Infection virus heur trojan win32 generic

bonjour,
voilà mon log après 2ième passage MBAM. Posté avant redémarrage de l'ordi. Merci de m'aider

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2719
Windows 6.0.6001 Service Pack 1

01/09/2009 07:57:21
mbam-log-2009-09-01 (07-57-12).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 351066
Temps écoulé: 3 hour(s), 56 minute(s), 58 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmbricndgw (Trojan.TDSS) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmivsbhdco (Trojan.TDSS) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmymrycttv (Trojan.TDSS) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

A l'aide !!!!
C'est quoi MBAM ?
Merci

A l'aide !!
Rien n'a été résolu !! Mon PC plante pendant l'analyse anti virus et ma souris beugue !!
N'y a t il plus personne sur le forum pour m'aider ??

Ben çà a l'air d'aller.. Je n'arrive pas à ouvrir certains liens (pas beaucoup) provenant de sites commerciaux. Je ne sais pas si çà a un rapport. D'autre part, ma souris beugue beaucoup. Là aussi, çà a commencé avec mes problèmes mais je ne sais pas si çà a un rapport.
Quoi qu'il en soit, merci pour votre aide

Coucou y a quelqu'un ????
Ma souris beugue de plus en plus et je ne sais pas quoi faire..
Merci de me répondre

bonsoir,
j ai toujours des soucis. Hormis ma souris qui beugue toujours, je n'arrive pas à effectuer d analyse. Mon pc reboot au milieu de l analyse, bref
merci d avance

Bonsoir,
Voilà comme tu me l'as demandé : http://www.cijoint.fr/cjlink.php?file=cj200909/cijeb7at9U.txt
Merci

Bonjour,
J'ai fait ce que tu m'as demandé mais l'ordi a planté. Une page bleue est apparue en langue anglaise avec notamment la mention
problem detected
tblafakj.sys. Page fault in nonpaged area

Merci pour ta réponse

GMER 1.0.15.15077 [1iynbqy6.exe] - http://www.gmer.net
Rootkit scan 2009-09-03 14:30:41
Windows 6.0.6001 Service Pack 1


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x902EBE06]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x902EBF84]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x902EC014]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x902EADF8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x902EB4EA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x902EB816]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x902EAF66]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x902EB6EE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x902EA9D2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x902EB5AA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x902EAB8C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x902EB948]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x902EB64C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x902EB0C4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x902EB8B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x902EAE34]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x902EB786]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x902EC45C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x902EB9EA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x902EC214]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x902EBD74]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x902EBC3A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x902EB1F0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x902EC2C8]

---- User code sections - GMER 1.0.15 ----

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] C:\Windows\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: 32.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] USER32.dll!GetAppCompatFlags2 + 880 77896390 4 Bytes [70, 11, 32, 6D]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] kernel32.dll!FindResourceExA 77D208DD 7 Bytes JMP 28001D80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] kernel32.dll!FindResourceA 77D209A5 5 Bytes JMP 28001CF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] kernel32.dll!CreateEventA 77D34AD8 5 Bytes JMP 28001840 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] kernel32.dll!LockResource 77D37F1F 5 Bytes JMP 28001F50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] kernel32.dll!FindResourceExW 77D3813B 1 Byte [E9]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] kernel32.dll!FindResourceExW 77D3813B 7 Bytes JMP 28001C60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] kernel32.dll!LoadResource 77D38213 7 Bytes JMP 28001E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] kernel32.dll!FindResourceW 77D397C7 5 Bytes JMP 28001BE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] kernel32.dll!SizeofResource 77D397E5 7 Bytes JMP 28001EE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] ADVAPI32.dll!CryptDeriveKey 768CE6F6 7 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] ADVAPI32.dll!CryptDecrypt 768CE8D9 7 Bytes JMP 28001060 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] USER32.dll!SetWindowPlacement 778879BB 5 Bytes JMP 28005EA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] USER32.dll!SetWindowRgn 778895E2 7 Bytes JMP 28005FE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] USER32.dll!LoadImageW 7788D61D 5 Bytes JMP 28006770 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] USER32.dll!LoadIconW 7788EC94 5 Bytes JMP 28006960 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] USER32.dll!CreateWindowExW 77893D67 5 Bytes JMP 28003CF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] USER32.dll!GetWindowLongW 7789F67F 7 Bytes JMP 28006B00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] USER32.dll!PeekMessageW 7789FD9F 5 Bytes JMP 280046C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] USER32.dll!TrackPopupMenuEx 778B0F4D 5 Bytes JMP 28004FA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] USER32.dll!CreateDialogParamW 778B1C58 5 Bytes JMP 28006120 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] USER32.dll!MessageBoxIndirectW 778DD56B 5 Bytes JMP 28006310 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] WS2_32.dll!closesocket 777F330C 5 Bytes JMP 2800BB90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] WS2_32.dll!recv 777F343A 5 Bytes JMP 2800B3B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] WS2_32.dll!WSASend 777F4496 5 Bytes JMP 2800B950 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] WS2_32.dll!send 777F659B 5 Bytes JMP 2800B770 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] WS2_32.dll!WSARecv 777F8400 5 Bytes JMP 2800B550 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] SHELL32.dll!Shell_NotifyIconW 76BFC808 5 Bytes JMP 28003440 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] ole32.dll!CoRegisterClassObject 779345AC 5 Bytes JMP 28002360 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] ole32.dll!CoInitializeEx 7796B89A 5 Bytes JMP 28002260 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] ole32.dll!CoCreateInstance 7796E188 5 Bytes JMP 28002600 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] WININET.dll!InternetReadFile 7650654B 5 Bytes JMP 2800A3B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] WININET.dll!InternetCloseHandle 76509088 5 Bytes JMP 2800A560 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] WININET.dll!HttpOpenRequestA 7650D508 5 Bytes JMP 2800A220 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[292] WININET.dll!HttpSendRequestA 7651EE81 5 Bytes JMP 2800A490 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Family Safety\fsssvc.exe[1544] ADVAPI32.dll!RegOpenKeyExA 768ED4E8 5 Bytes JMP 0007F7BF C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Family Safety Service/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2468] USER32.dll!DialogBoxIndirectParamW 7788BD25 5 Bytes JMP 6BDE3C10 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2468] USER32.dll!CreateWindowExW 77893D67 5 Bytes JMP 6BCED3AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2468] USER32.dll!DialogBoxParamW 778A1FD5 5 Bytes JMP 6BC151FD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2468] USER32.dll!DialogBoxParamA 778C80B2 5 Bytes JMP 6BDE3BAD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2468] USER32.dll!DialogBoxIndirectParamA 778C83DD 5 Bytes JMP 6BDE3C73 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2468] USER32.dll!MessageBoxIndirectA 778DD471 5 Bytes JMP 6BDE3B42 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2468] USER32.dll!MessageBoxIndirectW 778DD56B 5 Bytes JMP 6BDE3AD7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2468] USER32.dll!MessageBoxExA 778DD5D1 5 Bytes JMP 6BDE3A75 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2468] USER32.dll!MessageBoxExW 778DD5F5 5 Bytes JMP 6BDE3A13 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3332] C:\Windows\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3332] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: 32.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3332] USER32.dll!GetAppCompatFlags2 + 880 77896390 4 Bytes [70, 11, 32, 6D]
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!SetWindowsHookExW 77887B69 5 Bytes JMP 6BCE9521 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!CallNextHookEx 77888C33 5 Bytes JMP 6BCDCB69 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!GetAsyncKeyState 77888DF4 5 Bytes JMP 6BC08E9F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!DialogBoxIndirectParamW 7788BD25 5 Bytes JMP 6BDE3C10 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!SendInput 7788BEE7 5 Bytes JMP 6BDE4FE3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!EndDialog 7788C178 5 Bytes JMP 6BC17BB6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!EnableWindow 7788DC79 5 Bytes JMP 6BCED5C5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!CreateWindowExW 77893D67 5 Bytes JMP 6BCED3AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!GetKeyState 778987C7 5 Bytes JMP 6BCECB73 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!IsDialogMessageW 778999AE 5 Bytes JMP 6BC1570F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!CreateDialogParamA 778A16FD 5 Bytes JMP 6BDE4820 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!IsDialogMessage 778A179A 5 Bytes JMP 6BDE4118 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!DialogBoxParamW 778A1FD5 5 Bytes JMP 6BC151FD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!CreateDialogIndirectParamA 778A27CD 5 Bytes JMP 6BDE4857 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!CreateDialogIndirectParamW 778A9AFA 5 Bytes JMP 6BDE488E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!UnhookWindowsHookEx 778B08BE 5 Bytes JMP 6BC543F6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!CreateDialogParamW 778B1C58 5 Bytes JMP 6BCED738 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!SetKeyboardState 778B1ECE 5 Bytes JMP 6BDE4487 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!DialogBoxParamA 778C80B2 5 Bytes JMP 6BDE3BAD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!DialogBoxIndirectParamA 778C83DD 5 Bytes JMP 6BDE3C73 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!MessageBoxIndirectA 778DD471 5 Bytes JMP 6BDE3B42 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!MessageBoxIndirectW 778DD56B 5 Bytes JMP 6BDE3AD7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!MessageBoxExA 778DD5D1 5 Bytes JMP 6BDE3A75 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!MessageBoxExW 778DD5F5 5 Bytes JMP 6BDE3A13 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] USER32.dll!keybd_event 778DD93C 5 Bytes JMP 6BDE5287 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] SHELL32.dll!SHRestricted + DFD 76C28390 4 Bytes [BD, 30, F8, 68]
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] SHELL32.dll!SHRestricted + E05 76C28398 8 Bytes [CA, 2F, F8, 68, 6A, 5C, F7, ...] {RETF 0xf82f; PUSH 0x68f75c6a}
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] ole32.dll!OleLoadFromStream 77939726 5 Bytes JMP 6BDE3F78 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] ole32.dll!CoCreateInstance 7796E188 5 Bytes JMP 6BCED408 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] ws2_32.dll!closesocket 777F330C 5 Bytes JMP 6608EEE9 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] ws2_32.dll!recv 777F343A 5 Bytes JMP 6608F1C3 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] ws2_32.dll!socket 777F36D1 5 Bytes JMP 6608E59E C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] ws2_32.dll!connect 777F40D9 5 Bytes JMP 6608E62A C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] ws2_32.dll!getaddrinfo 777F418A 5 Bytes JMP 6608E71D C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4192] ws2_32.dll!send 777F659B 5 Bytes JMP 6608E9ED C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74A67BA4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74AA98C5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74A6D3C8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74A5F527] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74A67599] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74A5E43D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74A9B33D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [74A6D68A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74A6012E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74A60095] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74A571F3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74AED802] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74A875E1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74A5DAE1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74A5668F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74A566BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3648] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74A61E45] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [68F68336] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [68F68336] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [68F71BE0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [68F7016F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [68F6E2DF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [68F70A88] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [68F6EF3C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [68F6A43B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [68F71E4A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [68F73C07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [68F72A8D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [68F73160] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [68F6FCD7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [68F6E956] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [68F6DD50] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [68F6FE5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [68F68336] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [68F6D5AC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [68F7FD07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [68F80675] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [68F7EC91] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [68F7F96B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [68F7F085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [68F7E719] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [68F7EEE9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [68F7016F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [68F6FCD7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [68F6E2DF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [68F68336] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [68F6FE5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [68F6E956] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [68F71BE0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [68F6EF3C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [68F73C07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [68F72DFD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [68F72A1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [68F73160] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [68F72A8D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [68F6BE6B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [68F71833] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [68F6C0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [68F71003] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [68F715DD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [68F6EE11] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [68F6BF96] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [68F71E4A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [68F6C1EF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [68F71131] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [68F6EF3C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [68F70A88] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [68F71708] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [68F70A15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [68F68336] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [68F6FCD7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [68F6A0B3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [68F6A43B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [68F6E80D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [68F6E956] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [68F6FE5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [68F6FE5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [68F70D89] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [68F6DD50] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [68F6D5AC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [68F6D455] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [68F6EF3C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [68F7016F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [68F6C1EF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [68F6E956] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [68F73160] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [68F72A8D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [68F71BE0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [68F6BF96] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [68F6C0C1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [68F6E80D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [68F72DFD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [68F72A1A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [68F73C07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [68F72499] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [68F6BE6B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [68F6FCD7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [68F68336] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [68F6FBA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [68F6FA69] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [68F7EEE9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [68F7E591] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [68F7EF3C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [68F7FB0B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [68F7EB19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [68F7E719] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [68F7EC91] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [68F80365] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [68F7F62F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [68F7F085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [68F7FD07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [68F7F96B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [68F80675] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [68F80071] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [68F801DD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [68F804ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [68F7FF07] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [68F7F7CB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [68F6D09C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [68F72A8D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [68F70D89] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [68F6D31E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [68F6DACE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [68F6DD50] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [68F6EC5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [68F6E2DF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [68F6CB9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [68F7016F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [68F6A43B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [68F70A88] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4192] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [68F73160] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.e

tu as eu mon log ?

Bonjour,
Bizzarre car il apparait dans ma conversation,
Bref j ai renommé le fichier log en txt et çà donne celà :

http://www.cijoint.fr/cjlink.php?file=cj200909/cijQZRtljD.txt

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2738
Windows 6.0.6001 Service Pack 1

04/09/2009 17:36:25
mbam-log-2009-09-04 (17-36-25).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 349227
Temps écoulé: 4 hour(s), 23 minute(s), 44 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmbricndgw (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmivsbhdco (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmymrycttv (Rootkit.TDSS) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Bonsoir,
Je fais tourner GMER mais j'ai vu qu'il y a toujours les mêmes 3 malware (hidden) qui aparaissent pendant l'analyse.

ComboFix 09-09-03.02 - MARC 04/09/2009 20:48.2.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2046.1104 [GMT 2:00]
Running from: c:\users\MARC\Desktop\ComboFix.exe
Command switches used :: log
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-08-04 to 2009-09-04 )))))))))))))))))))))))))))))))
.

2009-09-04 18:57 . 2009-09-04 18:57 -------- d-----w- c:\users\MARC\AppData\Local\temp
2009-09-04 18:57 . 2009-09-04 18:57 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-09-04 18:57 . 2009-09-04 18:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-04 16:13 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-04 16:13 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 09:40 . 2009-09-04 16:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-03 02:22 . 2009-09-03 02:22 84352 ----a-w- C:\tblafakj.sys
2009-09-02 20:54 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-02 20:54 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-02 18:16 . 2009-09-02 18:16 -------- d-----w- c:\program files\ZHPDiag
2009-09-02 16:55 . 2009-09-02 16:55 -------- d-----w- C:\NVIDIA
2009-09-01 06:55 . 2009-09-01 07:05 -------- d-----w- C:\rsit
2009-08-31 10:19 . 2009-08-31 10:19 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-08-31 10:19 . 2009-09-01 20:01 -------- d-----w- c:\users\MARC\AppData\Roaming\SUPERAntiSpyware.com
2009-08-31 10:19 . 2009-09-01 20:00 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-08-30 21:34 . 2009-08-30 21:34 -------- d-----w- c:\users\MARC\AppData\Roaming\Malwarebytes
2009-08-30 21:34 . 2009-08-30 21:34 -------- d-----w- c:\programdata\Malwarebytes
2009-08-30 20:25 . 2009-08-30 20:25 -------- d-----w- C:\_OTM
2009-08-30 07:35 . 2009-08-30 07:36 -------- d-----w- c:\users\MARC\AppData\Roaming\dvdcss
2009-08-27 11:35 . 2009-09-01 06:55 -------- d-----w- c:\program files\trend micro
2009-08-27 01:56 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-27 01:56 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-27 01:56 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-27 01:56 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-27 01:56 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-27 01:56 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-27 01:56 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-27 01:56 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-27 01:04 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-26 20:11 . 2009-08-26 22:10 -------- d-----w- C:\ToolBar SD
2009-08-26 09:37 . 2009-08-26 19:33 -------- d--h--w- C:\$AVG8.VAULT$
2009-08-26 09:24 . 2009-08-27 17:48 -------- d-----w- c:\programdata\avg8
2009-08-25 19:29 . 2009-08-25 19:29 -------- d-----w- c:\users\MARC\DoctorWeb
2009-08-19 07:36 . 2009-08-19 08:49 -------- d-----w- c:\program files\Corel
2009-08-16 21:30 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-16 21:30 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-16 21:30 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-16 21:29 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-16 21:29 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-16 21:29 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-16 21:29 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-16 21:28 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-04 18:42 . 2009-05-19 13:33 -------- d-----w- c:\programdata\Kaspersky Lab
2009-09-04 16:45 . 2009-03-29 09:28 -------- d-----w- c:\users\MARC\AppData\Roaming\uTorrent
2009-09-03 20:42 . 2007-08-23 21:02 12978 ----a-w- c:\users\MARC\AppData\Roaming\nvModes.dat
2009-09-01 20:01 . 2008-03-03 09:05 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-31 09:39 . 2006-12-10 19:02 672506 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-31 09:39 . 2006-12-10 19:02 125110 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-23 07:05 . 2009-05-19 13:22 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-08-19 08:49 . 2008-08-18 08:23 -------- d-----w- c:\programdata\Ulead Systems
2009-08-19 07:56 . 2008-08-18 08:23 -------- d-----w- c:\users\MARC\AppData\Roaming\Ulead Systems
2009-08-19 07:47 . 2006-12-02 07:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-19 07:10 . 2008-06-16 16:36 -------- d-----w- c:\program files\Sony
2009-08-17 01:13 . 2009-01-11 13:37 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-17 01:04 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-11 10:35 . 2007-04-09 23:41 485920 ----a-w- c:\windows\system32\nvuninst.exe
2009-07-25 10:15 . 2007-11-07 19:14 -------- d-----w- c:\program files\Common Files\Nero
2009-07-25 09:41 . 2007-11-07 19:14 -------- d-----w- c:\programdata\Nero
2009-07-25 07:02 . 2007-11-07 19:03 -------- d-----w- c:\program files\Nero
2009-07-24 21:23 . 2007-11-07 19:03 -------- d-----w- c:\users\MARC\AppData\Roaming\Nero
2009-07-24 21:23 . 2007-11-07 19:03 -------- d-----w- c:\program files\Common Files\Simple Star Shared
2009-07-24 18:08 . 2009-06-14 16:34 -------- d-----w- c:\users\MARC\AppData\Roaming\vlc
2009-07-21 21:52 . 2009-07-28 19:43 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 19:43 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 19:43 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 19:43 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-20 07:05 . 2009-07-20 07:05 356352 ----a-w- c:\windows\Araignée3DUninstaller.exe
2009-07-18 10:26 . 2009-07-18 10:19 -------- d-----w- c:\program files\Google
2009-07-18 10:20 . 2009-07-18 10:19 -------- d-----w- c:\programdata\Google Updater
2009-07-13 12:19 . 2009-05-24 13:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-07-13 12:13 . 2009-07-13 12:13 604140 --sha-w- c:\windows\system32\drivers\ISwift3(62).dat
2009-07-13 12:13 . 2009-07-13 12:13 604140 ----a-w- c:\windows\system32\drivers\ISwift3(40).dat
2009-07-13 12:13 . 2009-07-13 12:13 604140 ------w- c:\windows\system32\drivers\ISwift3.dat
2009-07-13 12:09 . 2009-07-13 12:09 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-13 12:09 . 2009-07-13 12:09 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-13 12:07 . 2009-07-13 12:07 -------- d-----w- c:\program files\Kaspersky Lab
2009-07-13 10:22 . 2009-06-20 19:51 -------- d-----w- c:\users\MARC\AppData\Roaming\FMZilla
2009-07-12 19:07 . 2009-01-04 11:23 -------- d-----w- c:\programdata\f-secure
2009-07-11 15:23 . 2007-08-24 00:51 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-06 07:09 . 2009-05-19 13:33 8261152 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-06 07:09 . 2009-05-19 13:33 524320 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-15 15:24 . 2009-07-15 07:07 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:20 . 2009-07-15 07:07 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-15 07:07 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:52 . 2009-07-15 07:07 289792 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-09-04_18.29.09 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-11-02 13:05 . 2009-09-04 18:28 83818 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-09-04 18:43 83818 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2007-08-23 12:07 . 2009-09-04 18:28 21722 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2230032509-3730063523-3314345870-1000_UserData.bin
+ 2007-08-23 12:07 . 2009-09-04 18:43 21722 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2230032509-3730063523-3314345870-1000_UserData.bin
+ 2007-08-23 18:53 . 2009-09-04 18:45 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-08-23 18:53 . 2009-09-04 15:53 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-08-23 18:53 . 2009-09-04 18:45 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-08-23 18:53 . 2009-09-04 15:53 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-04 18:26 . 2009-09-04 18:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-04 18:26 . 2009-09-04 18:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-04 18:26 . 2009-09-04 18:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-09-04 18:26 . 2009-09-04 18:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2007-08-23 18:53 . 2009-09-04 15:53 655360 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-08-23 18:53 . 2009-09-04 18:45 655360 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Acer Tour Reminder"="" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-14 151552]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-20 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-20 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-20 81920]
"NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-09-07 3100672]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-08-03 419088]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-09 3784704]

c:\users\MARC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-6-16 385024]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-10 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{081659FE-5F03-42E3-B488-636242C7D835}"= UDP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{2A8BAAA4-1E02-4C0A-BC8A-3882CFC56A0D}"= TCP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{C75E6919-C22E-443B-B3E3-B01DEBC9683C}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{0CAB35C8-9849-421F-9007-CED2C685A676}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{9F3D756E-B5A2-477D-ADA6-6D6D5E3DBB9D}"= c:\program files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:Rosetta Stone Version 3 Application
"{C955C15A-2E5C-45DD-B671-F3CC5DCF83B6}"= c:\program files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:Rosetta Stone Ltd Services
"{006025CC-C37B-494B-BCFB-3B9F13C1A49E}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{6A079D00-5914-45C7-B16C-39CFCD8BC951}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{1C69DC1A-F1C3-4D71-9D68-E03B581466BC}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{F961E09A-CBBE-4343-A70B-FB1146C55086}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{CC4DEA9B-B97C-402D-B02C-017ECE06F833}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [15/12/2008 20:41 33808]
R1 GRD;G DATA Rootkit Detector Driver;c:\windows\System32\drivers\GRD.sys [03/04/2009 14:56 29128]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [15/05/2009 18:50 21008]
R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [11/01/2009 15:36 55264]
R2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [04/09/2009 18:13 232720]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [16/05/2009 20:59 19472]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [04/09/2009 18:13 19096]
S2 gupdate1ca0791a68fd045;Service Google Update (gupdate1ca0791a68fd045);c:\program files\Google\Update\GoogleUpdate.exe [18/07/2009 12:22 133104]
S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\System32\drivers\WsAudioDevice_383.sys [18/06/2009 18:34 16640]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-18 10:19]

2009-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-18 10:21]

2009-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-18 10:21]

2009-09-04 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-21 11:14]

2009-09-04 c:\windows\Tasks\User_Feed_Synchronization-{F9AA5A26-145C-4972-9770-63D1DA176BAC}.job
- c:\windows\system32\msfeedssync.exe [2009-07-28 20:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.neufportail.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://fr.fr.acer.yahoo.com
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: Ajouter à l'Anti-bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-04 20:57
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2230032509-3730063523-3314345870-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e2,3c,ed,27,a9,f9,bf,ef,92,35,99,ed,6e,eb,c2,e9,83,b0,8c,d8,04,a5,f2,
f5,72,6e,5c,03,54,27,59,57,03,94,8f,83,b9,b9,af,d1,d9,78,c5,bd,8b,59,92,bd,\
"??"=hex:4e,1f,5a,92,5e,0c,80,9f,fb,2b,82,ba,8b,19,1b,fe

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(4820)
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Completion time: 2009-09-04 21:00
ComboFix-quarantined-files.txt 2009-09-04 19:00
ComboFix2.txt 2009-09-04 18:37

Pre-Run: 3 614 003 200 octets libres
Post-Run: 3 568 504 832 octets libres

254 --- E O F --- 2009-09-04 08:36

Voilà ce que tu me demandes... (avec tous mes remerciements pour le temps que tu passes à m'aider) :

ComboFix 09-09-03.02 - MARC 04/09/2009 23:14.3.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2046.1089 [GMT 2:00]
Running from: c:\users\MARC\Desktop\antitibs.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-08-04 to 2009-09-04 )))))))))))))))))))))))))))))))
.

2009-09-04 21:23 . 2009-09-04 21:23 -------- d-----w- c:\users\MARC\AppData\Local\temp
2009-09-04 21:23 . 2009-09-04 21:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-09-04 21:23 . 2009-09-04 21:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-04 16:13 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-04 16:13 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 09:40 . 2009-09-04 16:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-03 02:22 . 2009-09-03 02:22 84352 ----a-w- C:\tblafakj.sys
2009-09-02 20:54 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-02 20:54 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-02 18:16 . 2009-09-02 18:16 -------- d-----w- c:\program files\ZHPDiag
2009-09-02 16:55 . 2009-09-02 16:55 -------- d-----w- C:\NVIDIA
2009-09-01 06:55 . 2009-09-01 07:05 -------- d-----w- C:\rsit
2009-08-31 10:19 . 2009-08-31 10:19 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-08-31 10:19 . 2009-09-01 20:01 -------- d-----w- c:\users\MARC\AppData\Roaming\SUPERAntiSpyware.com
2009-08-31 10:19 . 2009-09-01 20:00 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-08-30 21:34 . 2009-08-30 21:34 -------- d-----w- c:\users\MARC\AppData\Roaming\Malwarebytes
2009-08-30 21:34 . 2009-08-30 21:34 -------- d-----w- c:\programdata\Malwarebytes
2009-08-30 20:25 . 2009-08-30 20:25 -------- d-----w- C:\_OTM
2009-08-30 07:35 . 2009-08-30 07:36 -------- d-----w- c:\users\MARC\AppData\Roaming\dvdcss
2009-08-27 11:35 . 2009-09-01 06:55 -------- d-----w- c:\program files\trend micro
2009-08-27 01:56 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-27 01:56 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-27 01:56 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-27 01:56 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-27 01:56 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-27 01:56 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-27 01:56 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-27 01:56 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-27 01:04 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-26 20:11 . 2009-08-26 22:10 -------- d-----w- C:\ToolBar SD
2009-08-26 09:37 . 2009-08-26 19:33 -------- d--h--w- C:\$AVG8.VAULT$
2009-08-26 09:24 . 2009-08-27 17:48 -------- d-----w- c:\programdata\avg8
2009-08-25 19:29 . 2009-08-25 19:29 -------- d-----w- c:\users\MARC\DoctorWeb
2009-08-19 07:36 . 2009-08-19 08:49 -------- d-----w- c:\program files\Corel
2009-08-16 21:30 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-16 21:30 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-16 21:30 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-16 21:29 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-16 21:29 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-16 21:29 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-16 21:29 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-16 21:28 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-04 19:13 . 2009-05-19 13:33 -------- d-----w- c:\programdata\Kaspersky Lab
2009-09-04 16:45 . 2009-03-29 09:28 -------- d-----w- c:\users\MARC\AppData\Roaming\uTorrent
2009-09-03 20:42 . 2007-08-23 21:02 12978 ----a-w- c:\users\MARC\AppData\Roaming\nvModes.dat
2009-09-01 20:01 . 2008-03-03 09:05 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-31 09:39 . 2006-12-10 19:02 672506 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-31 09:39 . 2006-12-10 19:02 125110 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-23 07:05 . 2009-05-19 13:22 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-08-19 08:49 . 2008-08-18 08:23 -------- d-----w- c:\programdata\Ulead Systems
2009-08-19 07:56 . 2008-08-18 08:23 -------- d-----w- c:\users\MARC\AppData\Roaming\Ulead Systems
2009-08-19 07:47 . 2006-12-02 07:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-19 07:10 . 2008-06-16 16:36 -------- d-----w- c:\program files\Sony
2009-08-17 01:13 . 2009-01-11 13:37 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-17 01:04 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-11 10:35 . 2007-04-09 23:41 485920 ----a-w- c:\windows\system32\nvuninst.exe
2009-07-25 10:15 . 2007-11-07 19:14 -------- d-----w- c:\program files\Common Files\Nero
2009-07-25 09:41 . 2007-11-07 19:14 -------- d-----w- c:\programdata\Nero
2009-07-25 07:02 . 2007-11-07 19:03 -------- d-----w- c:\program files\Nero
2009-07-24 21:23 . 2007-11-07 19:03 -------- d-----w- c:\users\MARC\AppData\Roaming\Nero
2009-07-24 21:23 . 2007-11-07 19:03 -------- d-----w- c:\program files\Common Files\Simple Star Shared
2009-07-24 18:08 . 2009-06-14 16:34 -------- d-----w- c:\users\MARC\AppData\Roaming\vlc
2009-07-21 21:52 . 2009-07-28 19:43 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 19:43 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 19:43 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 19:43 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-20 07:05 . 2009-07-20 07:05 356352 ----a-w- c:\windows\Araignée3DUninstaller.exe
2009-07-18 10:26 . 2009-07-18 10:19 -------- d-----w- c:\program files\Google
2009-07-18 10:20 . 2009-07-18 10:19 -------- d-----w- c:\programdata\Google Updater
2009-07-13 12:19 . 2009-05-24 13:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-07-13 12:13 . 2009-07-13 12:13 604140 --sha-w- c:\windows\system32\drivers\ISwift3(62).dat
2009-07-13 12:13 . 2009-07-13 12:13 604140 ----a-w- c:\windows\system32\drivers\ISwift3(40).dat
2009-07-13 12:13 . 2009-07-13 12:13 604140 ------w- c:\windows\system32\drivers\ISwift3.dat
2009-07-13 12:09 . 2009-07-13 12:09 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-13 12:09 . 2009-07-13 12:09 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-13 12:07 . 2009-07-13 12:07 -------- d-----w- c:\program files\Kaspersky Lab
2009-07-13 10:22 . 2009-06-20 19:51 -------- d-----w- c:\users\MARC\AppData\Roaming\FMZilla
2009-07-12 19:07 . 2009-01-04 11:23 -------- d-----w- c:\programdata\f-secure
2009-07-11 15:23 . 2007-08-24 00:51 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-06 07:09 . 2009-05-19 13:33 8261152 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-06 07:09 . 2009-05-19 13:33 524320 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-15 15:24 . 2009-07-15 07:07 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:20 . 2009-07-15 07:07 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-15 07:07 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:52 . 2009-07-15 07:07 289792 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-09-04_18.29.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-12-10 10:07 . 2009-09-04 19:13 80410 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-09-04 19:13 83866 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2007-08-23 12:07 . 2009-09-04 18:28 21722 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2230032509-3730063523-3314345870-1000_UserData.bin
+ 2007-08-23 12:07 . 2009-09-04 19:13 21722 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2230032509-3730063523-3314345870-1000_UserData.bin
- 2007-08-23 18:53 . 2009-09-04 15:53 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-08-23 18:53 . 2009-09-04 21:13 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-08-23 18:53 . 2009-09-04 15:53 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-08-23 18:53 . 2009-09-04 21:13 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-09-04 18:26 . 2009-09-04 18:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-09-04 19:11 . 2009-09-04 19:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-04 18:26 . 2009-09-04 18:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-09-04 19:11 . 2009-09-04 19:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2007-08-23 18:53 . 2009-09-04 21:13 655360 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-08-23 18:53 . 2009-09-04 15:53 655360 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Acer Tour Reminder"="" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-14 151552]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-20 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-20 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-20 81920]
"NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-09-07 3100672]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-08-03 419088]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-09 3784704]

c:\users\MARC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-6-16 385024]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-10 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{081659FE-5F03-42E3-B488-636242C7D835}"= UDP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{2A8BAAA4-1E02-4C0A-BC8A-3882CFC56A0D}"= TCP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{C75E6919-C22E-443B-B3E3-B01DEBC9683C}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{0CAB35C8-9849-421F-9007-CED2C685A676}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{9F3D756E-B5A2-477D-ADA6-6D6D5E3DBB9D}"= c:\program files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:Rosetta Stone Version 3 Application
"{C955C15A-2E5C-45DD-B671-F3CC5DCF83B6}"= c:\program files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:Rosetta Stone Ltd Services
"{006025CC-C37B-494B-BCFB-3B9F13C1A49E}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{6A079D00-5914-45C7-B16C-39CFCD8BC951}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{1C69DC1A-F1C3-4D71-9D68-E03B581466BC}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{F961E09A-CBBE-4343-A70B-FB1146C55086}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{CC4DEA9B-B97C-402D-B02C-017ECE06F833}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [15/12/2008 20:41 33808]
R1 GRD;G DATA Rootkit Detector Driver;c:\windows\System32\drivers\GRD.sys [03/04/2009 14:56 29128]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [15/05/2009 18:50 21008]
R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [11/01/2009 15:36 55264]
R2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [04/09/2009 18:13 232720]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [16/05/2009 20:59 19472]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [04/09/2009 18:13 19096]
S2 gupdate1ca0791a68fd045;Service Google Update (gupdate1ca0791a68fd045);c:\program files\Google\Update\GoogleUpdate.exe [18/07/2009 12:22 133104]
S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\System32\drivers\WsAudioDevice_383.sys [18/06/2009 18:34 16640]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-18 10:19]

2009-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-18 10:21]

2009-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-18 10:21]

2009-09-04 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-21 11:14]

2009-09-04 c:\windows\Tasks\User_Feed_Synchronization-{F9AA5A26-145C-4972-9770-63D1DA176BAC}.job
- c:\windows\system32\msfeedssync.exe [2009-07-28 20:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.neufportail.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://fr.fr.acer.yahoo.com
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: Ajouter à l'Anti-bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-04 23:23
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2230032509-3730063523-3314345870-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e2,3c,ed,27,a9,f9,bf,ef,92,35,99,ed,6e,eb,c2,e9,83,b0,8c,d8,04,a5,f2,
f5,72,6e,5c,03,54,27,59,57,03,94,8f,83,b9,b9,af,d1,d9,78,c5,bd,8b,59,92,bd,\
"??"=hex:4e,1f,5a,92,5e,0c,80,9f,fb,2b,82,ba,8b,19,1b,fe

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(4832)
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Completion time: 2009-09-04 23:27
ComboFix-quarantined-files.txt 2009-09-04 21:27
ComboFix2.txt 2009-09-04 19:00
ComboFix3.txt 2009-09-04 18:37

Pre-Run: 3 771 363 328 octets libres
Post-Run: 3 631 632 384 octets libres

254 --- E O F --- 2009-09-04 08:36

ComboFix 09-09-03.02 - MARC 05/09/2009 9:31.5.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2046.1166 [GMT 2:00]
Running from: c:\users\MARC\Desktop\antitibs.exe
Command switches used :: c:\users\MARC\Desktop\CFscript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"C:\tblafakj.sys"
"c:\windows\system32\drivers\kbiwkmiipferay.sys"
"c:\windows\system32\drivers\kbiwkmktnwfvpp.sys"
"c:\windows\system32\drivers\kbiwkmqveibqbx.sys"
"c:\windows\system32\kbiwkmcqamjrxg.dll"
"c:\windows\system32\kbiwkmflwjmxec.dll"
"c:\windows\system32\kbiwkmieadrtuy.dat"
"c:\windows\system32\kbiwkmisxypxnw.dat"
"c:\windows\system32\kbiwkmptrwjcpo.dll"
"c:\windows\system32\kbiwkmqwururfy.dat"
"c:\windows\system32\kbiwkmqyonqyaf.dat"
"c:\windows\system32\kbiwkmrinstyqp.dll"
"c:\windows\system32\kbiwkmtovmmqoi.dll"
"c:\windows\system32\kbiwkmwsjudvil.dat"
"c:\windows\system32\kbiwkmxpcxovew.dll"
"c:\windows\system32\kbiwkmydpakofp.dat"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\tblafakj.sys

.
((((((((((((((((((((((((( Files Created from 2009-08-05 to 2009-09-05 )))))))))))))))))))))))))))))))
.

2009-09-05 07:38 . 2009-09-05 07:40 -------- d-----w- c:\users\MARC\AppData\Local\temp
2009-09-05 07:38 . 2009-09-05 07:38 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-09-05 07:38 . 2009-09-05 07:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-04 16:13 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-04 16:13 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 09:40 . 2009-09-04 16:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-02 20:54 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-02 20:54 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-02 18:16 . 2009-09-02 18:16 -------- d-----w- c:\program files\ZHPDiag
2009-09-02 16:55 . 2009-09-02 16:55 -------- d-----w- C:\NVIDIA
2009-09-01 06:55 . 2009-09-01 07:05 -------- d-----w- C:\rsit
2009-08-31 10:19 . 2009-08-31 10:19 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-08-31 10:19 . 2009-09-01 20:01 -------- d-----w- c:\users\MARC\AppData\Roaming\SUPERAntiSpyware.com
2009-08-31 10:19 . 2009-09-01 20:00 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-08-30 21:34 . 2009-08-30 21:34 -------- d-----w- c:\users\MARC\AppData\Roaming\Malwarebytes
2009-08-30 21:34 . 2009-08-30 21:34 -------- d-----w- c:\programdata\Malwarebytes
2009-08-30 20:25 . 2009-08-30 20:25 -------- d-----w- C:\_OTM
2009-08-30 07:35 . 2009-08-30 07:36 -------- d-----w- c:\users\MARC\AppData\Roaming\dvdcss
2009-08-27 11:35 . 2009-09-01 06:55 -------- d-----w- c:\program files\trend micro
2009-08-27 01:56 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-27 01:56 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-27 01:56 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-27 01:56 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-27 01:56 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-27 01:56 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-27 01:56 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-27 01:56 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-27 01:04 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-26 20:11 . 2009-08-26 22:10 -------- d-----w- C:\ToolBar SD
2009-08-26 09:37 . 2009-08-26 19:33 -------- d--h--w- C:\$AVG8.VAULT$
2009-08-26 09:24 . 2009-08-27 17:48 -------- d-----w- c:\programdata\avg8
2009-08-25 19:29 . 2009-08-25 19:29 -------- d-----w- c:\users\MARC\DoctorWeb
2009-08-19 07:36 . 2009-08-19 08:49 -------- d-----w- c:\program files\Corel
2009-08-16 21:30 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-16 21:30 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-16 21:30 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-16 21:29 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-16 21:29 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-16 21:29 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-16 21:29 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-16 21:28 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-05 07:41 . 2009-05-19 13:33 -------- d-----w- c:\programdata\Kaspersky Lab
2009-09-05 05:27 . 2007-08-23 21:02 12978 ----a-w- c:\users\MARC\AppData\Roaming\nvModes.dat
2009-09-04 16:45 . 2009-03-29 09:28 -------- d-----w- c:\users\MARC\AppData\Roaming\uTorrent
2009-09-01 20:01 . 2008-03-03 09:05 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-31 09:39 . 2006-12-10 19:02 672506 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-31 09:39 . 2006-12-10 19:02 125110 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-23 07:05 . 2009-05-19 13:22 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-08-19 08:49 . 2008-08-18 08:23 -------- d-----w- c:\programdata\Ulead Systems
2009-08-19 07:56 . 2008-08-18 08:23 -------- d-----w- c:\users\MARC\AppData\Roaming\Ulead Systems
2009-08-19 07:47 . 2006-12-02 07:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-19 07:10 . 2008-06-16 16:36 -------- d-----w- c:\program files\Sony
2009-08-17 01:13 . 2009-01-11 13:37 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-17 01:04 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-11 10:35 . 2007-04-09 23:41 485920 ----a-w- c:\windows\system32\nvuninst.exe
2009-07-25 10:15 . 2007-11-07 19:14 -------- d-----w- c:\program files\Common Files\Nero
2009-07-25 09:41 . 2007-11-07 19:14 -------- d-----w- c:\programdata\Nero
2009-07-25 07:02 . 2007-11-07 19:03 -------- d-----w- c:\program files\Nero
2009-07-24 21:23 . 2007-11-07 19:03 -------- d-----w- c:\users\MARC\AppData\Roaming\Nero
2009-07-24 21:23 . 2007-11-07 19:03 -------- d-----w- c:\program files\Common Files\Simple Star Shared
2009-07-24 18:08 . 2009-06-14 16:34 -------- d-----w- c:\users\MARC\AppData\Roaming\vlc
2009-07-21 21:52 . 2009-07-28 19:43 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 19:43 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 19:43 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 19:43 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-20 07:05 . 2009-07-20 07:05 356352 ----a-w- c:\windows\Araignée3DUninstaller.exe
2009-07-18 10:26 . 2009-07-18 10:19 -------- d-----w- c:\program files\Google
2009-07-18 10:20 . 2009-07-18 10:19 -------- d-----w- c:\programdata\Google Updater
2009-07-13 12:19 . 2009-05-24 13:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-07-13 12:13 . 2009-07-13 12:13 604140 --sha-w- c:\windows\system32\drivers\ISwift3(62).dat
2009-07-13 12:13 . 2009-07-13 12:13 604140 ----a-w- c:\windows\system32\drivers\ISwift3(40).dat
2009-07-13 12:13 . 2009-07-13 12:13 604140 ------w- c:\windows\system32\drivers\ISwift3.dat
2009-07-13 12:09 . 2009-07-13 12:09 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-13 12:09 . 2009-07-13 12:09 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-13 12:07 . 2009-07-13 12:07 -------- d-----w- c:\program files\Kaspersky Lab
2009-07-13 10:22 . 2009-06-20 19:51 -------- d-----w- c:\users\MARC\AppData\Roaming\FMZilla
2009-07-12 19:07 . 2009-01-04 11:23 -------- d-----w- c:\programdata\f-secure
2009-07-11 15:23 . 2007-08-24 00:51 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-06 07:09 . 2009-05-19 13:33 8261152 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-06 07:09 . 2009-05-19 13:33 524320 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-15 15:24 . 2009-07-15 07:07 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:20 . 2009-07-15 07:07 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-15 07:07 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:52 . 2009-07-15 07:07 289792 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-09-04_18.29.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-12-10 10:07 . 2009-09-05 07:41 80442 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-09-05 07:41 83882 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2007-08-23 12:07 . 2009-09-05 07:41 21840 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2230032509-3730063523-3314345870-1000_UserData.bin
- 2007-08-23 18:53 . 2009-09-04 15:53 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-08-23 18:53 . 2009-09-05 07:39 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-08-23 18:53 . 2009-09-05 07:39 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-08-23 18:53 . 2009-09-04 15:53 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-05 07:39 . 2009-09-05 07:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-04 18:26 . 2009-09-04 18:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-09-05 07:39 . 2009-09-05 07:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-09-04 18:26 . 2009-09-04 18:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-05-03 07:53 . 2009-09-05 07:39 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-05-03 07:53 . 2009-09-04 15:54 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2007-08-23 18:53 . 2009-09-04 15:53 655360 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-08-23 18:53 . 2009-09-05 07:39 655360 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Acer Tour Reminder"="" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-14 151552]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-20 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-20 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-20 81920]
"NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-09-07 3100672]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-08-03 419088]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-11-09 3784704]

c:\users\MARC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-6-16 385024]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-10 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{081659FE-5F03-42E3-B488-636242C7D835}"= UDP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{2A8BAAA4-1E02-4C0A-BC8A-3882CFC56A0D}"= TCP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{C75E6919-C22E-443B-B3E3-B01DEBC9683C}"= UDP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{0CAB35C8-9849-421F-9007-CED2C685A676}"= TCP:c:\program files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{9F3D756E-B5A2-477D-ADA6-6D6D5E3DBB9D}"= c:\program files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:Rosetta Stone Version 3 Application
"{C955C15A-2E5C-45DD-B671-F3CC5DCF83B6}"= c:\program files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:Rosetta Stone Ltd Services
"{006025CC-C37B-494B-BCFB-3B9F13C1A49E}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{6A079D00-5914-45C7-B16C-39CFCD8BC951}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{1C69DC1A-F1C3-4D71-9D68-E03B581466BC}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{F961E09A-CBBE-4343-A70B-FB1146C55086}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{CC4DEA9B-B97C-402D-B02C-017ECE06F833}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [15/12/2008 20:41 33808]
R1 GRD;G DATA Rootkit Detector Driver;c:\windows\System32\drivers\GRD.sys [03/04/2009 14:56 29128]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [15/05/2009 18:50 21008]
R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [11/01/2009 15:36 55264]
R2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [04/09/2009 18:13 232720]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [16/05/2009 20:59 19472]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [04/09/2009 18:13 19096]
S2 gupdate1ca0791a68fd045;Service Google Update (gupdate1ca0791a68fd045);c:\program files\Google\Update\GoogleUpdate.exe [18/07/2009 12:22 133104]
S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\System32\drivers\WsAudioDevice_383.sys [18/06/2009 18:34 16640]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-18 10:19]

2009-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-18 10:21]

2009-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-18 10:21]

2009-09-05 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-21 11:14]

2009-09-05 c:\windows\Tasks\User_Feed_Synchronization-{F9AA5A26-145C-4972-9770-63D1DA176BAC}.job
- c:\windows\system32\msfeedssync.exe [2009-07-28 20:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.neufportail.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://fr.fr.acer.yahoo.com
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: Ajouter à l'Anti-bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-05 09:39
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2230032509-3730063523-3314345870-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e2,3c,ed,27,a9,f9,bf,ef,92,35,99,ed,6e,eb,c2,e9,83,b0,8c,d8,04,a5,f2,
f5,72,6e,5c,03,54,27,59,57,03,94,8f,83,b9,b9,af,d1,d9,78,c5,bd,8b,59,92,bd,\
"??"=hex:4e,1f,5a,92,5e,0c,80,9f,fb,2b,82,ba,8b,19,1b,fe
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1064)
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\acer\Empowering Technology\ePower\ePowerSvc.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Launch Manager\LManager.exe
c:\windows\ehome\ehmsas.exe
c:\acer\Empowering Technology\ePower\ePower_DMC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2009-09-05 9:46 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-05 07:46
ComboFix2.txt 2009-09-04 21:27
ComboFix3.txt 2009-09-04 19:00
ComboFix4.txt 2009-09-04 18:37

Pre-Run: 3 092 029 440 octets libres
Post-Run: 3 259 920 384 octets libres

296 --- E O F --- 2009-09-04 08:36