Bloquage internet

Benji -  
dédétraqué Messages postés 4522 Statut Contributeur sécurité -
Bonjour, j'aimerais supprimer un virus qui me bloque l'accès à internet pour MSN, Explorer, Opera, Real Player, Itunes Store et j'en passe, mais Firefox marche encore. Pouvez m'aider à résoudre ce probleme svp ?
A voir également:

16 réponses

Réponse 1 / 16
dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
 
Salut Benji


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++ :)
0
Réponse 2 / 16
Benji
 
Ok merci de répondre si vite :)
Voici le rapport log :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Nadine at 2009-12-28 17:29:46
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 67 GB (29%) free of 234 GB
Total RAM: 3070 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:30:22, on 28/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Common Files\AOL\1219322728\ee\aolsoftware.exe
C:\Windows\VM_STI.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Nadine\AppData\Local\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Users\Nadine\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\iWisoft Free Video Converter\VideoConverter.exe
C:\Windows\system32\SearchFilterHost.exe
D:\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Nadine.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoBho - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Video Speedy - {E74B0A8E-68C0-4866-8288-53EFF8ECBC28} - C:\Program Files\VideoSpeedy\VSpeed.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1219322728\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxAssistant] "C:\Program Files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe" /s
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSpeedClient] C:\Program Files\VideoSpeedy\VSpeedClient.exe hide
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Nadine\AppData\Local\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [yoiiu] "c:\users\nadine\appdata\local\yoiiu.exe" yoiiu
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [ter8m] RUNDLL32.EXE C:\Windows\TEMP\msxm192z.dll,w (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ter8m] RUNDLL32.EXE C:\Windows\TEMP\msxm192z.dll,w (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\Nadine\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: TrayMin210.exe.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: mirububu.dll,pewenenu.dll,wakepule.dll,fevihife.dll,korumore.dll
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1ca25c8b489b45f) (gupdate1ca25c8b489b45f) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\Windows\wanmpsvc.exe
0
Réponse 3 / 16
Benji
 
Et le rapport info :

info.txt logfile of random's system information tool 1.06 2009-12-01 18:20:43

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}\setup.exe" -l0x40c -removeonly
Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer GameZone Console DTV 2.0.1.1-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->C:\Program Files\Common Files\Adobe\Installers\a04a925a57548091300ada368235fc6\Setup.exe
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\0812c1e9d47122aff0003d974b5b524\Setup.exe
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\0812c1e9d47122aff0003d974b5b524\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Photoshop CS3-->MsiExec.exe /I{BF794769-8875-4E01-B7BE-E00104604F4A}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Setup-->MsiExec.exe /I{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Agatha Christie Death on the Nile-->"C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\Uninstall.exe" "C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\install.log"
Alice Greenfingers-->"C:\Program Files\Acer GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files\Acer GameZone\Alice Greenfingers\install.log"
AmiFoot 6.07.03-->C:\Windows\UnDeployV.exe "C:\AmiFoot\Deploy.log"
AOL - Assistant de désinstallation-->C:\Program Files\Common Files\AOL\uninstaller.exe
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
AssaultCube v1.0-->"C:\Program Files\AssaultCube_v1.0\uninstall.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG Anti-Spyware 7.5-->C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Azada-->"C:\Program Files\Acer GameZone\Azada\Uninstall.exe" "C:\Program Files\Acer GameZone\Azada\install.log"
Backspin Billiards-->"C:\Program Files\Acer GameZone\Backspin Billiards\Uninstall.exe" "C:\Program Files\Acer GameZone\Backspin Billiards\install.log"
Beijing 2008-->"C:\Program Files\InstallShield Installation Information\{2076B142-10FA-4536-B488-3FDCBB1013D3}\setup.exe" -runfromtemp -l0x040c -removeonly
Big Kahuna Reef-->"C:\Program Files\Acer GameZone\Big Kahuna Reef\Uninstall.exe" "C:\Program Files\Acer GameZone\Big Kahuna Reef\install.log"
Bricks of Egypt-->"C:\Program Files\Acer GameZone\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Acer GameZone\Bricks of Egypt\install.log"
Cake Mania-->"C:\Program Files\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files\Acer GameZone\Cake Mania\install.log"
CamStudio 2.0 Fr-->"C:\Program Files\CamStudio\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{4677674C-59CE-41B0-AA32-44A30A9D1EEB}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Chicken Invaders 3-->"C:\Program Files\Acer GameZone\Chicken Invaders 3\Uninstall.exe" "C:\Program Files\Acer GameZone\Chicken Invaders 3\install.log"
Chuzzle-->"C:\Program Files\Acer GameZone\Chuzzle\Uninstall.exe" "C:\Program Files\Acer GameZone\Chuzzle\install.log"
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Diner Dash Flo on the Go-->"C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\Uninstall.exe" "C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\install.log"
Duke Nukem - Manhattan Project-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1}
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe
Easy CD & DVD Creator 6-->MsiExec.exe /I{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}
eoEngine 8.0-->"C:\Program Files\EoRezo\unins000.exe"
eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x040c
Favorit-->c:\users\nadine\appdata\local\bdeau.bat
FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}
Firebird SQL Server - MAGIX Edition-->C:\Program Files\MAGIX\Common\Database\unwise.exe
Football Manager 2006-->MsiExec.exe /X{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}
Football Manager 2008-->"C:\Program Files\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall Football Manager 2008.exe"
Football Manager 2009-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10540
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
GameCenter-->C:\Program Files\Cyanide\GameCenter\uninstall.exe
GeoGebra-->"C:\Program Files\GeoGebra\UninstallerData\Uninstaller.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.33\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotbar-->"C:\Program Files\Hotbar\bin\11.0.78.0\HotbarUninstaller.exe" Web
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Jewel Quest Solitaire-->"C:\Program Files\Acer GameZone\Jewel Quest Solitaire\Uninstall.exe" "C:\Program Files\Acer GameZone\Jewel Quest Solitaire\install.log"
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Kick N Rush-->"C:\Program Files\Acer GameZone\Kick N Rush\Uninstall.exe" "C:\Program Files\Acer GameZone\Kick N Rush\install.log"
K-Lite Codec Pack 5.0.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Ludi-->C:\Program Files\Ludi\uninstall.exe
MAGIX Screenshare 4.3.6.1987 (F)-->C:\Program Files\MAGIX\PCVisit\unwise.exe
Mahjong Escape Ancient China-->"C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\install.log"
Mahjongg Artifacts-->"C:\Program Files\Acer GameZone\Mahjongg Artifacts\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjongg Artifacts\install.log"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MessengerDiscovery 1.5.0800-->"C:\Program Files\MessengerDiscovery\unins000.exe"
MessengerDiscovery 2.0.48-->"C:\Program Files\MessengerDiscovery 2\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Excel 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mystery Case Files - Huntsville-->"C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\install.log"
Mystery Solitaire - Secret Island-->"C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\install.log"
NTI Backup NOW! 4.7-->C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe -runfromtemp -l0x040c
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6}
Opera 10.00-->MsiExec.exe /X{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Philips SPC210NC Webcam -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{38D95956-E92C-4473-904B-CD877EA04410}\Setup.exe" -l0x40c
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pro Cycling Manager - Season 2009 1.0.0.1-->"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2009\unins000.exe"
Pro Cycling Manager fr-->"C:\Program Files\BoontyGames\Pro Cycling Manager\unins000.exe"
Pro Evolution Soccer 2010 DEMO-->MsiExec.exe /X{1F126EDC-DA29-4D5B-80DF-735252475FEE}
Pro Evolution Soccer 2010-->MsiExec.exe /X{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Recovery for Excel-->C:\Program Files\Recovery for Excel\GLFE388.exe /handle:xr
RTC Client API v1.2-->MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A}
Samplitude Music Studio 15 Trial 15.0.1.0 (F)-->C:\Program Files\MAGIX\SamplitudeMusicStudio15_Version_a_telecharger\unwise.exe
Screen Recorder-->C:\Windows\uninst.exe -f"C:\Program Files\Screen Recorder\DeIsL1.isu" -c"C:\Program Files\Screen Recorder\_ISREG32.DLL"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
ShopperReports-->C:\Program Files\ShoppingReport\Uninst.exe
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
TmUnitedForever-->"C:\Program Files\TmUnitedForever\unins000.exe"
Turbo Pizza-->"C:\Program Files\Acer GameZone\Turbo Pizza\Uninstall.exe" "C:\Program Files\Acer GameZone\Turbo Pizza\install.log"
TVAnts 1.0-->C:\PROGRA~1\TvAnts\UNWISE.EXE C:\PROGRA~1\TvAnts\INSTALL.LOG
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Veetle TV 0.9.15-->C:\Program Files\Veetle\UninstallVeetleTV.exe
VideoSpeedy Platform-->"C:\Program Files\VideoSpeedy\unins000.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Virtua Tennis 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B63540D-D942-4C38-B42E-A48AE0145970}\setup.exe" -l0x40c -removeonly
VJOcx1.8-->"C:\Windows\system32\Nagasoft\Uninstall.exe"
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}
Zuma Deluxe-->"C:\Program Files\Acer GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Zuma Deluxe\install.log"

======Security center information======

AS: AVG Anti-Spyware (disabled) (outdated)
AS: Windows Defender

======System event log======

Computer Name: PC-de-Nadine
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 184361
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20091201145340.247797-000
Event Type: Erreur
User:

Computer Name: PC-de-Nadine
Event Code: 7000
Message: Le service int15 n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 184406
Source Name: Service Control Manager
Time Written: 20091201145420.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Nadine
Event Code: 7001
Message: Le service eSettings Service dépend du service int15 qui n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 184432
Source Name: Service Control Manager
Time Written: 20091201145420.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Nadine
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {01092755-669E-4B3C-AA2E-2AC7C83503EE}
Utilisateur : PC-de-Nadine\Nadine
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : appinitdll:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs:mirububu.dll;file:C:\Windows\system32\mirububu.dll
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 184462
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091201145651.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-Nadine
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {DA473A9F-475E-451B-AE63-111F9572442B}
Utilisateur : PC-de-Nadine\Nadine
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : regkey:HKCU@S-1-5-21-1675283552-3446301354-78725961-1000\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...;iemenuext:HKCU@S-1-5-21-1675283552-3446301354-78725961-1000\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...;file:C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 184471
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091201152731.000000-000
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: PC-de-Nadine
Event Code: 1000
Message: Application défaillante iexplore.exe, version 7.0.6001.18319, horodatage 0x4a966702, module défaillant DTToolbar.dll, version 1.0.8.552, horodatage 0x49f069d4, code d’exception 0xc000000d, décalage d’erreur 0x00074e48, ID du processus 0x171c, heure de début de l’application 0x01ca72a6809a26e7.
Record Number: 56720
Source Name: Application Error
Time Written: 20091201165305.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Nadine
Event Code: 1000
Message: Application défaillante iexplore.exe, version 7.0.6001.18319, horodatage 0x4a966702, module défaillant DTToolbar.dll, version 1.0.8.552, horodatage 0x49f069d4, code d’exception 0xc000000d, décalage d’erreur 0x00074e48, ID du processus 0x1080, heure de début de l’application 0x01ca72a6ca64fd97.
Record Number: 56723
Source Name: Application Error
Time Written: 20091201165508.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Nadine
Event Code: 1000
Message: Application défaillante iexplore.exe, version 7.0.6001.18319, horodatage 0x4a966702, module défaillant DTToolbar.dll, version 1.0.8.552, horodatage 0x49f069d4, code d’exception 0xc000000d, décalage d’erreur 0x00074e48, ID du processus 0x17dc, heure de début de l’application 0x01ca72a711e8ca77.
Record Number: 56725
Source Name: Application Error
Time Written: 20091201165708.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Nadine
Event Code: 1000
Message: Application défaillante iexplore.exe, version 7.0.6001.18319, horodatage 0x4a966702, module défaillant DTToolbar.dll, version 1.0.8.552, horodatage 0x49f069d4, code d’exception 0xc000000d, décalage d’erreur 0x00074e48, ID du processus 0xd78, heure de début de l’application 0x01ca72a7596bd407.
Record Number: 56727
Source Name: Application Error
Time Written: 20091201165907.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Nadine
Event Code: 1000
Message: Application défaillante iexplore.exe, version 7.0.6001.18319, horodatage 0x4a966702, module défaillant DTToolbar.dll, version 1.0.8.552, horodatage 0x49f069d4, code d’exception 0xc000000d, décalage d’erreur 0x00074e48, ID du processus 0xd14, heure de
0
Réponse 4 / 16
dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
 
Salut Benji


Pas jolie à voir ce rapport

Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
https://forum.pcastuces.com/default.asp


==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++ :)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
Benji
 
ComboFix 09-12-27.04 - Nadine 28/12/2009 18:01:52.1.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3070.1693 [GMT 1:00]
Lancé depuis: D:\ComboFix.exe
SP: AVG Anti-Spyware *disabled* (Outdated) {48F2E28D-ED66-4646-9C11-B3055B0AF604}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1675283552-3446301354-78725961-500
c:\program files\Hotbar
c:\program files\Hotbar\bin\11.0.78.0\arrow.ico
c:\program files\Hotbar\bin\11.0.78.0\CntntCntr.dll
c:\program files\Hotbar\bin\11.0.78.0\copyright.txt
c:\program files\Hotbar\bin\11.0.78.0\firefox\extensions\chrome.manifest
c:\program files\Hotbar\bin\11.0.78.0\firefox\extensions\components\npclntax.xpt
c:\program files\Hotbar\bin\11.0.78.0\firefox\extensions\install.rdf
c:\program files\Hotbar\bin\11.0.78.0\firefox\extensions\plugins\npclntax_HotbarSA.dll
c:\program files\Hotbar\bin\11.0.78.0\HostOL.dll
c:\program files\Hotbar\bin\11.0.78.0\HotbarSAAX.dll
c:\program files\Hotbar\bin\11.0.78.0\HotbarSADF.exe
c:\program files\Hotbar\bin\11.0.78.0\HotbarUninstaller.exe
c:\program files\Hotbar\bin\11.0.78.0\LaunchHelp.dll
c:\program files\Hotbar\bin\11.0.78.0\Srv.exe
c:\program files\Hotbar\bin\11.0.78.0\Toolbar.dll
c:\program files\Hotbar\bin\11.0.78.0\Weather.exe
c:\program files\Hotbar\bin\11.0.78.0\WeSkin.dll
c:\program files\ShoppingReport
c:\program files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
c:\program files\ShoppingReport\Uninst.exe
c:\program files\VideoSpeedy
c:\program files\VideoSpeedy\CacheDll.dll
c:\program files\VideoSpeedy\ClientShell.dll
c:\program files\VideoSpeedy\Config\Config.ini
c:\program files\VideoSpeedy\Config\VSPlayer.ini
c:\program files\VideoSpeedy\ConvertInterface.dll
c:\program files\VideoSpeedy\Diy.ini
c:\program files\VideoSpeedy\Language\cn_simple.ini
c:\program files\VideoSpeedy\Language\en.ini
c:\program files\VideoSpeedy\Logs\P2PNet_1.log
c:\program files\VideoSpeedy\P2PNet.dll
c:\program files\VideoSpeedy\Profile\config.ldb
c:\program files\VideoSpeedy\Profile\config.mdb
c:\program files\VideoSpeedy\Profile\config.tmp
c:\program files\VideoSpeedy\Rmplayer\atrc.dll
c:\program files\VideoSpeedy\Rmplayer\cook.dll
c:\program files\VideoSpeedy\Rmplayer\drvc.dll
c:\program files\VideoSpeedy\Rmplayer\pncrt.dll
c:\program files\VideoSpeedy\Rmplayer\raac.dll
c:\program files\VideoSpeedy\Rmplayer\RealMediaSplitter.ax
c:\program files\VideoSpeedy\Rmplayer\Temp\VSPlayerOCX.ocx0
c:\program files\VideoSpeedy\Rmplayer\VSImageOverlay.ax
c:\program files\VideoSpeedy\Rmplayer\VSPlayerOCX.ocx
c:\program files\VideoSpeedy\Rmplayer\VSRmPlayer.ax
c:\program files\VideoSpeedy\Rmplayer\VSTextOverlay.ax
c:\program files\VideoSpeedy\Server.ini
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang0.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang1.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang10.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang11.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang12.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang13.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang14.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang15.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang2.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang3.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang4.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang5.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang6.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang7.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang8.gif
c:\program files\VideoSpeedy\Skins\Avatar\gtouxiang9.gif
c:\program files\VideoSpeedy\Skins\VSpeedyClient\default.jpg
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\action_1.ico
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\action_2.ico
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\action_3.ico
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\action_4.ico
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\close.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\ding.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\Logo.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\mainframe.ico
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\maxsize.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\menu.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\mfdisable.ico
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\minsize.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Images\titlebar.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\logo.jpg
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\arrow.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\btns_default.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\chat_toolbar_bk.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\chat_toolbar_icon.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\close.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\close2.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\color.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\complete_toolbar.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_bk1.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_bk2.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_bottomleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_bottommid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_bottomright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_btn.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_btn_2.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_left.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_line_bottomleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_line_bottommid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_line_bottomright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_line_left.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_line_mid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_line_right.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_listbox_item.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_msg_icon.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_right.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_topleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_topmid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\dlg_topright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\edit_bk.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\history_toolbar.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\horn.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\list_state_icon.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\list_toolbar.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\listctrl_head_arrow.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\listctrl_head_bk.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\listctrl_head_splitter.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\listctrl_item.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\login_logo.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_bottomleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_bottommid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_bottomright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_head_bk.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_left.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_line_bottomleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_line_bottommid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_line_bottomright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_line_midleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_line_midmid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_line_midright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_line_topleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_line_topmid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_line_topright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_right.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_topleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_topmid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_topright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\main_user_btn.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\max.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\menu.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\menu_cn.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\menu_en.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\min.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_bottomleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_bottommid.BMP
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_bottomright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_left.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_line_left.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_line_mid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_line_right.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_player_logo.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_right.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_task_top.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_topleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_topmid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\mini_topright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\player_btn_chat.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\player_btn_close.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\player_btn_room.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\player_menu_btn.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\player_prog_icon.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_bk.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_bk_left.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_bk_mid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_bk_right.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_btn_change.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_btn_full.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_btn_menu.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_btn_mute.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_btn_play.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_btn_stop.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_slider.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\plctrl_thumb.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\restore.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\room_bk_top.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\room_icon_face.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\room_user_flag.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\scroll_bk.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\scroll_btn.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\scroll_tk.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\send_btn.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\setting_logo.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\share_toolbar.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\tab_btns.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\tab_icons.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\tabctrl_arrow.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\tabctrl_item.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\Theaters.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\toplistleft.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\toplistmid.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\toplistright.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\tree_child_item.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\tree_item_arrow.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\tree_item_icon.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\tree_parent_item.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Main\web_toolbar.bmp
c:\program files\VideoSpeedy\Skins\VSpeedyClient\Skin.ini
c:\program files\VideoSpeedy\Stream.ini
c:\program files\VideoSpeedy\StreamClient.dll
c:\program files\VideoSpeedy\StreamEngine.dll
c:\program files\VideoSpeedy\Temp\CacheDll.dll0
c:\program files\VideoSpeedy\Temp\ClientShell.dll0
c:\program files\VideoSpeedy\Temp\P2PNet.dll0
c:\program files\VideoSpeedy\Temp\StreamClient.dll0
c:\program files\VideoSpeedy\Temp\StreamEngine.dll0
c:\program files\VideoSpeedy\Temp\VSpeed.dll0
c:\program files\VideoSpeedy\Temp\VSpeedClient.exe0
c:\program files\VideoSpeedy\Temp\VSShare.dll0
c:\program files\VideoSpeedy\unins000.dat
c:\program files\VideoSpeedy\unins000.exe
c:\program files\VideoSpeedy\Update.exe
c:\program files\VideoSpeedy\Update.ini
c:\program files\VideoSpeedy\VSDownload.htm
c:\program files\VideoSpeedy\VSpeed.dll
c:\program files\VideoSpeedy\VSpeedClient.exe
c:\program files\VideoSpeedy\VSPlayer.exe
c:\program files\VideoSpeedy\VSShare.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\About Hotbar.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Customer Support Center.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Games!.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Uninstall Instructions.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Videos!.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Reset Cursor.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Hotbar\Weather.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Philips SPC210NC Webcam
c:\programdata\Microsoft\Windows\Start Menu\Programs\Philips SPC210NC Webcam \Uninstall Philips SPC210NC Webcam.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\VideoSpeedy
c:\programdata\Microsoft\Windows\Start Menu\Programs\VideoSpeedy\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\VideoSpeedy\VSpeedClient.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Conditions générales.url
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Confidentialité.url
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Désinstaller.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\WebMediaPlayer.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Website.url
c:\users\Nadine\AppData\Roaming\.#
c:\users\Nadine\AppData\Roaming\Hotbar
c:\users\Nadine\AppData\Roaming\Hotbar\Weather\history
c:\users\Nadine\AppData\Roaming\Hotbar\Weather\Weather_XML\Default
c:\users\Nadine\AppData\Roaming\Hotbar\Weather\Weather_XML\Genera1
c:\users\Nadine\AppData\Roaming\Hotbar\Weather\Weather_XML\General
c:\users\Nadine\AppData\Roaming\Hotbar\Weather\WeatherDPA\Links
c:\users\Nadine\AppData\Roaming\Hotbar\Weather\WeatherDPA\Weather_XML\Display
c:\users\Nadine\AppData\Roaming\Hotbar\Weather\WeatherDPA\Weather_XML\Loading
c:\users\Nadine\AppData\Roaming\Hotbar\Weather\WeatherDPA\Weather_XML\screen2
c:\users\Nadine\AppData\Roaming\Hotbar\Weather\WeatherDPA\WeatherPreferences
c:\users\Nadine\AppData\Roaming\Hotbar\Weather\WeatherStartup.xml
c:\windows\system32\2600,214.exe
c:\windows\system32\firupifo.dll
c:\windows\System32\korumore.dll
d:\favori~1\payloads\AdobeAIR1.0\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
d:\favori~1\payloads\AdobeAIR1.0\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
d:\favori~1\payloads\AdobeAIR1.0\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
d:\favori~1\payloads\AdobeAIR1.0\Adobe AIR\Versions\1.0\Resources\template.exe
d:\favori~1\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe
d:\favori~1\payloads\AdobeAMP-mul\Adobe AIR Installer.exe
d:\favori~1\payloads\AdobeAMP-mul\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
d:\favori~1\payloads\AdobeAMP-mul\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
d:\favori~1\payloads\AdobeAMP-mul\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
d:\favori~1\payloads\AdobeAMP-mul\Adobe AIR\Versions\1.0\Resources\template.exe
d:\favori~1\payloads\AdobeAMP-mul\AIRApplicationRunner.exe
d:\favori~1\PCM 2009\Acrobat\AdbeRdr810_en_US.exe
d:\favori~1\PCM 2009\Acrobat\AdbeRdr810_fr_FR.exe
d:\favori~1\PCM 2009\DirectX\DXSETUP.exe
d:\favori~1\PCM 2009\dotnet\dotnetfx.exe
d:\favori~1\PCM 2009\GameCenter\GameCenterSetup.exe
d:\favori~1\PCM 2009\Launcher.exe
d:\favori~1\PCM 2009\PCM.exe
d:\favori~1\PCM 2009\Setup-PCM2009.exe
d:\favori~1\PCM 2009\SKIDROW\Crack\PCM.exe
d:\favori~1\PCM 2009\SKIDROW\Patch-PCM2009-1.0.3.3.exe
d:\favori~1\PCM 2009\SKIDROW\SKIDROW.exe
d:\favori~1\PCM 2009\Specific\all\Autorun\Exe\Autorun.exe
d:\favori~1\PCM 2009\Specific\all\PCM-Protection.exe
d:\favori~1\PCM 2009\Specific\all\PCM.exe
d:\favori~1\PCM 2009\vcredist\vcredist_x86.exe
d:\favori~1\redist\WindowsInstaller-KB893803-v2-x86.exe
d:\favori~1\redist\WindowsServer2003-KB898715-ia64-enu.exe
d:\favori~1\redist\WindowsServer2003-KB898715-x64-enu.exe
d:\favori~1\redist\WindowsServer2003-KB898715-x86-enu.exe
d:\favori~1\redist\WindowsXP-KB898715-x64-enu.exe
d:\favori~1\Setup.exe
d:\favorites\payloads\AdobeAIR1.0\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
d:\favorites\payloads\AdobeAIR1.0\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
d:\favorites\payloads\AdobeAIR1.0\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
d:\favorites\payloads\AdobeAIR1.0\Adobe AIR\Versions\1.0\Resources\template.exe
d:\favorites\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe
d:\favorites\payloads\AdobeAMP-mul\Adobe AIR Installer.exe
d:\favorites\payloads\AdobeAMP-mul\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
d:\favorites\payloads\AdobeAMP-mul\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
d:\favorites\payloads\AdobeAMP-mul\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
d:\favorites\payloads\AdobeAMP-mul\Adobe AIR\Versions\1.0\Resources\template.exe
d:\favorites\payloads\AdobeAMP-mul\AIRApplicationRunner.exe
d:\favorites\PCM 2009\Acrobat\AdbeRdr810_en_US.exe
d:\favorites\PCM 2009\Acrobat\AdbeRdr810_fr_FR.exe
d:\favorites\PCM 2009\DirectX\DXSETUP.exe
d:\favorites\PCM 2009\dotnet\dotnetfx.exe
d:\favorites\PCM 2009\GameCenter\GameCenterSetup.exe
d:\favorites\PCM 2009\Launcher.exe
d:\favorites\PCM 2009\PCM.exe
d:\favorites\PCM 2009\Setup-PCM2009.exe
d:\favorites\PCM 2009\SKIDROW\Crack\PCM.exe
d:\favorites\PCM 2009\SKIDROW\Patch-PCM2009-1.0.3.3.exe
d:\favorites\PCM 2009\SKIDROW\SKIDROW.exe
d:\favorites\PCM 2009\Specific\all\Autorun\Exe\Autorun.exe
d:\favorites\PCM 2009\Specific\all\PCM-Protection.exe
d:\favorites\PCM 2009\Specific\all\PCM.exe
d:\favorites\PCM 2009\vcredist\vcredist_x86.exe
d:\favorites\redist\WindowsInstaller-KB893803-v2-x86.exe
d:\favorites\redist\WindowsServer2003-KB898715-ia64-enu.exe
d:\favorites\redist\WindowsServer2003-KB898715-x64-enu.exe
d:\favorites\redist\WindowsServer2003-KB898715-x86-enu.exe
d:\favorites\redist\WindowsXP-KB898715-x64-enu.exe
d:\favorites\Setup.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2009-11-28 au 2009-12-28 ))))))))))))))))))))))))))))))))))))
.

2009-12-27 00:42 . 2009-12-27 00:42 30784 ----a-w- c:\windows\system32\drivers\smpympyn.sys
2009-12-25 14:44 . 2009-12-25 14:44 -------- d-----w- c:\users\Nadine\AppData\Roaming\PeerNetworking
2009-12-25 11:33 . 2009-12-26 17:18 -------- d-----w- c:\users\Nadine\AppData\Local\Apple Computer
2009-12-25 11:33 . 2009-12-25 11:42 -------- d-----w- c:\users\Nadine\AppData\Roaming\Apple Computer
2009-12-25 11:33 . 2009-05-18 13:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-12-25 11:33 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-12-25 11:32 . 2009-12-25 11:32 -------- d-----w- c:\program files\iPod
2009-12-25 11:32 . 2009-12-25 11:33 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-12-25 11:32 . 2009-12-25 11:33 -------- d-----w- c:\program files\iTunes
2009-12-25 11:30 . 2009-12-25 11:31 -------- d-----w- c:\program files\QuickTime
2009-12-25 11:30 . 2009-12-25 11:32 -------- d-----w- c:\programdata\Apple Computer
2009-12-25 11:30 . 2009-12-25 11:30 -------- d-----w- c:\users\Nadine\AppData\Local\Apple
2009-12-25 11:30 . 2009-12-25 11:30 -------- d-----w- c:\program files\Apple Software Update
2009-12-25 11:28 . 2009-12-25 11:37 -------- d-----w- c:\programdata\Apple
2009-12-25 11:28 . 2009-12-25 11:32 -------- d-----w- c:\program files\Common Files\Apple
2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\program files\iWisoft Free Video Converter
2009-12-10 09:11 . 2009-11-09 13:22 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-10 09:11 . 2009-11-09 11:04 411136 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 09:11 . 2009-11-09 13:20 31232 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 11:15 . 2009-10-07 12:41 244224 ----a-w- c:\windows\system32\rastls.dll
2009-12-09 11:15 . 2009-10-07 12:41 281600 ----a-w- c:\windows\system32\raschap.dll
2009-12-08 13:53 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-12-08 13:53 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-12-08 13:53 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-12-08 13:53 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-12-08 13:53 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-12-08 13:52 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-08 13:52 . 2009-11-24 23:49 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-12-07 11:04 . 2009-12-07 11:04 -------- d-----w- c:\program files\Ask.com
2009-12-07 11:03 . 2009-12-08 12:43 -------- d-----w- c:\program files\ClamWin
2009-12-06 20:11 . 2009-12-09 11:06 -------- d-----w- c:\programdata\dekoyemu
2009-12-06 20:11 . 2009-12-06 20:11 -------- d-----w- c:\programdata\hiluguba
2009-12-06 20:11 . 2009-12-06 20:11 -------- d-----w- c:\programdata\sukogude
2009-12-06 20:11 . 2009-12-06 20:11 -------- d-----w- c:\programdata\jutabepo
2009-12-05 14:51 . 2009-12-08 13:33 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-05 14:51 . 2009-12-08 13:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-05 08:32 . 2009-12-05 18:56 -------- d-----w- c:\programdata\gosijado
2009-12-05 08:32 . 2009-12-22 19:03 -------- d-----w- c:\programdata\vosukaso
2009-12-05 08:32 . 2009-12-05 18:56 -------- d-----w- c:\programdata\rayedutu
2009-12-04 16:49 . 2009-12-04 16:49 -------- d-----w- c:\users\Nadine\PES
2009-12-01 17:20 . 2009-12-01 17:20 -------- d-----w- C:\rsit
2009-12-01 07:33 . 2002-01-01 08:04 -------- d-----w- c:\windows\nvtmpinst
2009-12-01 07:33 . 2009-12-05 18:56 -------- d-----w- c:\programdata\pozogere
2009-12-01 07:33 . 2009-12-05 18:55 -------- d-----w- c:\programdata\banupuyo

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-28 16:54 . 2008-08-21 14:28 -------- d-----w- c:\users\Nadine\AppData\Roaming\uTorrent
2009-12-28 16:18 . 2008-11-17 15:48 -------- d-----w- c:\users\Nadine\AppData\Roaming\EoRezo
2009-12-28 08:53 . 2008-09-07 19:42 2032 ----a-w- c:\users\Nadine\AppData\Local\d3d9caps.dat
2009-12-28 08:52 . 2009-02-28 13:10 -------- d-----w- c:\program files\Steam
2009-12-25 12:34 . 2008-01-21 08:40 669328 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-25 12:34 . 2008-01-21 08:40 123350 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-25 11:31 . 2009-04-16 10:27 -------- d-----w- c:\program files\Bonjour
2009-12-25 11:23 . 2009-12-25 11:23 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-12-23 20:35 . 2009-12-03 20:34 439816 ----a-w- c:\users\Nadine\AppData\Roaming\Real\Update\setup3.09\setup.exe
2009-12-15 15:25 . 2008-08-22 08:12 -------- d-----w- c:\program files\Windows Live
2009-12-14 10:06 . 2009-02-28 13:26 -------- d-----w- c:\program files\Common Files\Steam
2009-12-10 13:34 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-10 09:11 . 2008-03-21 11:14 -------- d-----w- c:\programdata\Microsoft Help
2009-12-04 10:58 . 2009-12-04 10:58 118784 ----a-w- c:\users\Nadine\AppData\Roaming\Real\Update\setup3.09\RUP\inst_config\compat.dll
2009-12-01 08:18 . 2008-03-21 11:06 -------- d-----w- c:\programdata\NVIDIA
2009-11-22 11:31 . 2008-12-15 17:18 1 ----a-w- c:\users\Nadine\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-12 16:07 . 2009-11-12 16:07 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-11 15:53 . 2008-11-16 13:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-10 15:12 . 2009-11-10 15:11 -------- d-----w- c:\programdata\MAGIX
2009-11-10 15:12 . 2009-11-10 15:10 -------- d-----w- c:\program files\MAGIX
2009-11-08 16:33 . 2009-03-13 11:21 -------- d-----w- c:\program files\VSCache
2009-11-03 17:03 . 2009-07-30 19:13 -------- d-----w- c:\programdata\TrackMania
2009-11-02 19:42 . 2009-10-03 08:29 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-31 15:00 . 2009-10-31 14:58 -------- d-----w- c:\program files\GeoGebra
2009-10-30 11:54 . 2009-10-30 11:54 -------- d-----w- c:\programdata\KONAMI
2009-10-30 11:54 . 2009-09-19 16:50 -------- d-----w- c:\program files\KONAMI
2009-10-29 19:24 . 2009-10-29 19:19 -------- d-----w- c:\users\Nadine\AppData\Roaming\DAEMON Tools Lite
2009-10-29 19:24 . 2009-10-29 19:24 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-10-29 19:24 . 2009-10-29 19:24 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-10-29 19:24 . 2009-10-29 19:24 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-10-29 19:19 . 2009-10-29 19:19 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-29 09:41 . 2009-11-26 10:14 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-27 13:20 . 2009-12-09 11:16 833024 ----a-w- c:\windows\system32\wininet.dll
2009-10-27 13:16 . 2009-12-09 11:16 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-27 10:55 . 2009-12-09 11:16 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-10-17 13:25 . 2009-10-17 13:25 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-09-29 19:57 . 2009-08-25 21:49 758018 ----a-w- c:\windows\system32\xvidcore.dll
2006-05-03 10:06 . 2009-01-28 10:37 163328 --sh--r- c:\windows\System32\flvDX.dll
2009-09-04 17:00 . 2009-09-04 17:00 3 --sha-w- c:\windows\System32\huzitala.dll
2009-09-22 09:28 . 2009-09-22 09:28 3 --sha-w- c:\windows\System32\jisagade.dll
2009-09-22 09:28 . 2009-09-22 09:28 3 --sha-w- c:\windows\System32\mafaguzu.dll
2007-02-21 11:47 . 2009-01-28 10:37 31232 --sh--r- c:\windows\System32\msfDX.dll
2009-09-08 09:32 . 2009-09-08 09:32 3 --sha-w- c:\windows\System32\mulivusi.dll
2008-03-16 13:30 . 2009-01-28 10:37 216064 --sh--r- c:\windows\System32\nbDX.dll
2009-09-24 12:00 . 2009-09-24 12:00 51712 --sha-w- c:\windows\System32\rakowiti.dll
2009-09-06 19:11 . 2009-09-06 19:11 3 --sha-w- c:\windows\System32\rujisipo.dll
2009-09-06 19:11 . 2009-09-06 19:11 3 --sha-w- c:\windows\System32\sihiyadu.dll
2009-09-09 11:06 . 2009-09-09 11:06 3 --sha-w- c:\windows\System32\tahuhabu.dll
2009-09-10 09:03 . 2009-09-10 09:03 3 --sha-w- c:\windows\System32\vakemuna.dll
2009-09-08 09:32 . 2009-09-08 09:32 3 --sha-w- c:\windows\System32\vogomiyi.dll
2009-09-04 17:00 . 2009-09-04 17:00 3 --sha-w- c:\windows\System32\zahuzewi.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-07-10 16:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 22:38 121392 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Octoshape Streaming Services"="c:\users\Nadine\AppData\Local\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2008-05-22 156944]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-08 39408]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 2321600]
"Steam"="c:\program files\Steam\Steam.exe" [2009-11-27 1217808]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-10-23 1336560]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-21 192000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-11 4702208]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2007-12-07 196128]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2007-06-21 70952]
"HostManager"="c:\program files\Common Files\AOL\1219322728\ee\AOLSoftware.exe" [2006-09-26 50736]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-06-09 40960]
"RoxioEngineUtility"="c:\program files\Common Files\Roxio Shared\System\EngUtil.exe" [2003-05-01 65536]
"RoxAssistant"="c:\program files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe" [2004-02-24 90112]
"RoxioDragToDisc"="c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2008-10-26 868352]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-11-11 185872]
"EoEngine"="c:\program files\EoRezo\EoEngine.exe" [2008-11-01 472912]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-21 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-21 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-21 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]

c:\users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Notification de cadeaux MSN.lnk - c:\users\Nadine\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2002-1-1 135680]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R1 appdrv01;Application Driver (01);c:\windows\System32\drivers\appdrv01.sys [25/07/2009 18:13 3033712]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [08/12/2009 14:53 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [08/12/2009 14:53 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [08/12/2009 14:52 53328]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [28/01/2009 08:39 185640]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S2 gupdate1ca25c8b489b45f;Service Google Update (gupdate1ca25c8b489b45f);c:\program files\Google\Update\GoogleUpdate.exe [25/08/2009 22:12 133104]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [10/11/2009 16:11 1527900]
S3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [21/03/2008 19:47 30752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
vvdsvc REG_MULTI_SZ vvdsvc
.
------- Examen supplémentaire -------
.
mStart Page = hxxp://fr.fr.acer.yahoo.com
uInternet Settings,ProxyOverride = local;*.local
uInternet Settings,ProxyServer = 127.0.0.1:9666
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: ??VS????? - c:\program files\VideoSpeedy\VSDownload.htm
FF - ProfilePath - c:\users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\azrxewlb.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=CLA&o=15306&locale=fr_FR&q=
FF - component: c:\users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\azrxewlb.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npclntax_HotbarSA.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\users\Nadine\AppData\Local\Octoshape\Octoshape Streaming Services\octoprogram-L03-NMS0907280_SUA_000\npoctoshape.dll
FF - plugin: c:\users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\azrxewlb.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\Nadine\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-yoiiu - c:\users\nadine\appdata\local\yoiiu.exe
HKCU-Run-bugafafeli - firupifo.dll
HKLM-Run-WarReg_PopUp - c:\acer\WR_PopUp\WarReg_PopUp.exe
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe
HKLM-Run-Apanel - c:\acersw\config\NewSetApanel.cmd
HKLM-Run-VSpeedClient - c:\program files\VideoSpeedy\VSpeedClient.exe
HKLM-Run-Malwarebytes Anti-Malware (reboot) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe
AddRemove-{A5633652-3795-4829-BB0B-644F0279E279} - c:\acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-28 18:16
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x859241F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x82689322
\Driver\ACPI -> acpi.sys @ 0x805b3d4c
\Driver\atapi -> 0x859231f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1675283552-3446301354-78725961-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uV*S* RhV‰ w]
@Allowed: (Read) (RestrictedCode)
@="c:\\Program Files\\VideoSpeedy\\VSDownload.htm"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(1896)
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\wanmpsvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Heure de fin: 2009-12-28 18:22:38 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-28 17:22

Avant-CF: 75 178 876 928 octets libres
Après-CF: 74 418 155 520 octets libres

- - End Of File - - ACB56067DCC252C8C50127C8C0D2BAD8
0
Réponse 6 / 16
Benji
 
UP
0
Réponse 7 / 16
dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
 
Salut Benji


Télécharge load_tdsskiller de Loup Blanc sur ton Bureau :
http://fradesch.perso.cegetel.net/transf/Load_tdsskiller.exe

Cet outil est conçu pour automatiser différentes tâches proposées par TDSSKiller, un fix de Kaspersky.

- Lance load_tdsskiller en double-cliquant dessus : l'outil va se connecter au Net pour télécharger une copie à jour de TDSSKiller, puis va lancer le scan

- A la fin du scan, appuie sur une touche pour continuer, comme l'indique le message dans la fenêtre noire d'invite de commande
- Le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (le fichier est également présent ici : C:\tdsskiller\report.txt)
- Fais redémarrer ton PC


-----


Pour la suite il faut que Combofix soit sur le bureau, ce qui n'est pas le cas présentement :
Lancé depuis: D:\ComboFix.exe

Donc supprime cette version et télécharge le de nouveau sur le bureau avant de poursuivre.

- Clique sur le menu démarrer/Exécuter, tape notepad à l’invite de commande et OK.

- Copie/colle ce qui est en gras ci-dessous dans le Bloc-Notes :

KillAll::

File::
c:\windows\System32\huzitala.dll
c:\windows\System32\jisagade.dll
c:\windows\System32\mafaguzu.dll
c:\windows\System32\mulivusi.dll
c:\windows\System32\rakowiti.dll
c:\windows\System32\rujisipo.dll
c:\windows\System32\sihiyadu.dll
c:\windows\System32\tahuhabu.dll
c:\windows\System32\vakemuna.dll
c:\windows\System32\vogomiyi.dll
c:\windows\System32\zahuzewi.dll

Folder::
c:\program files\Ask.com
c:\program files\EoRezo
c:\programdata\dekoyemu
c:\programdata\hiluguba
c:\programdata\sukogude
c:\programdata\jutabepo
c:\programdata\gosijado
c:\programdata\vosukaso
c:\programdata\rayedutu
c:\programdata\pozogere
c:\programdata\banupuyo
c:\users\Nadine\AppData\Roaming\EoRezo
c:\program files\DAEMON Tools Toolbar

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EoEngine"=-

- Enregistre ce fichier sur le bureau Impératif

-Nom du fichier : CFScript.txt
-Type du fichier : tous les fichiers

- Clique sur Enregistrer et quitte le Bloc Notes

Important Désactive ton Antivirus et antispyware avant de faire le glisser/déposer

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe sur le bureau, comme sur cette capture (l’icône est un lion) :

http://free0.hiboox.com/images/2409/9126d3b136f7db9ab6242ad715b44296.gif

* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


-----


Faire un scan de ce fichier smpympyn.sys ici :

https://www.virustotal.com/gui/


Clique sur Parcourir et copie/colle ceci :
c:\windows\system32\drivers\smpympyn.sys
Après tu clique sur Envoyer le fichier et attendre le résultat de l’analyse.

Si il te dit que le fichier a déjà été analysé, sélectionne le bouton :
Reanalyse le fichier maintenant et attendre le résultat de l'analyse, poste le résultat au complet.

Poste le résultat au complet

Aide : http://bibou0007.com/scans-en-ligne-f75/tutorial-sur-virustotal-t190.htm


@++ :)
0
Réponse 8 / 16
Benji
 
19:34:24:816 3716 TDSSKiller 2.1.1 Dec 20 2009 02:40:02
19:34:24:816 3716 ================================================================================
19:34:24:816 3716 SystemInfo:

19:34:24:816 3716 OS Version: 6.0.6001 ServicePack: 1.0
19:34:24:816 3716 Product type: Workstation
19:34:24:817 3716 ComputerName: PC-DE-NADINE
19:34:24:817 3716 UserName: Nadine
19:34:24:818 3716 Windows directory: C:\Windows
19:34:24:818 3716 Processor architecture: Intel x86
19:34:24:818 3716 Number of processors: 2
19:34:24:818 3716 Page size: 0x1000
19:34:24:819 3716 Boot type: Normal boot
19:34:24:819 3716 ================================================================================
19:34:24:822 3716 ForceUnloadDriver: NtUnloadDriver error 2
19:34:24:823 3716 ForceUnloadDriver: NtUnloadDriver error 2
19:34:24:824 3716 ForceUnloadDriver: NtUnloadDriver error 2
19:34:24:825 3716 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\system32\Drivers\KLMD.sys) returned status 0
19:34:24:826 3716 main: Driver KLMD successfully dropped
19:34:33:183 3716 main: Driver KLMD successfully loaded
19:34:33:183 3716
Scanning Registry ...
19:34:33:184 3716 ScanServices: Searching service UACd.sys
19:34:33:184 3716 ScanServices: Open/Create key error 2
19:34:33:184 3716 ScanServices: Searching service TDSSserv.sys
19:34:33:184 3716 ScanServices: Open/Create key error 2
19:34:33:184 3716 ScanServices: Searching service gaopdxserv.sys
19:34:33:184 3716 ScanServices: Open/Create key error 2
19:34:33:184 3716 ScanServices: Searching service gxvxcserv.sys
19:34:33:184 3716 ScanServices: Open/Create key error 2
19:34:33:184 3716 ScanServices: Searching service MSIVXserv.sys
19:34:33:184 3716 ScanServices: Open/Create key error 2
19:34:33:189 3716 UnhookRegistry: Kernel module file name: C:\Windows\system32\ntkrnlpa.exe, base addr: 82050000
19:34:33:409 3716 UnhookRegistry: Kernel local addr: 1AD0000
19:34:33:409 3716 UnhookRegistry: KeServiceDescriptorTable addr: 1C07B00
19:34:33:432 3716 UnhookRegistry: KiServiceTable addr: 1B888E0
19:34:33:433 3716 UnhookRegistry: NtEnumerateKey service number (local): 85
19:34:33:433 3716 UnhookRegistry: NtEnumerateKey local addr: 1CD7BAC
19:34:33:438 3716 KLMD_OpenDevice: Trying to open KLMD device
19:34:33:438 3716 KLMD_GetSystemRoutineAddressA: Trying to get system routine address ZwEnumerateKey
19:34:33:438 3716 KLMD_GetSystemRoutineAddressW: Trying to get system routine address ZwEnumerateKey
19:34:33:438 3716 KLMD_ReadMem: Trying to ReadMemory 0x820A5AAD[0x4]
19:34:33:439 3716 UnhookRegistry: NtEnumerateKey service number (kernel): 85
19:34:33:439 3716 KLMD_ReadMem: Trying to ReadMemory 0x82108AF4[0x4]
19:34:33:439 3716 UnhookRegistry: NtEnumerateKey real addr: 82257BAC
19:34:33:439 3716 UnhookRegistry: NtEnumerateKey calc addr: 82257BAC
19:34:33:439 3716 UnhookRegistry: No SDT hooks found on NtEnumerateKey
19:34:33:439 3716 KLMD_ReadMem: Trying to ReadMemory 0x82257BAC[0xA]
19:34:33:439 3716 UnhookRegistry: No splicing found on NtEnumerateKey
19:34:33:443 3716
Scanning Kernel memory ...
19:34:33:443 3716 KLMD_OpenDevice: Trying to open KLMD device
19:34:33:444 3716 KLMD_GetSystemObjectAddressByNameA: Trying to get system object address by name \Driver\Disk
19:34:33:444 3716 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk
19:34:33:444 3716 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 85F52540
19:34:33:444 3716 DetectCureTDL3: KLMD_GetDeviceObjectList returned 5 DevObjects
19:34:33:444 3716 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 884FE030
19:34:33:444 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 884FE030
19:34:33:444 3716 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 88578638
19:34:33:444 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 88578638
19:34:33:444 3716 KLMD_ReadMem: Trying to ReadMemory 0x88578638[0x38]
19:34:33:444 3716 DetectCureTDL3: DRIVER_OBJECT addr: 884F6138
19:34:33:444 3716 KLMD_ReadMem: Trying to ReadMemory 0x884F6138[0xA8]
19:34:33:444 3716 KLMD_ReadMem: Trying to ReadMemory 0x87C4D310[0x208]
19:34:33:444 3716 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR
19:34:33:444 3716 DetectCureTDL3: IrpHandler (0) addr: 884F6500
19:34:33:444 3716 DetectCureTDL3: IrpHandler (1) addr: 82075FE3
19:34:33:444 3716 DetectCureTDL3: IrpHandler (2) addr: 884F6500
19:34:33:444 3716 DetectCureTDL3: IrpHandler (3) addr: 884F6500
19:34:33:444 3716 DetectCureTDL3: IrpHandler (4) addr: 884F6500
19:34:33:444 3716 DetectCureTDL3: IrpHandler (5) addr: 82075FE3
19:34:33:444 3716 DetectCureTDL3: IrpHandler (6) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (7) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (8) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (9) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (10) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (11) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (12) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (13) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (14) addr: 884F6500
19:34:33:445 3716 DetectCureTDL3: IrpHandler (15) addr: 884F6500
19:34:33:445 3716 DetectCureTDL3: IrpHandler (16) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (17) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (18) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (19) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (20) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (21) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (22) addr: 884F6500
19:34:33:445 3716 DetectCureTDL3: IrpHandler (23) addr: 884F6500
19:34:33:445 3716 DetectCureTDL3: IrpHandler (24) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (25) addr: 82075FE3
19:34:33:445 3716 DetectCureTDL3: IrpHandler (26) addr: 82075FE3
19:34:33:445 3716 KLMD_ReadMem: Trying to ReadMemory 0x8FCF3A44[0x400]
19:34:33:445 3716 TDL3_StartIoHookDetect: CheckParameters: 5, 8FCF7000, 0, 0
19:34:33:445 3716 TDL3_FileDetect: Processing driver: USBSTOR
19:34:33:445 3716 TDL3_FileDetect: Parameters: C:\Windows\system32\drivers\usbstor.sys, C:\Windows\system32\Drivers\usbstor.tsk, SYSTEM\CurrentControlSet\Services\USBSTOR, system32\Drivers\usbstor.tsk
19:34:33:446 3716 TDL3_FileDetect: Processing driver file: C:\Windows\system32\drivers\usbstor.sys
19:34:33:446 3716 KLMD_CreateFileW: Trying to open file C:\Windows\system32\drivers\usbstor.sys
19:34:33:453 3716 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 884FFAC8
19:34:33:453 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 884FFAC8
19:34:33:453 3716 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 88500030
19:34:33:453 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 88500030
19:34:33:453 3716 KLMD_ReadMem: Trying to ReadMemory 0x88500030[0x38]
19:34:33:453 3716 DetectCureTDL3: DRIVER_OBJECT addr: 884F6138
19:34:33:453 3716 KLMD_ReadMem: Trying to ReadMemory 0x884F6138[0xA8]
19:34:33:453 3716 KLMD_ReadMem: Trying to ReadMemory 0x87C4D310[0x208]
19:34:33:453 3716 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR
19:34:33:454 3716 DetectCureTDL3: IrpHandler (0) addr: 884F6500
19:34:33:454 3716 DetectCureTDL3: IrpHandler (1) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (2) addr: 884F6500
19:34:33:454 3716 DetectCureTDL3: IrpHandler (3) addr: 884F6500
19:34:33:454 3716 DetectCureTDL3: IrpHandler (4) addr: 884F6500
19:34:33:454 3716 DetectCureTDL3: IrpHandler (5) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (6) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (7) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (8) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (9) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (10) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (11) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (12) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (13) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (14) addr: 884F6500
19:34:33:454 3716 DetectCureTDL3: IrpHandler (15) addr: 884F6500
19:34:33:454 3716 DetectCureTDL3: IrpHandler (16) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (17) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (18) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (19) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (20) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (21) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (22) addr: 884F6500
19:34:33:454 3716 DetectCureTDL3: IrpHandler (23) addr: 884F6500
19:34:33:454 3716 DetectCureTDL3: IrpHandler (24) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (25) addr: 82075FE3
19:34:33:454 3716 DetectCureTDL3: IrpHandler (26) addr: 82075FE3
19:34:33:455 3716 KLMD_ReadMem: Trying to ReadMemory 0x8FCF3A44[0x400]
19:34:33:455 3716 TDL3_StartIoHookDetect: CheckParameters: 5, 8FCF7000, 0, 0
19:34:33:455 3716 TDL3_FileDetect: Processing driver: USBSTOR
19:34:33:455 3716 TDL3_FileDetect: Parameters: C:\Windows\system32\drivers\usbstor.sys, C:\Windows\system32\Drivers\usbstor.tsk, SYSTEM\CurrentControlSet\Services\USBSTOR, system32\Drivers\usbstor.tsk
19:34:33:455 3716 TDL3_FileDetect: Processing driver file: C:\Windows\system32\drivers\usbstor.sys
19:34:33:455 3716 KLMD_CreateFileW: Trying to open file C:\Windows\system32\drivers\usbstor.sys
19:34:33:457 3716 DetectCureTDL3: 2 Curr stack PDEVICE_OBJECT: 884FF030
19:34:33:457 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 884FF030
19:34:33:457 3716 DetectCureTDL3: 2 Curr stack PDEVICE_OBJECT: 88578030
19:34:33:457 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 88578030
19:34:33:457 3716 KLMD_ReadMem: Trying to ReadMemory 0x88578030[0x38]
19:34:33:457 3716 DetectCureTDL3: DRIVER_OBJECT addr: 884F6138
19:34:33:457 3716 KLMD_ReadMem: Trying to ReadMemory 0x884F6138[0xA8]
19:34:33:457 3716 KLMD_ReadMem: Trying to ReadMemory 0x87C4D310[0x208]
19:34:33:457 3716 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR
19:34:33:457 3716 DetectCureTDL3: IrpHandler (0) addr: 884F6500
19:34:33:457 3716 DetectCureTDL3: IrpHandler (1) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (2) addr: 884F6500
19:34:33:458 3716 DetectCureTDL3: IrpHandler (3) addr: 884F6500
19:34:33:458 3716 DetectCureTDL3: IrpHandler (4) addr: 884F6500
19:34:33:458 3716 DetectCureTDL3: IrpHandler (5) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (6) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (7) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (8) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (9) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (10) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (11) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (12) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (13) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (14) addr: 884F6500
19:34:33:458 3716 DetectCureTDL3: IrpHandler (15) addr: 884F6500
19:34:33:458 3716 DetectCureTDL3: IrpHandler (16) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (17) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (18) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (19) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (20) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (21) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (22) addr: 884F6500
19:34:33:458 3716 DetectCureTDL3: IrpHandler (23) addr: 884F6500
19:34:33:458 3716 DetectCureTDL3: IrpHandler (24) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (25) addr: 82075FE3
19:34:33:458 3716 DetectCureTDL3: IrpHandler (26) addr: 82075FE3
19:34:33:458 3716 KLMD_ReadMem: Trying to ReadMemory 0x8FCF3A44[0x400]
19:34:33:458 3716 TDL3_StartIoHookDetect: CheckParameters: 5, 8FCF7000, 0, 0
19:34:33:458 3716 TDL3_FileDetect: Processing driver: USBSTOR
19:34:33:459 3716 TDL3_FileDetect: Parameters: C:\Windows\system32\drivers\usbstor.sys, C:\Windows\system32\Drivers\usbstor.tsk, SYSTEM\CurrentControlSet\Services\USBSTOR, system32\Drivers\usbstor.tsk
19:34:33:459 3716 TDL3_FileDetect: Processing driver file: C:\Windows\system32\drivers\usbstor.sys
19:34:33:459 3716 KLMD_CreateFileW: Trying to open file C:\Windows\system32\drivers\usbstor.sys
19:34:33:461 3716 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 88500AC8
19:34:33:461 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 88500AC8
19:34:33:461 3716 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 88519030
19:34:33:461 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 88519030
19:34:33:461 3716 KLMD_ReadMem: Trying to ReadMemory 0x88519030[0x38]
19:34:33:461 3716 DetectCureTDL3: DRIVER_OBJECT addr: 884F6138
19:34:33:461 3716 KLMD_ReadMem: Trying to ReadMemory 0x884F6138[0xA8]
19:34:33:461 3716 KLMD_ReadMem: Trying to ReadMemory 0x87C4D310[0x208]
19:34:33:461 3716 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR
19:34:33:461 3716 DetectCureTDL3: IrpHandler (0) addr: 884F6500
19:34:33:461 3716 DetectCureTDL3: IrpHandler (1) addr: 82075FE3
19:34:33:461 3716 DetectCureTDL3: IrpHandler (2) addr: 884F6500
19:34:33:461 3716 DetectCureTDL3: IrpHandler (3) addr: 884F6500
19:34:33:461 3716 DetectCureTDL3: IrpHandler (4) addr: 884F6500
19:34:33:461 3716 DetectCureTDL3: IrpHandler (5) addr: 82075FE3
19:34:33:461 3716 DetectCureTDL3: IrpHandler (6) addr: 82075FE3
19:34:33:461 3716 DetectCureTDL3: IrpHandler (7) addr: 82075FE3
19:34:33:461 3716 DetectCureTDL3: IrpHandler (8) addr: 82075FE3
19:34:33:461 3716 DetectCureTDL3: IrpHandler (9) addr: 82075FE3
19:34:33:461 3716 DetectCureTDL3: IrpHandler (10) addr: 82075FE3
19:34:33:461 3716 DetectCureTDL3: IrpHandler (11) addr: 82075FE3
19:34:33:461 3716 DetectCureTDL3: IrpHandler (12) addr: 82075FE3
19:34:33:461 3716 DetectCureTDL3: IrpHandler (13) addr: 82075FE3
19:34:33:461 3716 DetectCureTDL3: IrpHandler (14) addr: 884F6500
19:34:33:461 3716 DetectCureTDL3: IrpHandler (15) addr: 884F6500
19:34:33:462 3716 DetectCureTDL3: IrpHandler (16) addr: 82075FE3
19:34:33:462 3716 DetectCureTDL3: IrpHandler (17) addr: 82075FE3
19:34:33:462 3716 DetectCureTDL3: IrpHandler (18) addr: 82075FE3
19:34:33:462 3716 DetectCureTDL3: IrpHandler (19) addr: 82075FE3
19:34:33:462 3716 DetectCureTDL3: IrpHandler (20) addr: 82075FE3
19:34:33:462 3716 DetectCureTDL3: IrpHandler (21) addr: 82075FE3
19:34:33:462 3716 DetectCureTDL3: IrpHandler (22) addr: 884F6500
19:34:33:462 3716 DetectCureTDL3: IrpHandler (23) addr: 884F6500
19:34:33:462 3716 DetectCureTDL3: IrpHandler (24) addr: 82075FE3
19:34:33:462 3716 DetectCureTDL3: IrpHandler (25) addr: 82075FE3
19:34:33:462 3716 DetectCureTDL3: IrpHandler (26) addr: 82075FE3
19:34:33:462 3716 KLMD_ReadMem: Trying to ReadMemory 0x8FCF3A44[0x400]
19:34:33:462 3716 TDL3_StartIoHookDetect: CheckParameters: 5, 8FCF7000, 0, 0
19:34:33:462 3716 TDL3_FileDetect: Processing driver: USBSTOR
19:34:33:462 3716 TDL3_FileDetect: Parameters: C:\Windows\system32\drivers\usbstor.sys, C:\Windows\system32\Drivers\usbstor.tsk, SYSTEM\CurrentControlSet\Services\USBSTOR, system32\Drivers\usbstor.tsk
19:34:33:462 3716 TDL3_FileDetect: Processing driver file: C:\Windows\system32\drivers\usbstor.sys
19:34:33:462 3716 KLMD_CreateFileW: Trying to open file C:\Windows\system32\drivers\usbstor.sys
19:34:33:464 3716 DetectCureTDL3: 4 Curr stack PDEVICE_OBJECT: 86696AC8
19:34:33:464 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86696AC8
19:34:33:464 3716 DetectCureTDL3: 4 Curr stack PDEVICE_OBJECT: 85DF7700
19:34:33:464 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 85DF7700
19:34:33:464 3716 DetectCureTDL3: 4 Curr stack PDEVICE_OBJECT: 859B8898
19:34:33:464 3716 KLMD_GetLowerDeviceObject: Trying to get lower device object for 859B8898
19:34:33:464 3716 KLMD_ReadMem: Trying to ReadMemory 0x859B8898[0x38]
19:34:33:464 3716 DetectCureTDL3: DRIVER_OBJECT addr: 8599FCE0
19:34:33:465 3716 KLMD_ReadMem: Trying to ReadMemory 0x8599FCE0[0xA8]
19:34:33:465 3716 KLMD_ReadMem: Trying to ReadMemory 0x8596CF30[0x208]
19:34:33:465 3716 DetectCureTDL3: DRIVER_OBJECT name: \Driver\nvstor32, Driver Name: nvstor32
19:34:33:465 3716 DetectCureTDL3: IrpHandler (0) addr: 859241F8
19:34:33:465 3716 DetectCureTDL3: IrpHandler (1) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (2) addr: 859241F8
19:34:33:465 3716 DetectCureTDL3: IrpHandler (3) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (4) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (5) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (6) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (7) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (8) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (9) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (10) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (11) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (12) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (13) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (14) addr: 859241F8
19:34:33:465 3716 DetectCureTDL3: IrpHandler (15) addr: 859241F8
19:34:33:465 3716 DetectCureTDL3: IrpHandler (16) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (17) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (18) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (19) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (20) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (21) addr: 82075FE3
19:34:33:465 3716 DetectCureTDL3: IrpHandler (22) addr: 859241F8
19:34:33:465 3716 DetectCureTDL3: IrpHandler (23) addr: 859241F8
19:34:33:465 3716 DetectCureTDL3: IrpHandler (24) addr: 82075FE3
19:34:33:466 3716 DetectCureTDL3: IrpHandler (25) addr: 82075FE3
19:34:33:466 3716 DetectCureTDL3: IrpHandler (26) addr: 82075FE3
19:34:33:466 3716 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400]
19:34:33:466 3716 KLMD_ReadMem: DeviceIoControl error 1
19:34:33:466 3716 TDL3_StartIoHookDetect: Unable to get StartIo handler code
19:34:33:466 3716 TDL3_FileDetect: Processing driver: nvstor32
19:34:33:466 3716 TDL3_FileDetect: Parameters: C:\Windows\system32\drivers\nvstor32.sys, C:\Windows\system32\Drivers\nvstor32.tsk, SYSTEM\CurrentControlSet\Services\nvstor32, system32\Drivers\nvstor32.tsk
19:34:33:466 3716 TDL3_FileDetect: Processing driver file: C:\Windows\system32\drivers\nvstor32.sys
19:34:33:466 3716 KLMD_CreateFileW: Trying to open file C:\Windows\system32\drivers\nvstor32.sys
19:34:33:474 3716
Completed

Results:
19:34:33:480 3716 Infected objects in memory: 0
19:34:33:480 3716 Cured objects in memory: 0
19:34:33:480 3716 Infected objects on disk: 0
19:34:33:480 3716 Objects on disk cured on reboot: 0
19:34:33:481 3716 Objects on disk deleted on reboot: 0
19:34:33:481 3716 Registry nodes deleted on reboot: 0
19:34:33:481 3716
0
Réponse 9 / 16
Benji
 
ComboFix 09-12-27.04 - Nadine 28/12/2009 20:33:13.2.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3070.1934 [GMT 1:00]
Lancé depuis: d:\desktop\ComboFix.exe
Commutateurs utilisés :: d:\desktop\CFScript.txt
SP: AVG Anti-Spyware *disabled* (Outdated) {48F2E28D-ED66-4646-9C11-B3055B0AF604}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\windows\System32\huzitala.dll"
"c:\windows\System32\jisagade.dll"
"c:\windows\System32\mafaguzu.dll"
"c:\windows\System32\mulivusi.dll"
"c:\windows\System32\rakowiti.dll"
"c:\windows\System32\rujisipo.dll"
"c:\windows\System32\sihiyadu.dll"
"c:\windows\System32\tahuhabu.dll"
"c:\windows\System32\vakemuna.dll"
"c:\windows\System32\vogomiyi.dll"
"c:\windows\System32\zahuzewi.dll"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files\DAEMON Tools Toolbar\Resources\about.ico
c:\program files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.png
c:\program files\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files\DAEMON Tools Toolbar\Resources\az.ico
c:\program files\DAEMON Tools Toolbar\Resources\b1.bmp
c:\program files\DAEMON Tools Toolbar\Resources\b1.png
c:\program files\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\cond000.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond001.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond003.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond004.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond005.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond006.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond007.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond008.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond009.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond010.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond011.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond019.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond020.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond021.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond022.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond023.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond024.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond025.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond026.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond037.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond038.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond039.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond040.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond041.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond046.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond048.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond050.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond051.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond052.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond053.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond054.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond055.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond056.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond057.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond058.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond059.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond060.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond061.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond062.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond063.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond064.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond065.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond066.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond067.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond068.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond069.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond075.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond076.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond077.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond078.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond079.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond080.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond084.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond085.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond086.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond087.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond088.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond089.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond090.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond091.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond092.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond093.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond094.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond095.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond108.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond109.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond110.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond111.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond112.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond113.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond120.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond121.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond122.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond126.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond127.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond128.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond129.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond130.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond131.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond132.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond133.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond134.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond135.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond136.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond137.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond138.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond140.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond141.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond142.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond143.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond148.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond149.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond152.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond154.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond155.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond156.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond157.gif
c:\program files\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files\DAEMON Tools Toolbar\Resources\d.ico
c:\program files\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files\DAEMON Tools Toolbar\Resources\features.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files\DAEMON Tools Toolbar\Resources\help.ico
c:\program files\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files\DAEMON Tools Toolbar\Resources\m.ico
c:\program files\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\noW.gif
c:\program files\DAEMON Tools Toolbar\Resources\op.ico
c:\program files\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play.ico
c:\program files\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files\DAEMON Tools Toolbar\Resources\show.ico
c:\program files\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\style.ico
c:\program files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files\DAEMON Tools Toolbar\Resources\time.ico
c:\program files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\u.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
c:\program files\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files\DAEMON Tools Toolbar\uninst.exe
c:\program files\EoRezo
c:\program files\EoRezo\ConfMedia.cyp
c:\program files\EoRezo\EoAdv\atl90.dll
c:\program files\EoRezo\EoAdv\EoAdv.dll
c:\program files\EoRezo\EoAdv\EoRezoBHO.dll
c:\program files\EoRezo\EoAdv\mfc90.dll
c:\program files\EoRezo\EoAdv\Microsoft.VC90.ATL.manifest
c:\program files\EoRezo\EoAdv\Microsoft.VC90.CRT.manifest
c:\program files\EoRezo\EoAdv\Microsoft.VC90.MFC.manifest
c:\program files\EoRezo\EoAdv\msvcr90.dll
c:\program files\EoRezo\EoEngine.exe
c:\program files\EoRezo\eoEngine.url
c:\program files\EoRezo\EoMultiLanguage.dll
c:\program files\EoRezo\EoRezoComm.dll
c:\program files\EoRezo\EoRezoImg_17.dll
c:\program files\EoRezo\EoRezoImg_19.dll
c:\program files\EoRezo\EoRezoImg_20.dll
c:\program files\EoRezo\EoRezoImg_21.dll
c:\program files\EoRezo\EoRezoImg_22.dll
c:\program files\EoRezo\EoRezoImg_23.dll
c:\program files\EoRezo\EoRezoTools_16.dll
c:\program files\EoRezo\EoRezoTools_17.dll
c:\program files\EoRezo\EoRezoTools_18.dll
c:\program files\EoRezo\EoRezoTools_20.dll
c:\program files\EoRezo\EoRezoTools_21.dll
c:\program files\EoRezo\EoRezoTools_26.dll
c:\program files\EoRezo\EoRezoTools_27.dll
c:\program files\EoRezo\EoRezoTools_28.dll
c:\program files\EoRezo\FreeImage.dll
c:\program files\EoRezo\Host.cyp
c:\program files\EoRezo\lang\ihm_eoclock.xml
c:\program files\EoRezo\lang\ihm_eoengine.xml
c:\program files\EoRezo\lang\ihm_eonet.xml
c:\program files\EoRezo\lang\ihm_eorezotools.xml
c:\program files\EoRezo\lang\ihm_eosudoku.xml
c:\program files\EoRezo\lang\ihm_eoweather.xml
c:\program files\EoRezo\lang\lang_en.xml
c:\program files\EoRezo\lang\lang_es.xml
c:\program files\EoRezo\lang\lang_fr.xml
c:\program files\EoRezo\lang\lang_it.xml
c:\program files\EoRezo\MngInstaller.dll
c:\program files\EoRezo\unins000.dat
c:\program files\EoRezo\unins000.exe
c:\program files\EoRezo\user.cyp
c:\programdata\banupuyo
c:\programdata\dekoyemu
c:\programdata\gosijado
c:\programdata\hiluguba
c:\programdata\jutabepo
c:\programdata\jutabepo\jutabepo.dll
c:\programdata\pozogere
c:\programdata\rayedutu
c:\programdata\sukogude
c:\programdata\sukogude\sukogude.dll
c:\programdata\vosukaso
c:\users\Nadine\AppData\Roaming\EoRezo
c:\users\Nadine\AppData\Roaming\EoRezo\cmhost.cyp
c:\users\Nadine\AppData\Roaming\EoRezo\ConfMedia.cyp
c:\users\Nadine\AppData\Roaming\EoRezo\ConfMedia.cyp.old
c:\users\Nadine\AppData\Roaming\EoRezo\db\cat.cyp
c:\users\Nadine\AppData\Roaming\EoRezo\eoDesktop\config.xml
c:\users\Nadine\AppData\Roaming\EoRezo\eoDesktop\eoDesktop.html
c:\users\Nadine\AppData\Roaming\EoRezo\eoDesktop\userConfig.xml
c:\users\Nadine\AppData\Roaming\EoRezo\host.cyp
c:\users\Nadine\AppData\Roaming\EoRezo\modules.cyp
c:\users\Nadine\AppData\Roaming\EoRezo\user.cyp
c:\windows\System32\huzitala.dll
c:\windows\System32\jisagade.dll
c:\windows\System32\mafaguzu.dll
c:\windows\System32\mulivusi.dll
c:\windows\System32\rakowiti.dll
c:\windows\System32\rujisipo.dll
c:\windows\System32\sihiyadu.dll
c:\windows\System32\tahuhabu.dll
c:\windows\System32\vakemuna.dll
c:\windows\System32\vogomiyi.dll
c:\windows\System32\zahuzewi.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-28 au 2009-12-28 ))))))))))))))))))))))))))))))))))))
.

2009-12-28 19:42 . 2009-12-28 19:44 -------- d-----w- c:\users\Nadine\AppData\Local\temp
2009-12-28 19:42 . 2009-12-28 19:42 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-28 19:42 . 2009-12-28 19:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-28 18:34 . 2009-12-28 18:34 -------- d-----w- C:\tdsskiller
2009-12-27 00:42 . 2009-12-27 00:42 30784 ----a-w- c:\windows\system32\drivers\smpympyn.sys
2009-12-25 14:44 . 2009-12-25 14:44 -------- d-----w- c:\users\Nadine\AppData\Roaming\PeerNetworking
2009-12-25 11:33 . 2009-12-28 18:49 -------- d-----w- c:\users\Nadine\AppData\Local\Apple Computer
2009-12-25 11:33 . 2009-12-28 18:41 -------- d-----w- c:\users\Nadine\AppData\Roaming\Apple Computer
2009-12-25 11:33 . 2009-05-18 13:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-12-25 11:33 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-12-25 11:32 . 2009-12-25 11:32 -------- d-----w- c:\program files\iPod
2009-12-25 11:32 . 2009-12-25 11:33 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-12-25 11:32 . 2009-12-25 11:33 -------- d-----w- c:\program files\iTunes
2009-12-25 11:30 . 2009-12-25 11:31 -------- d-----w- c:\program files\QuickTime
2009-12-25 11:30 . 2009-12-25 11:32 -------- d-----w- c:\programdata\Apple Computer
2009-12-25 11:30 . 2009-12-25 11:30 -------- d-----w- c:\users\Nadine\AppData\Local\Apple
2009-12-25 11:30 . 2009-12-25 11:30 -------- d-----w- c:\program files\Apple Software Update
2009-12-25 11:28 . 2009-12-25 11:37 -------- d-----w- c:\programdata\Apple
2009-12-25 11:28 . 2009-12-25 11:32 -------- d-----w- c:\program files\Common Files\Apple
2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\program files\iWisoft Free Video Converter
2009-12-10 09:11 . 2009-11-09 13:22 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-10 09:11 . 2009-11-09 11:04 411136 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 09:11 . 2009-11-09 13:20 31232 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 11:15 . 2009-10-07 12:41 244224 ----a-w- c:\windows\system32\rastls.dll
2009-12-09 11:15 . 2009-10-07 12:41 281600 ----a-w- c:\windows\system32\raschap.dll
2009-12-08 13:53 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-12-08 13:53 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-12-08 13:53 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-12-08 13:53 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-12-08 13:53 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-12-08 13:52 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-08 13:52 . 2009-11-24 23:49 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-12-07 11:03 . 2009-12-08 12:43 -------- d-----w- c:\program files\ClamWin
2009-12-05 14:51 . 2009-12-08 13:33 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-05 14:51 . 2009-12-08 13:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-04 16:49 . 2009-12-04 16:49 -------- d-----w- c:\users\Nadine\PES
2009-12-01 17:20 . 2009-12-01 17:20 -------- d-----w- C:\rsit
2009-12-01 07:33 . 2002-01-01 08:04 -------- d-----w- c:\windows\nvtmpinst

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-28 19:21 . 2009-02-28 13:10 -------- d-----w- c:\program files\Steam
2009-12-28 17:34 . 2008-09-07 19:42 2032 ----a-w- c:\users\Nadine\AppData\Local\d3d9caps.dat
2009-12-28 16:54 . 2008-08-21 14:28 -------- d-----w- c:\users\Nadine\AppData\Roaming\uTorrent
2009-12-25 12:34 . 2008-01-21 08:40 669328 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-25 12:34 . 2008-01-21 08:40 123350 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-25 11:31 . 2009-04-16 10:27 -------- d-----w- c:\program files\Bonjour
2009-12-25 11:23 . 2009-12-25 11:23 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-12-23 20:35 . 2009-12-03 20:34 439816 ----a-w- c:\users\Nadine\AppData\Roaming\Real\Update\setup3.09\setup.exe
2009-12-15 15:25 . 2008-08-22 08:12 -------- d-----w- c:\program files\Windows Live
2009-12-14 10:06 . 2009-02-28 13:26 -------- d-----w- c:\program files\Common Files\Steam
2009-12-10 13:34 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-10 09:11 . 2008-03-21 11:14 -------- d-----w- c:\programdata\Microsoft Help
2009-12-04 10:58 . 2009-12-04 10:58 118784 ----a-w- c:\users\Nadine\AppData\Roaming\Real\Update\setup3.09\RUP\inst_config\compat.dll
2009-12-01 08:18 . 2008-03-21 11:06 -------- d-----w- c:\programdata\NVIDIA
2009-11-22 11:31 . 2008-12-15 17:18 1 ----a-w- c:\users\Nadine\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-12 16:07 . 2009-11-12 16:07 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-11 15:53 . 2008-11-16 13:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-10 15:12 . 2009-11-10 15:11 -------- d-----w- c:\programdata\MAGIX
2009-11-10 15:12 . 2009-11-10 15:10 -------- d-----w- c:\program files\MAGIX
2009-11-08 16:33 . 2009-03-13 11:21 -------- d-----w- c:\program files\VSCache
2009-11-03 17:03 . 2009-07-30 19:13 -------- d-----w- c:\programdata\TrackMania
2009-11-02 19:42 . 2009-10-03 08:29 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-31 15:00 . 2009-10-31 14:58 -------- d-----w- c:\program files\GeoGebra
2009-10-30 11:54 . 2009-10-30 11:54 -------- d-----w- c:\programdata\KONAMI
2009-10-30 11:54 . 2009-09-19 16:50 -------- d-----w- c:\program files\KONAMI
2009-10-29 19:19 . 2009-10-29 19:19 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-29 09:41 . 2009-11-26 10:14 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-27 13:20 . 2009-12-09 11:16 833024 ----a-w- c:\windows\system32\wininet.dll
2009-10-27 13:16 . 2009-12-09 11:16 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-27 10:55 . 2009-12-09 11:16 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-10-17 13:25 . 2009-10-17 13:25 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-09-29 19:57 . 2009-08-25 21:49 758018 ----a-w- c:\windows\system32\xvidcore.dll
2006-05-03 10:06 . 2009-01-28 10:37 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 11:47 . 2009-01-28 10:37 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 13:30 . 2009-01-28 10:37 216064 --sh--r- c:\windows\System32\nbDX.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 22:38 121392 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Octoshape Streaming Services"="c:\users\Nadine\AppData\Local\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2008-05-22 156944]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-08 39408]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 2321600]
"Steam"="c:\program files\Steam\Steam.exe" [2009-11-27 1217808]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-10-23 1336560]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-21 192000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-11 4702208]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2007-12-07 196128]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2007-06-21 70952]
"HostManager"="c:\program files\Common Files\AOL\1219322728\ee\AOLSoftware.exe" [2006-09-26 50736]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-06-09 40960]
"RoxioEngineUtility"="c:\program files\Common Files\Roxio Shared\System\EngUtil.exe" [2003-05-01 65536]
"RoxAssistant"="c:\program files\Common Files\Roxio Shared\Upgrade\RoxAssist.exe" [2004-02-24 90112]
"RoxioDragToDisc"="c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2008-10-26 868352]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-11-11 185872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-21 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-21 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-21 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]

c:\users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Notification de cadeaux MSN.lnk - c:\users\Nadine\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2002-1-1 135680]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R1 appdrv01;Application Driver (01);c:\windows\System32\drivers\appdrv01.sys [25/07/2009 18:13 3033712]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [08/12/2009 14:53 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [08/12/2009 14:53 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [08/12/2009 14:52 53328]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [28/01/2009 08:39 185640]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S2 gupdate1ca25c8b489b45f;Service Google Update (gupdate1ca25c8b489b45f);c:\program files\Google\Update\GoogleUpdate.exe [25/08/2009 22:12 133104]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [10/11/2009 16:11 1527900]
S3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [21/03/2008 19:47 30752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
vvdsvc REG_MULTI_SZ vvdsvc
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://y.lo.st
mStart Page = hxxp://fr.fr.acer.yahoo.com
uInternet Settings,ProxyOverride = local;*.local
uInternet Settings,ProxyServer = 127.0.0.1:9666
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: ??VS????? - c:\program files\VideoSpeedy\VSDownload.htm
FF - ProfilePath - c:\users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\azrxewlb.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=CLA&o=15306&locale=fr_FR&q=
FF - component: c:\users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\azrxewlb.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npclntax_HotbarSA.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\users\Nadine\AppData\Local\Octoshape\Octoshape Streaming Services\octoprogram-L03-NMS0907280_SUA_000\npoctoshape.dll
FF - plugin: c:\users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\azrxewlb.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\Nadine\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-eoEngine_is1 - c:\program files\EoRezo\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-28 20:44
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll usbhub.sys tcpip.sys NETIO.SYS win32k.sys cdd.dll dxgkrnl.sys atikmdag.sys ecache.sys >>UNKNOWN [0x859241F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x8267d322
\Driver\ACPI -> acpi.sys @ 0x805afd4c
\Driver\atapi -> 0x859231f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1675283552-3446301354-78725961-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uV*S* RhV‰ w]
@Allowed: (Read) (RestrictedCode)
@="c:\\Program Files\\VideoSpeedy\\VSDownload.htm"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(1196)
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\wanmpsvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Heure de fin: 2009-12-28 20:49:29 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-12-28 19:49
ComboFix2.txt 2009-12-28 17:22

Avant-CF: 74 231 844 864 octets libres
Après-CF: 74 079 678 464 octets libres

- - End Of File - - 2A5906FF20A817E59BA27F26A181CC25
0
Réponse 10 / 16
Benji
 
[url=http://www.virustotal.com/fr/analisis/747496b76d88c148c36f9025d11ee524cfa0101c336a72cecc8be33a9d6e08f6-1262030191][b]Tutorial Virus Total[/b][/url]
0
Réponse 11 / 16
dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
 
Salut Benji


Télécharge Gmer et enregistre-le sur ton bureau.
http://www2.gmer.net/download.php

Note : l'application portera un nom aléatoire. Indique-le moi dans ton prochain message.

- Déconnecte toi d'internet si possible et ferme tous les programmes, puis lance l'outil.
- Clique sur le bouton "Scan" sur la droite.

- Lorsque le scan est terminé, clic sur "Copy".
- Ouvre le bloc-note et clic sur le Menu Edition / Coller
- Le rapport doit alors apparaître.

- Enregistre le fichier sur ton bureau et copie/colle le contenu ici.


-----


Faire un scan également de ce fichier sur Virustotal :
c:\windows\system32\drivers\atapi.sys


@++ :)
0
Réponse 12 / 16
Benji
 
Nom de l'application : o4zkdfvy.exe
0
Réponse 13 / 16
Benji
 
J'ai fait le scan puis l'ordi a planté :/
0
Réponse 14 / 16
Benji
 
Avast m'a détecté le virus Trojan !
0
Réponse 15 / 16
Benji
 
UP :(
0
Réponse 16 / 16
dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
 
Salut Benji


Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

- Quitte les applications en cours afin de ne pas interrompre le scan.
- Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".
- Une fenêtre apparaît. Sous Custom Scans (en bas), copie/colle ceci :

netsvcs
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
/md5stop
%systemroot%\*. /mp /s
c:\$recycle.bin\*.* /s

- Clique sur le bouton Run Scan.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

- Copie/colle ici le contenu des deux fichiers. Utilise un message par rapport.


@++ :)
0

Discussions similaires

FOTOSE (allemagne)
lix -
Yves -

13 réponses
ATTENTION : escroquerie à la carte bleue !!
dvrg -
dvrg -

80 réponses
35 GO à l'étranger
Laurence -
Laurence -

2 réponses