-03 19:26 . 2009-05-03 19:26 -------- d-----w c:\program files\eMule
2009-05-03 18:05 . 2009-05-03 18:38 -------- d-----w c:\program files\Star Downloader
2009-05-03 17:59 . 2009-05-03 17:59 10 ----a-w c:\windows\popcinfo.dat
2009-05-03 17:43 . 2009-05-03 17:43 -------- d-----w c:\program files\Software Informer
2009-05-03 17:43 . 2009-05-03 18:14 -------- d-----w c:\program files\Free Download Manager
2009-05-03 17:03 . 2009-05-03 17:03 -------- d-----w c:\programdata\Azureus
2009-05-03 17:03 . 2009-05-03 17:03 -------- d-----w c:\users\All Users\Azureus
2009-05-03 16:45 . 2009-05-03 16:45 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-03 16:45 . 2009-05-03 16:45 -------- d-----w c:\program files\Java
2009-05-03 16:44 . 2009-05-03 16:51 -------- d-----w c:\program files\LimeWire
2009-05-03 09:19 . 2009-05-03 09:19 -------- d-----r c:\windows\system32\config\systemprofile\Music
2009-05-02 13:59 . 2009-05-02 13:59 -------- d-----w c:\program files\VideoLAN
2009-05-02 13:50 . 2009-05-03 19:27 -------- d-----w c:\programdata\eMule
2009-05-02 13:50 . 2009-05-03 19:27 -------- d-----w c:\users\All Users\eMule
2009-05-02 13:14 . 2009-05-02 13:14 -------- d-----w c:\program files\Opera
2009-05-02 13:13 . 2009-02-05 20:06 51792 ----a-w c:\windows\system32\drivers\aswMonFlt.sys
2009-05-02 13:13 . 2009-05-02 13:13 -------- d-----w c:\program files\Alwil Software
2009-05-02 12:20 . 2009-05-02 12:20 -------- d-----w c:\programdata\PlayFirst
2009-05-02 12:20 . 2009-05-02 12:20 -------- d-----w c:\users\All Users\PlayFirst
2009-05-02 12:10 . 2009-05-02 12:10 -------- d-----w c:\programdata\SpinTop Games
2009-05-02 12:10 . 2009-05-02 12:10 -------- d-----w c:\users\All Users\SpinTop Games
2009-05-02 10:07 . 2009-05-04 20:00 -------- d-----w c:\program files\Microsoft Silverlight
2009-05-02 10:07 . 2009-02-06 16:08 55280 ----a-w c:\windows\system32\drivers\fssfltr.sys
2009-05-02 10:07 . 2009-05-02 10:07 -------- dc----w c:\windows\system32\DRVSTORE
2009-05-02 10:05 . 2009-05-02 10:05 -------- d-----w c:\program files\Microsoft Sync Framework
2009-05-02 09:34 . 2008-06-20 01:14 97800 ----a-w c:\windows\system32\infocardapi.dll
2009-05-02 09:34 . 2008-06-20 01:14 105016 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-02 09:34 . 2008-06-20 01:14 622080 ----a-w c:\windows\system32\icardagt.exe
2009-05-02 09:34 . 2008-06-20 01:14 11264 ----a-w c:\windows\system32\icardres.dll
2009-05-02 09:34 . 2008-06-20 01:14 43544 ----a-w c:\windows\system32\PresentationHostProxy.dll
2009-05-02 09:34 . 2008-06-20 01:14 781344 ----a-w c:\windows\system32\PresentationNative_v0300.dll
2009-05-02 09:34 . 2008-06-20 01:14 326160 ----a-w c:\windows\system32\PresentationHost.exe
2009-05-02 09:26 . 2008-07-27 18:03 96760 ----a-w c:\windows\system32\dfshim.dll
2009-05-02 09:26 . 2008-07-27 18:03 282112 ----a-w c:\windows\system32\mscoree.dll
2009-05-02 09:26 . 2008-07-27 18:03 41984 ----a-w c:\windows\system32\netfxperf.dll
2009-05-02 09:26 . 2008-07-27 18:03 158720 ----a-w c:\windows\system32\mscorier.dll
2009-05-02 09:26 . 2008-07-27 18:03 83968 ----a-w c:\windows\system32\mscories.dll
2009-05-02 09:25 . 2009-03-03 04:39 551424 ----a-w c:\windows\system32\rpcss.dll
2009-05-02 09:25 . 2009-03-03 04:46 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-05-02 09:25 . 2009-03-03 04:46 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-05-02 09:25 . 2009-03-03 03:04 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-05-02 09:25 . 2009-03-03 04:39 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-05-02 09:25 . 2009-03-03 04:39 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-05-02 09:25 . 2009-03-03 04:37 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-05-02 09:25 . 2009-03-03 04:37 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-05-02 09:25 . 2009-03-03 04:37 54784 ----a-w c:\windows\system32\iasads.dll
2009-05-02 09:25 . 2009-03-03 02:38 17408 ----a-w c:\windows\system32\iashost.exe
2009-05-02 09:24 . 2008-11-27 04:43 268288 ----a-w c:\windows\system32\schannel.dll
2009-05-02 09:16 . 2007-12-16 16:57 75776 ----a-w c:\windows\system32\drivers\WSVD.sys
2009-05-02 09:13 . 2008-10-16 21:09 43544 ----a-w c:\windows\system32\wups2.dll
2009-05-02 09:13 . 2008-10-16 21:09 51224 ----a-w c:\windows\system32\wuauclt.exe
2009-05-02 09:13 . 2008-10-16 20:56 1524736 ----a-w c:\windows\system32\wucltux.dll
2009-05-02 09:13 . 2008-10-16 21:13 1809944 ----a-w c:\windows\system32\wuaueng.dll
2009-05-02 09:13 . 2008-10-16 21:08 34328 ----a-w c:\windows\system32\wups.dll
2009-05-02 09:13 . 2008-10-16 20:55 83456 ----a-w c:\windows\system32\wudriver.dll
2009-05-02 09:13 . 2008-10-16 21:12 561688 ----a-w c:\windows\system32\wuapi.dll
2009-05-02 09:13 . 2008-10-16 12:08 162064 ----a-w c:\windows\system32\wuwebv.dll
2009-05-02 09:13 . 2008-10-16 11:56 31232 ----a-w c:\windows\system32\wuapp.exe
2009-05-02 09:03 . 2009-05-17 12:56 -------- d---a-w c:\programdata\TEMP
2009-05-02 09:03 . 2009-05-17 12:56 -------- d---a-w c:\users\All Users\TEMP
2009-05-02 08:59 . 2009-05-02 08:59 -------- d-----w C:\ACERSW
2009-05-02 08:59 . 2009-05-02 09:44 -------- d-----w c:\users\All Users\Google
2009-05-02 08:57 . 2009-05-02 08:57 -------- d-----r c:\windows\system32\config\systemprofile\Contacts
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-17 13:43 . 2009-02-09 11:22 48639 ----a-w c:\users\All Users\nvModes.dat
2009-05-17 13:43 . 2009-02-09 11:22 48639 ----a-w c:\programdata\nvModes.dat
2009-05-17 13:22 . 2008-01-21 07:23 669566 ----a-w c:\windows\system32\perfh00C.dat
2009-05-17 13:22 . 2008-01-21 07:23 123556 ----a-w c:\windows\system32\perfc00C.dat
2009-05-14 05:15 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-10 11:24 . 2009-02-02 15:09 -------- d-----w c:\program files\Microsoft Works
2009-05-10 11:14 . 2009-02-02 15:20 -------- d-----w c:\program files\Microsoft
2009-05-02 13:03 . 2009-02-02 15:05 -------- d-----w c:\program files\Google
2009-05-02 12:42 . 2009-02-02 14:52 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-02 12:42 . 2009-02-02 15:59 -------- d-----w c:\program files\eSobi
2009-05-02 10:20 . 2009-05-02 10:20 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-02 10:07 . 2009-02-02 15:20 -------- d-----w c:\program files\Windows Live
2009-05-02 08:59 . 2009-02-02 15:04 -------- d-----w c:\program files\Acer
2009-05-02 08:58 . 2009-05-02 08:58 -------- d-sh--w c:\program files\Fichiers communs
2009-03-17 03:38 . 2009-05-02 09:23 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-05-02 09:23 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-03 04:40 . 2009-05-02 09:21 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:37 . 2009-05-02 09:21 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 02:28 . 2009-05-02 09:21 26624 ----a-w c:\windows\system32\ieUnatt.exe
2008-01-21 02:57 . 2006-11-02 12:48 174 --sha-w c:\program files\desktop.ini
.
((((((((((((((((((((((((((((( SnapShot@2009-05-17_12.51.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-17 13:56 . 2009-05-17 13:56 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80KOR.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80JPN.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ITA.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80FRA.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ESP.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 57344 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 65536 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80DEU.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 45056 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHT.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 40960 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHS.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 57344 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80u.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 69632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80.dll
+ 2009-05-17 13:55 . 2009-05-17 13:55 95744 c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1\ATL80.dll
+ 2009-05-07 05:40 . 2009-05-17 13:56 20095 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
+ 2008-01-21 01:58 . 2009-05-17 13:44 55152 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2009-05-17 13:44 86180 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-05-02 09:00 . 2009-05-17 13:43 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-02 09:00 . 2009-05-17 11:19 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-05-02 09:00 . 2009-05-17 13:43 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-02 09:00 . 2009-05-17 11:19 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-02 09:00 . 2009-05-17 11:19 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-02 09:00 . 2009-05-17 13:43 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 10:25 . 2009-05-17 13:56 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-05-07 19:38 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-05-07 19:38 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2009-05-17 13:56 51200 c:\windows\inf\infpub.dat
+ 2009-05-02 09:00 . 2009-05-17 13:44 7592 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-585606286-3289861126-3581687657-1000_UserData.bin
+ 2009-05-17 13:42 . 2009-05-17 13:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-05-17 13:42 . 2009-05-17 13:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2009-05-17 13:22 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-05-14 08:29 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-05-14 08:29 101250 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-05-17 13:22 101250 c:\windows\System32\perfc009.dat
- 2006-11-02 10:25 . 2009-05-07 19:38 143360 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2009-05-17 13:56 143360 c:\windows\inf\infstrng.dat
+ 2009-05-17 13:56 . 2009-05-17 13:56 1079808 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll
+ 2009-05-17 13:56 . 2009-05-17 13:56 1093632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80.dll
- 2006-11-02 10:22 . 2009-05-14 05:31 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2006-11-02 10:22 . 2009-05-17 13:56 6291456 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-05-17 14:11 . 2009-05-17 14:11 5967872 c:\windows\ERDNT\Hiv-backup\schema.dat
+ 2006-11-02 10:24 . 2009-05-06 22:16 24699336 c:\windows\System32\mrt.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 22:38 121392 ----a-w c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-02 68856]
"Software Informer"="c:\program files\Software Informer\softinfo.exe" [2009-04-23 1814597]
"eMuleAutoStart"="c:\program files\eMule\emule.exe" [2009-02-22 5668864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-23 397312]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-28 13601312]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-28 92704]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-02 821768]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-03-18 173352]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-05-17 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-03 136600]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-28 6111232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-585606286-3289861126-3581687657-1000]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D7BEA3BA-DB38-4A07-849A-28BEF2CC5C43}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{FF268D69-76B3-437C-B2BC-7F3E9FB5CED7}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{ED0C526E-F489-4050-8AC7-69B23A096053}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{F582D081-F13E-4C70-A3A5-32B9645AE68C}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{26265DBE-5860-4DEE-BF63-A1BCBD655377}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{750C0F3B-F4E8-4E88-ABFA-0AEE9BDD338E}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{0D6F5300-178B-4ADE-ACC5-B77D2B5597E0}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{9366C5A5-F66A-49D1-8AE0-EC7D810D81EB}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{9C07A94C-7D82-41B0-84A0-3EBADCBF0115}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie
"{CFEC9030-5AA8-40D9-B74B-28E104EBA8AA}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program
"{C470EECD-709F-457E-9EDD-2D8A94A291A1}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia
"{428079AB-6F85-4523-A2B0-13AA0C82E238}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{DF0A015E-3452-4887-847C-547BD0E12FEF}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{F7B02806-2857-4215-BC5E-A24D3ECC0CA1}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{79A34B3A-C722-4F36-8BEC-66D21BE789C9}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{BC812F4A-696D-4EE7-A08E-85EC0DC40249}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{4B9BBAF8-D076-44C4-B10B-35DDAED746F3}c:\\program files\\sony ericsson\\update service\\update service.exe"= UDP:c:\program files\sony ericsson\update service\update service.exe:Update Service
"UDP Query User{30C4B74F-89A6-47E0-BC71-D8B6EBFB3F5E}c:\\program files\\sony ericsson\\update service\\update service.exe"= TCP:c:\program files\sony ericsson\update service\update service.exe:Update Service
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"c:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe"= c:\program files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\[u]0/u00.fcl [09/02/2009 13:05 61424]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [02/05/2009 15:13 51792]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03/03/2008 14:11 16384]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [09/02/2009 13:07 81504]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [02/02/2009 17:04 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [06/04/2008 23:42 50424]
R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [09/02/2009 13:07 122368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [04/04/2008 04:03 131072]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [14/01/2009 17:53 226656]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [28/03/2008 05:44 210432]
R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [03/02/2009 00:11 81296]
R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28/03/2007 08:51 43008]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [02/05/2009 12:07 55280]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ;c:\windows\System32\drivers\NETw5v32.sys [03/02/2009 00:11 3658752]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [02/05/2009 11:16 75776]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.yougoo.fr/meteo
mStart Page = hxxp://www.cooxer.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-17 16:16
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\[u]0/u00.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'Explorer.exe'(4604)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\System32\SysHook.dll
.
Heure de fin: 2009-05-17 16:18
ComboFix-quarantined-files.txt 2009-05-17 14:18
ComboFix2.txt 2009-05-17 12:54
Avant-CF: 77 646 462 976 octets libres
Après-CF: 74 864 476 160 octets libres
285 --- E O F --- 2009-05-17 13:40
--> Installe Antivir et mets-le à jour.
--> Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
--> Dans Antivir, choisis Outils puis Configuration.
--> Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
--> Fais un scan complet et poste le rapport.
Tutoriel sur Antivir
--> Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
--> Dans Antivir, choisis Outils puis Configuration.
--> Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
--> Fais un scan complet et poste le rapport.
Tutoriel sur Antivir
Bonjour
Juste en passant Lu Destrio ;))
je l'ai acheté il ya a 15 jour il s'agit d'un acer aspire 7730 zg et je n'ai aucun CD
Les Cd ne sont plus vendus avec las PC
Pour Acer
Démarrer
Acer Empowering techology ► suivre les instructions
++
Juste en passant Lu Destrio ;))
je l'ai acheté il ya a 15 jour il s'agit d'un acer aspire 7730 zg et je n'ai aucun CD
Les Cd ne sont plus vendus avec las PC
Pour Acer
Démarrer
Acer Empowering techology ► suivre les instructions
++
