Problem de fenetre internet
patrick letoile
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
quand je navigue sur internet avec mon navigateur principale(firefox) des fenetre publicitaire apparaisse avec mon internet explorer et je ne sait aps quoi faire pour empecher cela et celui qui apparais le plus souvent est un site nommer CID tv-bytes quelque chose du genre.. Quoi fairee?
quand je navigue sur internet avec mon navigateur principale(firefox) des fenetre publicitaire apparaisse avec mon internet explorer et je ne sait aps quoi faire pour empecher cela et celui qui apparais le plus souvent est un site nommer CID tv-bytes quelque chose du genre.. Quoi fairee?
A voir également:
- Problem de fenetre internet
- Gps sans internet - Guide
- Fenetre windows - Guide
- Fenêtre hors écran windows 11 - Guide
- Fenetre de navigation privée - Guide
- Mon pc rame sur internet - Guide
30 réponses
ComboFix 08-09-20.05 - Patrick 2008-09-23 3:10:19.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1027 [GMT -4:00]
Lancé depuis: C:\Users\Patrick\Downloads\ComboFix.exe
* Un nouveau point de restauration a été créé
* Resident AV is active
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Users\Patrick\AppData\Roaming\.#
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-23 au 2008-09-23 ))))))))))))))))))))))))))))))))))))
.
2008-09-23 02:25 . 2008-09-23 02:25 <REP> d-------- C:\_OTMoveIt
2008-09-23 02:00 . 2008-09-23 02:00 <REP> d-------- C:\Program Files\Trend Micro
2008-09-23 01:39 . 2008-09-23 01:54 <REP> d-------- C:\Lop SD
2008-09-19 15:13 . 2008-09-19 15:13 <REP> d-------- C:\Windows\Sun
2008-09-18 20:22 . 2008-09-19 14:47 <REP> d-------- C:\Users\All Users\webex
2008-09-18 20:22 . 2008-09-19 14:47 <REP> d-------- C:\ProgramData\webex
2008-09-18 20:21 . 2008-09-18 20:22 <REP> d-------- C:\Users\All Users\Linksys
2008-09-18 20:21 . 2008-09-18 20:22 <REP> d-------- C:\ProgramData\Linksys
2008-09-18 20:20 . 2008-04-09 00:14 24,888 --a------ C:\Windows\System32\drivers\pnarp.sys
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\Users\All Users\Pure Networks
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\ProgramData\Pure Networks
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\Program Files\Common Files\Pure Networks Shared
2008-09-18 20:19 . 2008-04-09 00:14 26,424 --a------ C:\Windows\System32\drivers\purendis.sys
2008-09-18 20:18 . 2008-09-18 20:19 <REP> d-------- C:\Program Files\Linksys
2008-09-18 14:45 . 2008-09-23 01:48 65,536 --------- C:\Windows\System32\Ikeext.etl
2008-09-18 14:09 . 2008-09-18 14:09 <REP> d-------- C:\Users\Patrick\AppData\Roaming\PeerNetworking
2008-09-17 13:18 . 2008-07-19 01:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-09-17 13:18 . 2008-07-18 23:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-09-17 13:18 . 2008-07-19 01:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-09-17 13:18 . 2008-07-19 01:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-09-17 13:17 . 2008-07-19 01:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-09-17 13:17 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-09-17 13:17 . 2008-07-18 23:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-09-17 13:17 . 2008-07-19 01:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-09-17 13:17 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-09-17 00:59 . 2008-09-17 00:59 <REP> d-------- C:\Program Files\Apple Software Update
2008-09-17 00:58 . 2008-09-18 20:20 <REP> d----c--- C:\Windows\System32\DRVSTORE
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Program Files\iTunes
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Program Files\iPod
2008-09-17 00:58 . 2008-04-17 13:12 107,368 --a------ C:\Windows\System32\GEARAspi.dll
2008-09-17 00:58 . 2008-04-17 13:12 15,464 --a------ C:\Windows\System32\drivers\GEARAspiWDM.sys
2008-09-17 00:56 . 2008-09-17 00:57 <REP> d-------- C:\Program Files\QuickTime
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1027 [GMT -4:00]
Lancé depuis: C:\Users\Patrick\Downloads\ComboFix.exe
* Un nouveau point de restauration a été créé
* Resident AV is active
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Users\Patrick\AppData\Roaming\.#
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-23 au 2008-09-23 ))))))))))))))))))))))))))))))))))))
.
2008-09-23 02:25 . 2008-09-23 02:25 <REP> d-------- C:\_OTMoveIt
2008-09-23 02:00 . 2008-09-23 02:00 <REP> d-------- C:\Program Files\Trend Micro
2008-09-23 01:39 . 2008-09-23 01:54 <REP> d-------- C:\Lop SD
2008-09-19 15:13 . 2008-09-19 15:13 <REP> d-------- C:\Windows\Sun
2008-09-18 20:22 . 2008-09-19 14:47 <REP> d-------- C:\Users\All Users\webex
2008-09-18 20:22 . 2008-09-19 14:47 <REP> d-------- C:\ProgramData\webex
2008-09-18 20:21 . 2008-09-18 20:22 <REP> d-------- C:\Users\All Users\Linksys
2008-09-18 20:21 . 2008-09-18 20:22 <REP> d-------- C:\ProgramData\Linksys
2008-09-18 20:20 . 2008-04-09 00:14 24,888 --a------ C:\Windows\System32\drivers\pnarp.sys
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\Users\All Users\Pure Networks
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\ProgramData\Pure Networks
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\Program Files\Common Files\Pure Networks Shared
2008-09-18 20:19 . 2008-04-09 00:14 26,424 --a------ C:\Windows\System32\drivers\purendis.sys
2008-09-18 20:18 . 2008-09-18 20:19 <REP> d-------- C:\Program Files\Linksys
2008-09-18 14:45 . 2008-09-23 01:48 65,536 --------- C:\Windows\System32\Ikeext.etl
2008-09-18 14:09 . 2008-09-18 14:09 <REP> d-------- C:\Users\Patrick\AppData\Roaming\PeerNetworking
2008-09-17 13:18 . 2008-07-19 01:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-09-17 13:18 . 2008-07-18 23:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-09-17 13:18 . 2008-07-19 01:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-09-17 13:18 . 2008-07-19 01:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-09-17 13:17 . 2008-07-19 01:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-09-17 13:17 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-09-17 13:17 . 2008-07-18 23:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-09-17 13:17 . 2008-07-19 01:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-09-17 13:17 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-09-17 00:59 . 2008-09-17 00:59 <REP> d-------- C:\Program Files\Apple Software Update
2008-09-17 00:58 . 2008-09-18 20:20 <REP> d----c--- C:\Windows\System32\DRVSTORE
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Program Files\iTunes
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Program Files\iPod
2008-09-17 00:58 . 2008-04-17 13:12 107,368 --a------ C:\Windows\System32\GEARAspi.dll
2008-09-17 00:58 . 2008-04-17 13:12 15,464 --a------ C:\Windows\System32\drivers\GEARAspiWDM.sys
2008-09-17 00:56 . 2008-09-17 00:57 <REP> d-------- C:\Program Files\QuickTime
oups il manquais une parti a mon rapport voila le rapport complet:
ComboFix 08-09-20.05 - Patrick 2008-09-23 3:10:19.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1027 [GMT -4:00]
Lancé depuis: C:\Users\Patrick\Downloads\ComboFix.exe
* Un nouveau point de restauration a été créé
* Resident AV is active
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Users\Patrick\AppData\Roaming\.#
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-23 au 2008-09-23 ))))))))))))))))))))))))))))))))))))
.
2008-09-23 02:25 . 2008-09-23 02:25 <REP> d-------- C:\_OTMoveIt
2008-09-23 02:00 . 2008-09-23 02:00 <REP> d-------- C:\Program Files\Trend Micro
2008-09-23 01:39 . 2008-09-23 01:54 <REP> d-------- C:\Lop SD
2008-09-19 15:13 . 2008-09-19 15:13 <REP> d-------- C:\Windows\Sun
2008-09-18 20:22 . 2008-09-19 14:47 <REP> d-------- C:\Users\All Users\webex
2008-09-18 20:22 . 2008-09-19 14:47 <REP> d-------- C:\ProgramData\webex
2008-09-18 20:21 . 2008-09-18 20:22 <REP> d-------- C:\Users\All Users\Linksys
2008-09-18 20:21 . 2008-09-18 20:22 <REP> d-------- C:\ProgramData\Linksys
2008-09-18 20:20 . 2008-04-09 00:14 24,888 --a------ C:\Windows\System32\drivers\pnarp.sys
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\Users\All Users\Pure Networks
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\ProgramData\Pure Networks
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\Program Files\Common Files\Pure Networks Shared
2008-09-18 20:19 . 2008-04-09 00:14 26,424 --a------ C:\Windows\System32\drivers\purendis.sys
2008-09-18 20:18 . 2008-09-18 20:19 <REP> d-------- C:\Program Files\Linksys
2008-09-18 14:45 . 2008-09-23 01:48 65,536 --------- C:\Windows\System32\Ikeext.etl
2008-09-18 14:09 . 2008-09-18 14:09 <REP> d-------- C:\Users\Patrick\AppData\Roaming\PeerNetworking
2008-09-17 13:18 . 2008-07-19 01:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-09-17 13:18 . 2008-07-18 23:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-09-17 13:18 . 2008-07-19 01:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-09-17 13:18 . 2008-07-19 01:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-09-17 13:17 . 2008-07-19 01:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-09-17 13:17 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-09-17 13:17 . 2008-07-18 23:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-09-17 13:17 . 2008-07-19 01:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-09-17 13:17 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-09-17 00:59 . 2008-09-17 00:59 <REP> d-------- C:\Program Files\Apple Software Update
2008-09-17 00:58 . 2008-09-18 20:20 <REP> d----c--- C:\Windows\System32\DRVSTORE
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Program Files\iTunes
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Program Files\iPod
2008-09-17 00:58 . 2008-04-17 13:12 107,368 --a------ C:\Windows\System32\GEARAspi.dll
2008-09-17 00:58 . 2008-04-17 13:12 15,464 --a------ C:\Windows\System32\drivers\GEARAspiWDM.sys
2008-09-17 00:56 . 2008-09-17 00:57 <REP> d-------- C:\Program Files\QuickTime
2008-09-17 00:52 . 2008-09-17 00:52 <REP> d-------- C:\Program Files\Safari
2008-09-17 00:52 . 2008-09-17 00:52 <REP> d-------- C:\Program Files\Bonjour
2008-09-09 19:20 . 2008-07-30 21:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-09 19:20 . 2008-08-01 21:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-09 19:20 . 2008-06-25 23:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-09 19:20 . 2008-06-25 23:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-09 19:20 . 2008-05-08 15:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-09 19:20 . 2008-05-19 22:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-09 19:20 . 2008-06-25 23:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-09 19:20 . 2008-08-01 23:26 36,864 --a------ C:\Windows\System32\cdd.dll
2008-09-09 19:20 . 2008-07-30 23:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-09 00:56 . 2008-09-09 00:56 <REP> d-------- C:\Users\Patrick\AppData\Roaming\Malwarebytes
2008-09-09 00:56 . 2008-09-09 00:56 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-09-09 00:56 . 2008-09-09 00:56 <REP> d-------- C:\ProgramData\Malwarebytes
2008-09-09 00:55 . 2008-09-09 00:55 <REP> d-------- C:\Users\Patrick\AppData\Roaming\Download Manager
2008-09-08 13:28 . 2008-09-08 13:28 0 --a------ C:\Windows\nsreg.dat
2008-09-08 12:24 . 2008-09-08 12:24 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-09-07 16:42 . 2008-09-07 16:42 <REP> d-------- C:\Users\Patrick\Option
2008-09-07 14:25 . 2008-09-07 23:59 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-09-07 14:25 . 2008-09-07 23:59 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-09-07 14:25 . 2008-09-07 22:21 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-07 13:15 . 2008-09-07 13:15 <REP> d-------- C:\Users\All Users\Messenger Plus!
2008-09-07 13:15 . 2008-09-07 13:15 <REP> d-------- C:\ProgramData\Messenger Plus!
2008-09-07 13:11 . 2008-09-07 13:13 <REP> d-------- C:\Users\All Users\Poke admin tons bike
2008-09-07 13:11 . 2008-09-19 13:37 <REP> d-------- C:\Users\All Users\LongAmenSixth
2008-09-07 13:11 . 2008-09-07 13:13 <REP> d-------- C:\ProgramData\Poke admin tons bike
2008-09-07 13:11 . 2008-09-19 13:37 <REP> d-------- C:\ProgramData\LongAmenSixth
2008-09-07 13:10 . 2008-09-07 13:12 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-09-06 18:12 . 2008-09-06 18:12 <REP> d-------- C:\EGIS_Drive
2008-09-06 17:35 . 2008-09-22 20:16 <REP> d-------- C:\Users\Patrick\AppData\Roaming\LimeWire
2008-09-06 17:15 . 2008-09-13 12:57 <REP> d-a------ C:\Users\All Users\TEMP
2008-09-06 17:15 . 2008-09-13 12:57 <REP> d-a------ C:\ProgramData\TEMP
2008-09-06 17:03 . 2008-09-17 14:04 <REP> d-------- C:\Users\Patrick\AppData\Roaming\Apple Computer
2008-09-06 17:02 . 2008-09-17 00:58 <REP> d-------- C:\Users\All Users\Apple Computer
2008-09-06 17:02 . 2008-09-17 00:58 <REP> d-------- C:\ProgramData\Apple Computer
2008-09-06 17:01 . 2008-09-06 17:01 <REP> d-------- C:\Users\All Users\Apple
2008-09-06 17:01 . 2008-09-06 17:01 <REP> d-------- C:\ProgramData\Apple
2008-09-06 17:01 . 2008-09-17 00:56 <REP> d-------- C:\Program Files\Common Files\Apple
2008-09-06 16:50 . 2008-09-06 16:50 <REP> d-------- C:\Program Files\BitComet
2008-09-06 16:50 . 2008-09-14 18:04 <REP> d-------- C:\Downloads
2008-09-06 16:38 . 2008-09-18 20:21 <REP> d-------- C:\Program Files\Java
2008-09-06 16:37 . 2008-09-06 16:37 <REP> d-------- C:\Program Files\Common Files\Java
2008-09-06 16:35 . 2008-09-06 16:35 <REP> d-------- C:\Program Files\LimeWire
2008-09-06 16:19 . 2008-09-06 16:19 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-06 16:19 . 2006-11-29 13:06 3,426,072 --a------ C:\Windows\System32\d3dx9_32.dll
2008-09-06 16:15 . 2008-09-06 16:34 <REP> d-------- C:\Program Files\Windows Live
2008-09-06 16:15 . 2008-09-06 16:17 <REP> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-06 16:14 . 2008-09-06 16:14 <REP> d-------- C:\Users\All Users\WLInstaller
2008-09-06 16:14 . 2008-09-06 16:14 <REP> d-------- C:\ProgramData\WLInstaller
2008-09-06 16:05 . 2008-09-06 16:06 <REP> d-------- C:\Users\Patrick\AppData\Roaming\eSobi
2008-09-06 16:03 . 2008-09-06 16:03 <REP> d-------- C:\Users\Patrick\AppData\Roaming\CyberLink
2008-09-06 15:51 . 2008-07-15 21:32 2,048 --a------ C:\Windows\System32\tzres.dll
2008-09-06 15:45 . 2008-09-06 15:45 <REP> d-------- C:\Program Files\MSXML 4.0
2008-09-06 15:42 . 2008-09-06 15:42 <REP> d-------- C:\Users\Patrick\AppData\Roaming\Yahoo!
2008-09-06 15:42 . 2008-09-06 15:42 <REP> d-------- C:\Users\All Users\Yahoo! Companion
2008-09-06 15:42 . 2008-09-06 15:42 <REP> d-------- C:\ProgramData\Yahoo! Companion
2008-09-06 15:37 . 2008-09-06 15:37 <REP> d-------- C:\Windows\Acer_Wide
2008-09-06 15:37 . 2008-09-06 15:41 <REP> d-------- C:\Windows\Acer_Normal
2008-09-06 15:37 . 2008-09-06 15:37 <REP> d-------- C:\Program Files\Acer Incorporated
2008-09-06 15:37 . 2006-10-19 10:00 187,392 --a------ C:\Windows\Acer(Wide).scr
2008-09-06 15:37 . 2006-10-19 10:00 187,392 --a------ C:\Windows\Acer(Normal).scr
2008-09-06 15:37 . 2006-11-03 16:23 44 --a------ C:\Windows\Acer(Normal).ini
2008-09-06 15:37 . 2006-11-02 16:38 42 --a------ C:\Windows\Acer(Wide).ini
2008-09-06 15:29 . 2007-06-26 20:06 262,200 --a------ C:\Windows\System32\hcwpnp32_priv.dll
2008-09-06 15:29 . 2007-06-26 20:06 262,200 --a------ C:\Windows\System32\hcwpnp32.dll
2008-09-06 15:29 . 2007-05-15 16:46 98,360 --a------ C:\Windows\System32\hcwi2c32.dll
2008-09-06 15:29 . 2006-10-10 18:47 36,921 --a------ C:\Windows\System32\hcwutl32_priv.dll
2008-09-06 15:29 . 2006-10-10 18:47 36,921 --a------ C:\Windows\System32\hcwutl32.dll
2008-09-06 15:28 . 2008-09-23 01:48 0 --a------ C:\Windows\System32\LogConfigTemp.xml
2008-09-06 15:25 . 2008-09-06 15:25 <REP> d-------- C:\Program Files\DIFX
2008-09-06 15:25 . 2008-06-25 21:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-09-06 15:25 . 2008-06-25 21:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-09-06 15:25 . 2008-06-25 23:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
2008-09-06 15:25 . 2008-04-23 00:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-09-06 15:25 . 2008-04-23 00:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-09-06 15:25 . 2008-04-23 00:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-09-06 15:25 . 2008-04-23 00:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-09-06 15:24 . 2008-09-06 15:24 <REP> d-------- C:\Program Files\YUAN
2008-09-06 15:24 . 2008-02-22 01:05 110,136 --a------ C:\Windows\System32\drivers\ataport.sys
2008-09-06 15:24 . 2008-02-22 01:04 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-09-06 15:24 . 2008-02-22 01:03 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-09-06 15:24 . 2008-02-22 01:03 16,440 --a------ C:\Windows\System32\drivers\pciide.sys
2008-09-06 15:23 . 2008-04-26 04:25 3,600,952 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-09-06 15:23 . 2008-04-26 04:25 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-09-06 15:23 . 2008-04-26 04:08 1,314,816 --a------ C:\Windows\System32\quartz.dll
2008-09-06 15:23 . 2008-04-26 04:26 891,448 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-09-06 15:23 . 2008-04-11 23:32 784,896 --a------ C:\Windows\System32\rpcrt4.dll
2008-09-06 15:23 . 2008-06-18 23:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
2008-09-06 15:23 . 2008-04-04 21:21 72,192 --a------ C:\Windows\System32\drivers\pacer.sys
2008-09-06 15:23 . 2008-04-04 23:34 15,360 --a------ C:\Windows\System32\pacerprf.dll
2008-09-06 15:22 . 2008-03-08 00:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-19 00:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-18 13:54 --------- d-----w C:\Program Files\McAfee
2008-09-13 21:11 --------- d-----w C:\Program Files\SiteAdvisor
2008-09-10 00:00 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-09 23:59 --------- d-----w C:\Program Files\Microsoft Works
2008-09-06 20:07 --------- d-----w C:\ProgramData\eSobi
2008-09-06 20:03 --------- d-----w C:\ProgramData\CyberLink
2008-09-06 19:54 --------- d-----w C:\Program Files\Windows Mail
2008-09-06 19:17 --------- d-----w C:\Program Files\Acer
2008-09-06 19:13 --------- d-sh--w C:\ProgramData\Modèles
2008-09-06 19:13 --------- d-sh--w C:\ProgramData\Menu Démarrer
2008-09-06 19:13 --------- d-sh--w C:\ProgramData\Favoris
2008-09-06 19:13 --------- d-sh--w C:\ProgramData\Bureau
2008-09-06 19:13 --------- d-sh--w C:\Program Files\Fichiers communs
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-18 18:39 587,264 ----a-w C:\Windows\WLXPGSS.SCR
2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 23:38 121392 --a------ C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-20 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-20 125952]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-20 C:\Windows\System32\oobefldr.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-20 1008184]
"Acer Empowering Technology Monitor"="C:\Program Files\Acer\Empowering Technology\SysMonitor.exe" [2008-04-25 319488]
"EmpoweringTechnology"="C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-04-25 319488]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2007-08-24 36640]
"eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"PCMMediaSharing"="C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-10 40048]
"BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-02-25 34040]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Acer Product Registration"="C:\Program Files\Acer\Acer Registration\ACE1.exe" [2007-11-26 3387392]
"Acer Assist Launcher"="C:\Program Files\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"LELA"="C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" [2008-05-01 131072]
"nmctxth"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-04-09 648504]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [2007-11-20 C:\Windows\SkyTel.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{39483AF4-6277-434A-8C81-EEA2C2461D24}"= C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{1C6DC239-351A-46F8-84E8-1616F9D79B91}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{8719D5E1-793E-4F9D-88DD-78C00BCDF5D7}"= C:\Program Files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician
"{4D7E353C-F160-4D1E-B45D-FBAF340ED2ED}"= C:\Program Files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD
"{3F1AC602-C49C-4B07-AAC9-F573A6DE6DDB}"= C:\Program Files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician
"{366F7CF6-4D0E-4110-8DF8-4D6586841F01}"= C:\Program Files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine
"{BD637667-56BC-43ED-9884-B9B585628618}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia
"{01FF3703-8975-429B-875A-AB12919BCBC8}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{473DFFBF-F989-48BF-8937-0650C5A6DB8B}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service
"{E2448DCF-9832-4280-BA97-EF6465FCD0C1}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator
"{4BCF4F26-3C87-4277-8A74-8C44A0937428}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F3999426-D4E3-4478-9A91-60B4A8E796FA}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{2FB1E4DC-655B-4D66-BC5F-35F864C3CAF8}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{4801CD5B-F558-4808-9CD9-4DFB2F24AC55}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{616AABAB-E816-4AAD-8898-F38B1255D749}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{FD0915E6-9BAD-4C0E-98F8-71A181A5E87C}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{EAC16019-5FFD-4479-9BD1-FF44C6A1B94C}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{41BD57FF-08B7-4BBF-9C4D-841047B98225}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{7B5D3F7D-F2E5-4ED6-9B8E-4F0635717CBA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{6581E08B-0A93-42F0-B5BF-15D3D08664D4}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{E5D45FFC-021E-407C-A8FE-B4F31C8FEB4F}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{7B67E92E-DF2A-41BE-AF97-C92190A1DA3A}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{AD162974-5759-4D60-BE1D-E28970AD2C33}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"{7B5C6282-A721-4ACB-BF94-48588F9F0940}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{405647E8-C571-4FA8-BD0D-37CD26785ABA}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{1D234831-7739-46DF-8880-82C754CD63EF}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{25A78448-34D7-4CE6-A950-6221509E256A}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{E44598EF-4D95-452A-BD6C-96371DC03773}"= UDP:C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:Pure Networks Platform Service
"{1EDE1921-AC17-4FAA-BD2B-482A3A71790C}"= TCP:C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:Pure Networks Platform Service
"{7B624EFB-B43D-41A8-863B-8D93AF76E35C}"= TCP:67:0.0.0.0:DHCP Discovery Service
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr
R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-29 7680]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-25 21752]
R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 24576]
R2 LinksysUpdater;Linksys Updater;C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-04-18 204800]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-24 49152]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-25 131072]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 3533824]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-27 298496]
S4 ahcix86s;ahcix86s;C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 170000]
S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-eRecoveryService - (no file)
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\oisui8g8.default\
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 03:12:54
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
PROCESSUS: C:\Windows\Explorer.exe
-> C:\Program Files\SiteAdvisor\6261\saHook.dll
.
Heure de fin: 2008-09-23 3:14:27
ComboFix-quarantined-files.txt 2008-09-23 07:14:22
Avant-CF: 84ÿ550ÿ189ÿ056 octets libres
Après-CF: 84,312,576,000 octets libres
299 --- E O F --- 2008-09-10 00:02:34
ComboFix 08-09-20.05 - Patrick 2008-09-23 3:10:19.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1027 [GMT -4:00]
Lancé depuis: C:\Users\Patrick\Downloads\ComboFix.exe
* Un nouveau point de restauration a été créé
* Resident AV is active
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Users\Patrick\AppData\Roaming\.#
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-23 au 2008-09-23 ))))))))))))))))))))))))))))))))))))
.
2008-09-23 02:25 . 2008-09-23 02:25 <REP> d-------- C:\_OTMoveIt
2008-09-23 02:00 . 2008-09-23 02:00 <REP> d-------- C:\Program Files\Trend Micro
2008-09-23 01:39 . 2008-09-23 01:54 <REP> d-------- C:\Lop SD
2008-09-19 15:13 . 2008-09-19 15:13 <REP> d-------- C:\Windows\Sun
2008-09-18 20:22 . 2008-09-19 14:47 <REP> d-------- C:\Users\All Users\webex
2008-09-18 20:22 . 2008-09-19 14:47 <REP> d-------- C:\ProgramData\webex
2008-09-18 20:21 . 2008-09-18 20:22 <REP> d-------- C:\Users\All Users\Linksys
2008-09-18 20:21 . 2008-09-18 20:22 <REP> d-------- C:\ProgramData\Linksys
2008-09-18 20:20 . 2008-04-09 00:14 24,888 --a------ C:\Windows\System32\drivers\pnarp.sys
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\Users\All Users\Pure Networks
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\ProgramData\Pure Networks
2008-09-18 20:19 . 2008-09-18 20:19 <REP> d-------- C:\Program Files\Common Files\Pure Networks Shared
2008-09-18 20:19 . 2008-04-09 00:14 26,424 --a------ C:\Windows\System32\drivers\purendis.sys
2008-09-18 20:18 . 2008-09-18 20:19 <REP> d-------- C:\Program Files\Linksys
2008-09-18 14:45 . 2008-09-23 01:48 65,536 --------- C:\Windows\System32\Ikeext.etl
2008-09-18 14:09 . 2008-09-18 14:09 <REP> d-------- C:\Users\Patrick\AppData\Roaming\PeerNetworking
2008-09-17 13:18 . 2008-07-19 01:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-09-17 13:18 . 2008-07-18 23:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-09-17 13:18 . 2008-07-19 01:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-09-17 13:18 . 2008-07-19 01:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-09-17 13:17 . 2008-07-19 01:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-09-17 13:17 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-09-17 13:17 . 2008-07-18 23:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-09-17 13:17 . 2008-07-19 01:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-09-17 13:17 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-09-17 00:59 . 2008-09-17 00:59 <REP> d-------- C:\Program Files\Apple Software Update
2008-09-17 00:58 . 2008-09-18 20:20 <REP> d----c--- C:\Windows\System32\DRVSTORE
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Program Files\iTunes
2008-09-17 00:58 . 2008-09-17 00:58 <REP> d-------- C:\Program Files\iPod
2008-09-17 00:58 . 2008-04-17 13:12 107,368 --a------ C:\Windows\System32\GEARAspi.dll
2008-09-17 00:58 . 2008-04-17 13:12 15,464 --a------ C:\Windows\System32\drivers\GEARAspiWDM.sys
2008-09-17 00:56 . 2008-09-17 00:57 <REP> d-------- C:\Program Files\QuickTime
2008-09-17 00:52 . 2008-09-17 00:52 <REP> d-------- C:\Program Files\Safari
2008-09-17 00:52 . 2008-09-17 00:52 <REP> d-------- C:\Program Files\Bonjour
2008-09-09 19:20 . 2008-07-30 21:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-09 19:20 . 2008-08-01 21:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-09 19:20 . 2008-06-25 23:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-09 19:20 . 2008-06-25 23:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-09 19:20 . 2008-05-08 15:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-09 19:20 . 2008-05-19 22:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-09 19:20 . 2008-06-25 23:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-09 19:20 . 2008-08-01 23:26 36,864 --a------ C:\Windows\System32\cdd.dll
2008-09-09 19:20 . 2008-07-30 23:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-09 00:56 . 2008-09-09 00:56 <REP> d-------- C:\Users\Patrick\AppData\Roaming\Malwarebytes
2008-09-09 00:56 . 2008-09-09 00:56 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-09-09 00:56 . 2008-09-09 00:56 <REP> d-------- C:\ProgramData\Malwarebytes
2008-09-09 00:55 . 2008-09-09 00:55 <REP> d-------- C:\Users\Patrick\AppData\Roaming\Download Manager
2008-09-08 13:28 . 2008-09-08 13:28 0 --a------ C:\Windows\nsreg.dat
2008-09-08 12:24 . 2008-09-08 12:24 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-09-07 16:42 . 2008-09-07 16:42 <REP> d-------- C:\Users\Patrick\Option
2008-09-07 14:25 . 2008-09-07 23:59 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-09-07 14:25 . 2008-09-07 23:59 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-09-07 14:25 . 2008-09-07 22:21 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-07 13:15 . 2008-09-07 13:15 <REP> d-------- C:\Users\All Users\Messenger Plus!
2008-09-07 13:15 . 2008-09-07 13:15 <REP> d-------- C:\ProgramData\Messenger Plus!
2008-09-07 13:11 . 2008-09-07 13:13 <REP> d-------- C:\Users\All Users\Poke admin tons bike
2008-09-07 13:11 . 2008-09-19 13:37 <REP> d-------- C:\Users\All Users\LongAmenSixth
2008-09-07 13:11 . 2008-09-07 13:13 <REP> d-------- C:\ProgramData\Poke admin tons bike
2008-09-07 13:11 . 2008-09-19 13:37 <REP> d-------- C:\ProgramData\LongAmenSixth
2008-09-07 13:10 . 2008-09-07 13:12 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-09-06 18:12 . 2008-09-06 18:12 <REP> d-------- C:\EGIS_Drive
2008-09-06 17:35 . 2008-09-22 20:16 <REP> d-------- C:\Users\Patrick\AppData\Roaming\LimeWire
2008-09-06 17:15 . 2008-09-13 12:57 <REP> d-a------ C:\Users\All Users\TEMP
2008-09-06 17:15 . 2008-09-13 12:57 <REP> d-a------ C:\ProgramData\TEMP
2008-09-06 17:03 . 2008-09-17 14:04 <REP> d-------- C:\Users\Patrick\AppData\Roaming\Apple Computer
2008-09-06 17:02 . 2008-09-17 00:58 <REP> d-------- C:\Users\All Users\Apple Computer
2008-09-06 17:02 . 2008-09-17 00:58 <REP> d-------- C:\ProgramData\Apple Computer
2008-09-06 17:01 . 2008-09-06 17:01 <REP> d-------- C:\Users\All Users\Apple
2008-09-06 17:01 . 2008-09-06 17:01 <REP> d-------- C:\ProgramData\Apple
2008-09-06 17:01 . 2008-09-17 00:56 <REP> d-------- C:\Program Files\Common Files\Apple
2008-09-06 16:50 . 2008-09-06 16:50 <REP> d-------- C:\Program Files\BitComet
2008-09-06 16:50 . 2008-09-14 18:04 <REP> d-------- C:\Downloads
2008-09-06 16:38 . 2008-09-18 20:21 <REP> d-------- C:\Program Files\Java
2008-09-06 16:37 . 2008-09-06 16:37 <REP> d-------- C:\Program Files\Common Files\Java
2008-09-06 16:35 . 2008-09-06 16:35 <REP> d-------- C:\Program Files\LimeWire
2008-09-06 16:19 . 2008-09-06 16:19 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-06 16:19 . 2006-11-29 13:06 3,426,072 --a------ C:\Windows\System32\d3dx9_32.dll
2008-09-06 16:15 . 2008-09-06 16:34 <REP> d-------- C:\Program Files\Windows Live
2008-09-06 16:15 . 2008-09-06 16:17 <REP> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-06 16:14 . 2008-09-06 16:14 <REP> d-------- C:\Users\All Users\WLInstaller
2008-09-06 16:14 . 2008-09-06 16:14 <REP> d-------- C:\ProgramData\WLInstaller
2008-09-06 16:05 . 2008-09-06 16:06 <REP> d-------- C:\Users\Patrick\AppData\Roaming\eSobi
2008-09-06 16:03 . 2008-09-06 16:03 <REP> d-------- C:\Users\Patrick\AppData\Roaming\CyberLink
2008-09-06 15:51 . 2008-07-15 21:32 2,048 --a------ C:\Windows\System32\tzres.dll
2008-09-06 15:45 . 2008-09-06 15:45 <REP> d-------- C:\Program Files\MSXML 4.0
2008-09-06 15:42 . 2008-09-06 15:42 <REP> d-------- C:\Users\Patrick\AppData\Roaming\Yahoo!
2008-09-06 15:42 . 2008-09-06 15:42 <REP> d-------- C:\Users\All Users\Yahoo! Companion
2008-09-06 15:42 . 2008-09-06 15:42 <REP> d-------- C:\ProgramData\Yahoo! Companion
2008-09-06 15:37 . 2008-09-06 15:37 <REP> d-------- C:\Windows\Acer_Wide
2008-09-06 15:37 . 2008-09-06 15:41 <REP> d-------- C:\Windows\Acer_Normal
2008-09-06 15:37 . 2008-09-06 15:37 <REP> d-------- C:\Program Files\Acer Incorporated
2008-09-06 15:37 . 2006-10-19 10:00 187,392 --a------ C:\Windows\Acer(Wide).scr
2008-09-06 15:37 . 2006-10-19 10:00 187,392 --a------ C:\Windows\Acer(Normal).scr
2008-09-06 15:37 . 2006-11-03 16:23 44 --a------ C:\Windows\Acer(Normal).ini
2008-09-06 15:37 . 2006-11-02 16:38 42 --a------ C:\Windows\Acer(Wide).ini
2008-09-06 15:29 . 2007-06-26 20:06 262,200 --a------ C:\Windows\System32\hcwpnp32_priv.dll
2008-09-06 15:29 . 2007-06-26 20:06 262,200 --a------ C:\Windows\System32\hcwpnp32.dll
2008-09-06 15:29 . 2007-05-15 16:46 98,360 --a------ C:\Windows\System32\hcwi2c32.dll
2008-09-06 15:29 . 2006-10-10 18:47 36,921 --a------ C:\Windows\System32\hcwutl32_priv.dll
2008-09-06 15:29 . 2006-10-10 18:47 36,921 --a------ C:\Windows\System32\hcwutl32.dll
2008-09-06 15:28 . 2008-09-23 01:48 0 --a------ C:\Windows\System32\LogConfigTemp.xml
2008-09-06 15:25 . 2008-09-06 15:25 <REP> d-------- C:\Program Files\DIFX
2008-09-06 15:25 . 2008-06-25 21:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll
2008-09-06 15:25 . 2008-06-25 21:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll
2008-09-06 15:25 . 2008-06-25 23:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll
2008-09-06 15:25 . 2008-04-23 00:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-09-06 15:25 . 2008-04-23 00:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-09-06 15:25 . 2008-04-23 00:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-09-06 15:25 . 2008-04-23 00:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-09-06 15:24 . 2008-09-06 15:24 <REP> d-------- C:\Program Files\YUAN
2008-09-06 15:24 . 2008-02-22 01:05 110,136 --a------ C:\Windows\System32\drivers\ataport.sys
2008-09-06 15:24 . 2008-02-22 01:04 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-09-06 15:24 . 2008-02-22 01:03 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-09-06 15:24 . 2008-02-22 01:03 16,440 --a------ C:\Windows\System32\drivers\pciide.sys
2008-09-06 15:23 . 2008-04-26 04:25 3,600,952 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-09-06 15:23 . 2008-04-26 04:25 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-09-06 15:23 . 2008-04-26 04:08 1,314,816 --a------ C:\Windows\System32\quartz.dll
2008-09-06 15:23 . 2008-04-26 04:26 891,448 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-09-06 15:23 . 2008-04-11 23:32 784,896 --a------ C:\Windows\System32\rpcrt4.dll
2008-09-06 15:23 . 2008-06-18 23:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
2008-09-06 15:23 . 2008-04-04 21:21 72,192 --a------ C:\Windows\System32\drivers\pacer.sys
2008-09-06 15:23 . 2008-04-04 23:34 15,360 --a------ C:\Windows\System32\pacerprf.dll
2008-09-06 15:22 . 2008-03-08 00:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-19 00:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-18 13:54 --------- d-----w C:\Program Files\McAfee
2008-09-13 21:11 --------- d-----w C:\Program Files\SiteAdvisor
2008-09-10 00:00 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-09 23:59 --------- d-----w C:\Program Files\Microsoft Works
2008-09-06 20:07 --------- d-----w C:\ProgramData\eSobi
2008-09-06 20:03 --------- d-----w C:\ProgramData\CyberLink
2008-09-06 19:54 --------- d-----w C:\Program Files\Windows Mail
2008-09-06 19:17 --------- d-----w C:\Program Files\Acer
2008-09-06 19:13 --------- d-sh--w C:\ProgramData\Modèles
2008-09-06 19:13 --------- d-sh--w C:\ProgramData\Menu Démarrer
2008-09-06 19:13 --------- d-sh--w C:\ProgramData\Favoris
2008-09-06 19:13 --------- d-sh--w C:\ProgramData\Bureau
2008-09-06 19:13 --------- d-sh--w C:\Program Files\Fichiers communs
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-18 18:39 587,264 ----a-w C:\Windows\WLXPGSS.SCR
2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 23:38 121392 --a------ C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-20 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-20 125952]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-20 C:\Windows\System32\oobefldr.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-20 1008184]
"Acer Empowering Technology Monitor"="C:\Program Files\Acer\Empowering Technology\SysMonitor.exe" [2008-04-25 319488]
"EmpoweringTechnology"="C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-04-25 319488]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2007-08-24 36640]
"eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"PCMMediaSharing"="C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-10 40048]
"BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-02-25 34040]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Acer Product Registration"="C:\Program Files\Acer\Acer Registration\ACE1.exe" [2007-11-26 3387392]
"Acer Assist Launcher"="C:\Program Files\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"LELA"="C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" [2008-05-01 131072]
"nmctxth"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-04-09 648504]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [2007-11-20 C:\Windows\SkyTel.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{39483AF4-6277-434A-8C81-EEA2C2461D24}"= C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{1C6DC239-351A-46F8-84E8-1616F9D79B91}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{8719D5E1-793E-4F9D-88DD-78C00BCDF5D7}"= C:\Program Files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician
"{4D7E353C-F160-4D1E-B45D-FBAF340ED2ED}"= C:\Program Files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD
"{3F1AC602-C49C-4B07-AAC9-F573A6DE6DDB}"= C:\Program Files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician
"{366F7CF6-4D0E-4110-8DF8-4D6586841F01}"= C:\Program Files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine
"{BD637667-56BC-43ED-9884-B9B585628618}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia
"{01FF3703-8975-429B-875A-AB12919BCBC8}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{473DFFBF-F989-48BF-8937-0650C5A6DB8B}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service
"{E2448DCF-9832-4280-BA97-EF6465FCD0C1}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator
"{4BCF4F26-3C87-4277-8A74-8C44A0937428}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F3999426-D4E3-4478-9A91-60B4A8E796FA}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{2FB1E4DC-655B-4D66-BC5F-35F864C3CAF8}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{4801CD5B-F558-4808-9CD9-4DFB2F24AC55}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{616AABAB-E816-4AAD-8898-F38B1255D749}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{FD0915E6-9BAD-4C0E-98F8-71A181A5E87C}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{EAC16019-5FFD-4479-9BD1-FF44C6A1B94C}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{41BD57FF-08B7-4BBF-9C4D-841047B98225}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{7B5D3F7D-F2E5-4ED6-9B8E-4F0635717CBA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{6581E08B-0A93-42F0-B5BF-15D3D08664D4}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{E5D45FFC-021E-407C-A8FE-B4F31C8FEB4F}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{7B67E92E-DF2A-41BE-AF97-C92190A1DA3A}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{AD162974-5759-4D60-BE1D-E28970AD2C33}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"{7B5C6282-A721-4ACB-BF94-48588F9F0940}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{405647E8-C571-4FA8-BD0D-37CD26785ABA}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{1D234831-7739-46DF-8880-82C754CD63EF}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{25A78448-34D7-4CE6-A950-6221509E256A}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{E44598EF-4D95-452A-BD6C-96371DC03773}"= UDP:C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:Pure Networks Platform Service
"{1EDE1921-AC17-4FAA-BD2B-482A3A71790C}"= TCP:C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:Pure Networks Platform Service
"{7B624EFB-B43D-41A8-863B-8D93AF76E35C}"= TCP:67:0.0.0.0:DHCP Discovery Service
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe"= C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr
R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-29 7680]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-25 21752]
R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 24576]
R2 LinksysUpdater;Linksys Updater;C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-04-18 204800]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-24 49152]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-25 131072]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 3533824]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-27 298496]
S4 ahcix86s;ahcix86s;C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 170000]
S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-eRecoveryService - (no file)
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\oisui8g8.default\
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 03:12:54
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
PROCESSUS: C:\Windows\Explorer.exe
-> C:\Program Files\SiteAdvisor\6261\saHook.dll
.
Heure de fin: 2008-09-23 3:14:27
ComboFix-quarantined-files.txt 2008-09-23 07:14:22
Avant-CF: 84ÿ550ÿ189ÿ056 octets libres
Après-CF: 84,312,576,000 octets libres
299 --- E O F --- 2008-09-10 00:02:34
voila le rapport de ot move it
C:\Users\All Users\Poke admin tons bike moved successfully.
File/Folder C:\Users\All Users\Poke admin tons bike not found.
File/Folder C:\ProgramData\Poke admin tons bike not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09232008_032945
C:\Users\All Users\Poke admin tons bike moved successfully.
File/Folder C:\Users\All Users\Poke admin tons bike not found.
File/Folder C:\ProgramData\Poke admin tons bike not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09232008_032945
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
non sa me disais des truc comme erreur de suppresion a hijack alors je vienne de le desinstaller et je vais refaire le test pour voir
je ne peu pas quitter avec le rapport alors je te poste ceci p-e que tu comprendra kelke chose la dedans car moi je ny comprend rien
[ Rapport ToolsCleaner version 2.2.3 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\Combofix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Users\Patrick\Downloads\ComboFix.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\Users\Patrick\Downloads\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: ERREUR DE SUPPRESSION !!
C:\Combofix: ERREUR DE SUPPRESSION !!
C:\Program Files\Trend Micro\HijackThis: ERREUR DE SUPPRESSION !!
[ Rapport ToolsCleaner version 2.2.3 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\Combofix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Users\Patrick\Downloads\ComboFix.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\Users\Patrick\Downloads\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: ERREUR DE SUPPRESSION !!
C:\Combofix: ERREUR DE SUPPRESSION !!
C:\Program Files\Trend Micro\HijackThis: ERREUR DE SUPPRESSION !!
double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Users\All Users\Poke admin tons bike
C:\Users\All Users\Poke admin tons bike
C:\ProgramData\Poke admin tons bike
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
* pour supprimer les outils/fix utilisés :
Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/
# Fais un clic droit sur toolcleaner
# Choisi executer en tant qu administrateur
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Users\All Users\Poke admin tons bike
C:\Users\All Users\Poke admin tons bike
C:\ProgramData\Poke admin tons bike
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
* pour supprimer les outils/fix utilisés :
Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/
# Fais un clic droit sur toolcleaner
# Choisi executer en tant qu administrateur
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
