moustikette1711

Désolée de ne pas avoir repondu plus tôt, je crois que cet fois c'est bon, mon pc est soigné ! Je te remercie beaucoup beaucoup beaucoup de m'avoir aidé, c'est trés gentil a toi !!!! Merci Merci Merci

Voici le rapport que tu m'as demandé (il a été beaucoup plus rapide que la premiére fois ) : Logfile of random's system information tool 1.06 (written by random/random) Run by Moustiiick at 2010-02-16 11:05:47 Microsoft® Windows Vista™ Édition Familiale Premium System drive C: has 11 GB (15%) free of 72 GB Total RAM: 2046 MB (53% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:06:05, on 16/02/2010 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16982) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\HiYo\Bin\HiYo.exe C:\Windows\System32\rundll32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe C:\Users\MOUSTI~1\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Internet Explorer\IEUser.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Moustiiick\Downloads\RSIT(2).exe C:\Program Files\trend micro\Moustiiick.exe C:\Windows\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.hiyo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: MSIEPlugin - {4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} - C:\ProgramData\uPlayMe\plugins\MSIE.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Windows\System32\eNetHook.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio.exe (file missing) -- End of file - 9573 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{2184D04A-1F7B-405C-9814-C5297D952E5F}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF}] MSIEPlugin Class - C:\ProgramData\uPlayMe\plugins\MSIE.dll [2008-06-28 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-30 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-01-30 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-28 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-01-02 151552] {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - SYSTRAN Web Translator 5.0 - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll [2005-03-10 262144] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-30 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-07-22 1006264] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-09 3784704] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104] "NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-20 90191] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-20 7766016] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-20 81920] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-01-02 464168] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-21 659456] "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344] "Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-01-14 151552] "SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2007-02-13 35328] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-28 148888] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-11-07 111936] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000] "Hiyo"=C:\Program Files\HiYo\bin\HiYo.exe [2009-10-15 206192] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-17 39408] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440] "SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-02-14 3037696] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\Windows\System32\eNetHook.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu" "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption" "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-02-15 19:24:02 ----SHD---- C:\$RECYCLE.BIN 2010-02-15 19:23:59 ----D---- C:\Windows\temp 2010-02-15 19:23:16 ----A---- C:\ComboFix.txt 2010-02-15 19:12:23 ----D---- C:\moustikette 2010-02-15 15:39:15 ----A---- C:\Windows\zip.exe 2010-02-15 15:39:15 ----A---- C:\Windows\SWXCACLS.exe 2010-02-15 15:39:15 ----A---- C:\Windows\SWSC.exe 2010-02-15 15:39:15 ----A---- C:\Windows\SWREG.exe 2010-02-15 15:39:15 ----A---- C:\Windows\sed.exe 2010-02-15 15:39:15 ----A---- C:\Windows\PEV.exe 2010-02-15 15:39:15 ----A---- C:\Windows\NIRCMD.exe 2010-02-15 15:39:15 ----A---- C:\Windows\MBR.exe 2010-02-15 15:39:15 ----A---- C:\Windows\grep.exe 2010-02-15 15:39:06 ----D---- C:\Windows\ERDNT 2010-02-15 15:38:03 ----D---- C:\Qoobox 2010-02-15 14:04:46 ----D---- C:\rsit 2010-02-15 14:04:46 ----D---- C:\Program Files\trend micro 2010-02-14 17:58:20 ----D---- C:\Users\Moustiiick\AppData\Roaming\Malwarebytes 2010-02-14 17:58:12 ----D---- C:\ProgramData\Malwarebytes 2010-02-14 17:58:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-14 15:30:26 ----D---- C:\Users\Moustiiick\AppData\Roaming\Spyware Terminator 2010-02-14 15:30:15 ----D---- C:\ProgramData\Spyware Terminator 2010-02-14 15:30:13 ----D---- C:\Program Files\Spyware Terminator 2010-02-10 14:15:12 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-02-10 14:15:10 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-02-10 14:14:53 ----A---- C:\Windows\system32\tcpipcfg.dll 2010-02-10 14:14:53 ----A---- C:\Windows\system32\netiougc.exe 2010-02-10 14:14:47 ----A---- C:\Windows\system32\quartz.dll 2010-02-10 14:14:47 ----A---- C:\Windows\system32\msvidc32.dll 2010-02-10 14:14:46 ----A---- C:\Windows\system32\msyuv.dll 2010-02-10 14:14:46 ----A---- C:\Windows\system32\msrle32.dll 2010-02-10 14:14:46 ----A---- C:\Windows\system32\iyuv_32.dll 2010-02-10 14:14:45 ----A---- C:\Windows\system32\tsbyuv.dll 2010-02-10 14:14:45 ----A---- C:\Windows\system32\mciavi32.dll 2010-02-10 14:14:45 ----A---- C:\Windows\system32\avifil32.dll 2010-02-10 14:14:44 ----A---- C:\Windows\system32\msvfw32.dll 2010-02-10 14:14:44 ----A---- C:\Windows\system32\avicap32.dll 2010-02-04 22:22:36 ----D---- C:\Program Files\Common Files\DivX Shared 2010-01-22 18:43:16 ----A---- C:\Windows\system32\mshtml.dll 2010-01-22 18:43:14 ----A---- C:\Windows\system32\wininet.dll 2010-01-22 18:43:12 ----A---- C:\Windows\system32\urlmon.dll 2010-01-22 18:43:11 ----A---- C:\Windows\system32\ieframe.dll 2010-01-22 18:43:09 ----A---- C:\Windows\system32\mstime.dll 2010-01-22 18:43:09 ----A---- C:\Windows\system32\ieapfltr.dll 2010-01-22 18:43:07 ----A---- C:\Windows\system32\iedkcs32.dll 2010-01-22 18:43:06 ----A---- C:\Windows\system32\occache.dll 2010-01-22 18:43:06 ----A---- C:\Windows\system32\iertutil.dll 2010-01-22 18:43:06 ----A---- C:\Windows\system32\dxtmsft.dll 2010-01-22 18:43:05 ----A---- C:\Windows\system32\mshtmled.dll 2010-01-22 18:43:05 ----A---- C:\Windows\system32\msfeeds.dll 2010-01-22 18:43:05 ----A---- C:\Windows\system32\ieaksie.dll 2010-01-22 18:43:04 ----A---- C:\Windows\system32\ieencode.dll 2010-01-22 18:43:04 ----A---- C:\Windows\system32\icardie.dll 2010-01-22 18:43:04 ----A---- C:\Windows\system32\dxtrans.dll 2010-01-22 18:43:03 ----A---- C:\Windows\system32\jsproxy.dll 2010-01-22 18:43:03 ----A---- C:\Windows\system32\advpack.dll 2010-01-22 18:43:03 ----A---- C:\Windows\system32\admparse.dll 2010-01-22 18:43:02 ----A---- C:\Windows\system32\ieui.dll 2010-01-22 18:43:02 ----A---- C:\Windows\system32\iesetup.dll 2010-01-22 18:43:02 ----A---- C:\Windows\system32\iernonce.dll 2010-01-22 18:43:01 ----A---- C:\Windows\system32\pngfilt.dll 2010-01-22 18:43:01 ----A---- C:\Windows\system32\ieUnatt.exe 2010-01-22 18:43:01 ----A---- C:\Windows\system32\ie4uinit.exe 2010-01-22 18:43:00 ----A---- C:\Windows\system32\ieakui.dll 2010-01-22 18:42:59 ----A---- C:\Windows\system32\mshtmler.dll 2010-01-20 21:11:40 ----D---- C:\Program Files\Microsoft Silverlight ======List of files/folders modified in the last 1 months====== 2010-02-16 11:06:01 ----D---- C:\Windows\Prefetch 2010-02-16 10:54:46 ----AD---- C:\Windows\System32 2010-02-16 10:54:44 ----D---- C:\Windows\inf 2010-02-16 10:54:44 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-02-16 10:54:09 ----D---- C:\ProgramData 2010-02-16 10:53:04 ----SHD---- C:\System Volume Information 2010-02-15 22:54:38 ----D---- C:\Program Files\Mozilla Firefox 2010-02-15 19:23:59 ----AD---- C:\Windows 2010-02-15 19:20:38 ----A---- C:\Windows\system.ini 2010-02-15 19:17:26 ----D---- C:\Windows\AppPatch 2010-02-15 19:17:26 ----AD---- C:\Windows\system32\drivers 2010-02-15 19:17:25 ----D---- C:\Program Files\Common Files 2010-02-15 18:39:51 ----D---- C:\Windows\tracing 2010-02-15 16:01:39 ----D---- C:\Windows\Tasks 2010-02-15 15:50:28 ----D---- C:\Windows\system32\config 2010-02-15 14:04:46 ----RD---- C:\Program Files 2010-02-14 20:20:17 ----D---- C:\Windows\ehome 2010-02-14 20:15:00 ----D---- C:\Program Files\Internet Explorer 2010-02-14 16:32:11 ----D---- C:\Windows\Debug 2010-02-11 17:53:04 ----D---- C:\Windows\winsxs 2010-02-11 17:52:55 ----D---- C:\Windows\system32\catroot 2010-02-11 17:52:54 ----D---- C:\Windows\system32\catroot2 2010-02-11 17:49:26 ----D---- C:\Windows\system32\migration 2010-02-11 17:49:26 ----D---- C:\Program Files\Windows Mail 2010-02-04 22:29:34 ----D---- C:\Program Files\Google 2010-02-04 22:23:50 ----D---- C:\Program Files\DivX 2010-02-04 22:22:55 ----SHD---- C:\Windows\Installer 2010-02-04 22:07:16 ----D---- C:\Users\Moustiiick\AppData\Roaming\DivX 2010-02-02 19:31:49 ----RSD---- C:\Windows\assembly 2010-02-02 19:31:48 ----D---- C:\Program Files\OpenOffice.org 2.2 2010-02-02 18:58:42 ----D---- C:\Users\Moustiiick\AppData\Roaming\OpenOffice.org2 2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe 2010-01-30 12:08:39 ----D---- C:\Windows\system32\Tasks 2010-01-26 22:02:31 ----D---- C:\ProgramData\Lavasoft 2010-01-26 22:02:30 ----DC---- C:\Windows\system32\DRVSTORE ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-09-15 23152] R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-09-15 52368] R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-02-14 142592] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328] R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584] R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016] R3 Cam5607;Acer OrbiCam; C:\Windows\System32\Drivers\BisonC07.sys [2005-11-29 792368] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-11-15 14208] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648] R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-09 1647976] R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2004-10-11 22016] R3 NVENETFD;Pilote du contrôleur de réseau NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-20 4448160] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2006-09-15 11520] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896] R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2007-11-15 11264] S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [] S2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [] S3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688] S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456] S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016] S3 catchme;catchme; \??\C:\moustikette\catchme.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-03-15 14336] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [] S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016] S3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2006-12-10 6144] S3 PID_0928;Labtec WebCam(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2004-10-11 211712] S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328] S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432] S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-07-30 719392] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680] R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-01-02 457512] R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576] R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976] R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-28 49152] R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 24576] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440] R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-20 262247] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-02-14 488960] R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30 135664] S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [] S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2009-02-03 398848] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-14 182768] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232] -----------------EOF----------------- J'ai totalement désinstallé Norton, et non je n'ai plus eu de fenetres de pub d'explorer dès le premier scan de MBAM .Voilà ! ** Merci **

Je ne suis pas douée dans la lecture des raports, mais celui ci, je l'ai parfaitement compris!!!!Je suis super contente Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3739 Windows 6.0.6000 Internet Explorer 7.0.6000.16982 15/02/2010 22:40:31 mbam-log-2010-02-15 (22-40-31).txt Type de recherche: Examen rapide Eléments examinés: 121114 Temps écoulé: 5 minute(s), 25 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) 1000 Merci, je crois que cette fois, mon pc est guéri non?

C'est parti =), je poste ça dès que c'est fini =)

Voilà le rapport : ComboFix 10-02-12.01 - Moustiiick 15/02/2010 19:13:49.2.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.2046.930 [GMT 1:00] Lancé depuis: c:\users\Moustiiick\Desktop\moustikette.exe Commutateurs utilisés :: c:\users\Moustiiick\Desktop\CFScript.txt AV: avast! antivirus 4.8.1356 [VPS 100215-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} SP: avast! antivirus 4.8.1356 [VPS 100215-0] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FILE :: "c:\users\Moustiiick\AppData\Roaming\0E3SvsI.vbs" "c:\users\Moustiiick\AppData\Roaming\1IRKa.vbs" "c:\users\Moustiiick\AppData\Roaming\33QQbtl.vbs" "c:\users\Moustiiick\AppData\Roaming\3mXZl2l0PBLAU.vbs" "c:\users\Moustiiick\AppData\Roaming\5OUcLCz.vbs" "c:\users\Moustiiick\AppData\Roaming\60aXkQskVB7Rn68.vbs" "c:\users\Moustiiick\AppData\Roaming\7xt5k.vbs" "c:\users\Moustiiick\AppData\Roaming\ahixOfcGRV3x4.vbs" "c:\users\Moustiiick\AppData\Roaming\ar13bDlL5Oua4.vbs" "c:\users\Moustiiick\AppData\Roaming\bHqKeTQishBmC.vbs" "c:\users\Moustiiick\AppData\Roaming\bJZ1SOq.vbs" "c:\users\Moustiiick\AppData\Roaming\BrnWv.vbs" "c:\users\Moustiiick\AppData\Roaming\c0j7p.vbs" "c:\users\Moustiiick\AppData\Roaming\cX6GS8HMhsejDM6.vbs" "c:\users\Moustiiick\AppData\Roaming\d9FnpJb.vbs" "c:\users\Moustiiick\AppData\Roaming\Dbo9oGw.vbs" "c:\users\Moustiiick\AppData\Roaming\dhUTL6v.vbs" "c:\users\Moustiiick\AppData\Roaming\iS2CBRD.vbs" "c:\users\Moustiiick\AppData\Roaming\mMyzlXh.vbs" "c:\users\Moustiiick\AppData\Roaming\myqguJe.vbs" "c:\users\Moustiiick\AppData\Roaming\nk2NItzgP9Nbk.vbs" "c:\users\Moustiiick\AppData\Roaming\NkA3Nv0tFAiVQM2.vbs" "c:\users\Moustiiick\AppData\Roaming\nNBxWYBnEhOxUdg.vbs" "c:\users\Moustiiick\AppData\Roaming\pdK3k0ZJUbXCHWx.vbs" "c:\users\Moustiiick\AppData\Roaming\qS9cy9zXED6uo2i.vbs" "c:\users\Moustiiick\AppData\Roaming\Rrl2REDMIGO0nUB.vbs" "c:\users\Moustiiick\AppData\Roaming\Sok6kiG.vbs" "c:\users\Moustiiick\AppData\Roaming\t5U2vMSLQaIr6.vbs" "c:\users\Moustiiick\AppData\Roaming\tXEze2e.vbs" "c:\users\Moustiiick\AppData\Roaming\yb5JHCAC9KWuowt.vbs" "c:\users\Moustiiick\AppData\Roaming\z83j62THPwSta.vbs" file zipped: c:\program files\mozilla firefox\components\cniqpyqrpzlw.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\mozilla firefox\components\cniqpyqrpzlw.dll c:\users\Moustiiick\AppData\Roaming\0E3SvsI.vbs c:\users\Moustiiick\AppData\Roaming\1IRKa.vbs c:\users\Moustiiick\AppData\Roaming\33QQbtl.vbs c:\users\Moustiiick\AppData\Roaming\3mXZl2l0PBLAU.vbs c:\users\Moustiiick\AppData\Roaming\5OUcLCz.vbs c:\users\Moustiiick\AppData\Roaming\60aXkQskVB7Rn68.vbs c:\users\Moustiiick\AppData\Roaming\7xt5k.vbs c:\users\Moustiiick\AppData\Roaming\ahixOfcGRV3x4.vbs c:\users\Moustiiick\AppData\Roaming\ar13bDlL5Oua4.vbs c:\users\Moustiiick\AppData\Roaming\bHqKeTQishBmC.vbs c:\users\Moustiiick\AppData\Roaming\bJZ1SOq.vbs c:\users\Moustiiick\AppData\Roaming\BrnWv.vbs c:\users\Moustiiick\AppData\Roaming\c0j7p.vbs c:\users\Moustiiick\AppData\Roaming\cX6GS8HMhsejDM6.vbs c:\users\Moustiiick\AppData\Roaming\d9FnpJb.vbs c:\users\Moustiiick\AppData\Roaming\Dbo9oGw.vbs c:\users\Moustiiick\AppData\Roaming\dhUTL6v.vbs c:\users\Moustiiick\AppData\Roaming\iS2CBRD.vbs c:\users\Moustiiick\AppData\Roaming\mMyzlXh.vbs c:\users\Moustiiick\AppData\Roaming\myqguJe.vbs c:\users\Moustiiick\AppData\Roaming\nk2NItzgP9Nbk.vbs c:\users\Moustiiick\AppData\Roaming\NkA3Nv0tFAiVQM2.vbs c:\users\Moustiiick\AppData\Roaming\nNBxWYBnEhOxUdg.vbs c:\users\Moustiiick\AppData\Roaming\pdK3k0ZJUbXCHWx.vbs c:\users\Moustiiick\AppData\Roaming\qS9cy9zXED6uo2i.vbs c:\users\Moustiiick\AppData\Roaming\Rrl2REDMIGO0nUB.vbs c:\users\Moustiiick\AppData\Roaming\Sok6kiG.vbs c:\users\Moustiiick\AppData\Roaming\t5U2vMSLQaIr6.vbs c:\users\Moustiiick\AppData\Roaming\tXEze2e.vbs c:\users\Moustiiick\AppData\Roaming\yb5JHCAC9KWuowt.vbs c:\users\Moustiiick\AppData\Roaming\z83j62THPwSta.vbs . ((((((((((((((((((((((((((((( Fichiers créés du 2010-01-15 au 2010-02-15 )))))))))))))))))))))))))))))))))))) . 2010-02-15 18:20 . 2010-02-15 18:20 -------- d-----w- c:\users\Moustiiick\AppData\Local\temp 2010-02-15 18:20 . 2010-02-15 18:20 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-02-15 18:20 . 2010-02-15 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-02-15 18:20 . 2010-02-15 18:20 -------- d-----w- c:\users\Aurore\AppData\Local\temp 2010-02-15 18:20 . 2010-02-15 18:20 -------- d-----w- c:\users\Aur0re\AppData\Local\temp 2010-02-15 13:04 . 2010-02-15 13:05 -------- d-----w- C:\rsit 2010-02-15 13:04 . 2010-02-15 13:05 -------- d-----w- c:\program files\trend micro 2010-02-14 16:58 . 2010-02-14 16:58 -------- d-----w- c:\users\Moustiiick\AppData\Roaming\Malwarebytes 2010-02-14 16:58 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-14 16:58 . 2010-02-14 16:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-02-14 16:58 . 2010-02-14 16:58 -------- d-----w- c:\programdata\Malwarebytes 2010-02-14 16:58 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-14 14:30 . 2010-02-14 14:30 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe 2010-02-14 14:30 . 2010-02-14 14:30 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys 2010-02-14 14:30 . 2010-02-14 14:30 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys 2010-02-14 14:30 . 2010-02-14 15:42 -------- d-----w- c:\users\Moustiiick\AppData\Roaming\Spyware Terminator 2010-02-14 14:30 . 2010-02-14 15:49 -------- d-----w- c:\programdata\Spyware Terminator 2010-02-14 14:30 . 2010-02-14 15:48 -------- d-----w- c:\program files\Spyware Terminator 2010-02-10 13:15 . 2009-12-11 12:15 306688 ----a-w- c:\windows\system32\drivers\srv.sys 2010-02-10 13:15 . 2009-12-11 12:15 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-02-10 13:15 . 2009-12-08 20:54 3467848 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-10 13:15 . 2009-12-08 20:54 3502168 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-04 21:22 . 2010-02-04 21:23 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-01-30 10:26 . 2010-01-30 10:26 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbE9F2.tmp.exe 2010-01-22 17:42 . 2009-12-18 08:45 48128 ----a-w- c:\windows\system32\mshtmler.dll 2010-01-20 20:11 . 2010-01-20 20:11 -------- d-----w- c:\program files\Microsoft Silverlight . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-15 15:00 . 2006-12-10 19:02 690832 ----a-w- c:\windows\system32\perfh00C.dat 2010-02-15 15:00 . 2006-12-10 19:02 117572 ----a-w- c:\windows\system32\perfc00C.dat 2010-02-15 13:02 . 2008-12-12 16:01 30956 ----a-w- c:\users\Moustiiick\AppData\Roaming\nvModes.dat 2010-02-11 16:49 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-02-04 21:29 . 2007-09-23 19:14 -------- d-----w- c:\program files\Google 2010-02-04 21:23 . 2007-11-24 01:27 -------- d-----w- c:\program files\DivX 2010-02-04 21:07 . 2009-01-20 12:21 -------- d-----w- c:\users\Moustiiick\AppData\Roaming\DivX 2010-02-02 18:31 . 2007-07-14 09:54 -------- d-----w- c:\program files\OpenOffice.org 2.2 2010-02-02 17:58 . 2008-12-13 10:19 -------- d-----w- c:\users\Moustiiick\AppData\Roaming\OpenOffice.org2 2010-01-26 21:02 . 2010-01-03 16:01 -------- d-----w- c:\programdata\Lavasoft 2010-01-14 10:12 . 2009-10-02 16:32 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-03 16:01 . 2010-01-03 16:01 -------- d-----w- c:\program files\Lavasoft 2009-12-28 12:36 . 2010-02-10 13:14 11776 ----a-w- c:\windows\system32\tsbyuv.dll 2009-12-28 12:35 . 2010-02-10 13:14 1327616 ----a-w- c:\windows\system32\quartz.dll 2009-12-28 12:34 . 2010-02-10 13:14 22528 ----a-w- c:\windows\system32\msyuv.dll 2009-12-28 12:34 . 2010-02-10 13:14 31232 ----a-w- c:\windows\system32\msvidc32.dll 2009-12-28 12:34 . 2010-02-10 13:14 123904 ----a-w- c:\windows\system32\msvfw32.dll 2009-12-28 12:34 . 2010-02-10 13:14 13312 ----a-w- c:\windows\system32\msrle32.dll 2009-12-28 12:33 . 2010-02-10 13:14 82944 ----a-w- c:\windows\system32\mciavi32.dll 2009-12-28 12:32 . 2010-02-10 13:14 50176 ----a-w- c:\windows\system32\iyuv_32.dll 2009-12-28 12:30 . 2010-02-10 13:14 88576 ----a-w- c:\windows\system32\avifil32.dll 2009-12-28 12:30 . 2010-02-10 13:14 65024 ----a-w- c:\windows\system32\avicap32.dll 2009-12-24 11:24 . 2009-12-24 11:24 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-12-18 20:34 . 2009-03-08 12:46 -------- d-----w- c:\program files\Opera 2009-12-18 12:52 . 2010-01-22 17:43 832512 ----a-w- c:\windows\system32\wininet.dll 2009-12-18 12:48 . 2010-01-22 17:43 56320 ----a-w- c:\windows\system32\iesetup.dll 2009-12-18 12:48 . 2010-01-22 17:43 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-12-18 12:48 . 2010-01-22 17:43 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll 2009-12-18 12:46 . 2010-01-22 17:43 72704 ----a-w- c:\windows\system32\admparse.dll 2009-12-18 10:18 . 2010-01-22 17:43 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-12-08 20:19 . 2010-02-10 13:14 167424 ----a-w- c:\windows\system32\tcpipcfg.dll 2009-12-08 17:58 . 2010-02-10 13:14 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-12-08 17:57 . 2010-02-10 13:14 22016 ----a-w- c:\windows\system32\netiougc.exe 2009-12-04 16:27 . 2010-02-10 13:14 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2009-12-04 16:27 . 2010-02-10 13:14 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2009-11-30 16:21 . 2009-11-30 16:21 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb41E1.tmp.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF}] 2008-06-28 20:16 147456 ----a-w- c:\programdata\uPlayMe\plugins\MSIE.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-17 39408] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] "SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-14 3037696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-07-22 1006264] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104] "NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-20 90191] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-20 7766016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-20 81920] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-14 151552] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-02-13 35328] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-28 148888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2009-10-15 206192] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-7-23 110592] Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-10 528384] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\eNetHook.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [10/10/2009 10:26 114768] R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [14/02/2010 15:30 142592] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [29/07/2008 21:47 719392] R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [10/10/2009 10:26 20560] R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [10/10/2009 10:26 53328] S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30/01/2010 12:08 135664] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232] . Contenu du dossier 'Tâches planifiées' 2010-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 11:08] 2010-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 11:08] 2010-02-15 c:\windows\Tasks\User_Feed_Synchronization-{2184D04A-1F7B-405C-9814-C5297D952E5F}.job - c:\windows\system32\msfeedssync.exe [2006-11-02 09:45] . . ------- Examen supplémentaire ------- . uDefault_Search_URL = hxxp://www.google.com/ie uStart Page = hxxp://mystart.hiyo.com/ mStart Page = hxxp://home.sweetim.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab FF - ProfilePath - c:\users\Moustiiick\AppData\Roaming\Mozilla\Firefox\Profiles\mt7b71rr.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2148694&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q= FF - component: c:\users\Moustiiick\AppData\Roaming\Mozilla\Firefox\Profiles\mt7b71rr.default\extensions\{ab7e676a-f2a2-4747-a780-b0ac3cdc934c}\components\FFExternalAlert.dll FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- FF - user.js: yahoo.homepage.dontask - true . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-15 19:20 Windows 6.0.6000 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Heure de fin: 2010-02-15 19:23:15 ComboFix-quarantined-files.txt 2010-02-15 18:23 ComboFix2.txt 2010-02-15 15:02 Avant-CF: 11 995 369 472 octets libres Après-CF: 11 956 011 008 octets libres - - End Of File - - 3587E4A04CB6FD46ED0057BC19C1C3E1 L'envoi a r‚ussi Merci beaucoup

voila le rapport de combofix : ComboFix 10-02-12.01 - Moustiiick 15/02/2010 15:40:19.1.2 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.2046.1043 [GMT 1:00] Lancé depuis: c:\users\Moustiiick\Desktop\moustikette.exe AV: avast! antivirus 4.8.1356 [VPS 100215-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} SP: avast! antivirus 4.8.1356 [VPS 100215-0] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-2492016988-1816517082-3097804572-500 c:\programdata\Microsoft\Network\Downloader\qmgr0.dat c:\programdata\Microsoft\Network\Downloader\qmgr1.dat c:\users\Moustiiick\AppData\Local\Microsoft\Windows\Temporary Internet Files\1ec863c9-39a5-728d-7306-5953f2f18936 c:\users\Moustiiick\AppData\Local\Microsoft\Windows\Temporary Internet Files\8YoP5nXA5.jpg c:\users\Moustiiick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Bby83p.jpg c:\users\Moustiiick\AppData\Local\Microsoft\Windows\Temporary Internet Files\pNbxm.jpg c:\users\Moustiiick\AppData\Local\Microsoft\Windows\Temporary Internet Files\XJXyX.jpg c:\users\Moustiiick\AppData\Roaming\02000000ec7ddb5a663C.manifest c:\users\Moustiiick\AppData\Roaming\02000000ec7ddb5a663O.manifest c:\users\Moustiiick\AppData\Roaming\02000000ec7ddb5a663P.manifest c:\users\Moustiiick\AppData\Roaming\02000000ec7ddb5a663S.manifest c:\windows\system32\3337ef6d-1b2f-b94f-e6da-fbf63d88b328.exe c:\windows\system32\IP94d.vbs ----- BITS: Il y a peut-être des sites infectés ----- hxxp://au.download.windj+|Cv+@J:NGD_DQ{zGD_DQ{zGD_DQ{zGD_DQ{z+@J:Nj+|Cv . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Boonty Games ((((((((((((((((((((((((((((( Fichiers créés du 2010-01-15 au 2010-02-15 )))))))))))))))))))))))))))))))))))) . 2010-02-15 14:48 . 2010-02-15 14:55 -------- d-----w- c:\users\Moustiiick\AppData\Local\temp 2010-02-15 14:48 . 2010-02-15 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-02-15 14:48 . 2010-02-15 14:48 -------- d-----w- c:\users\Aurore\AppData\Local\temp 2010-02-15 14:48 . 2010-02-15 14:48 -------- d-----w- c:\users\Aur0re\AppData\Local\temp 2010-02-15 13:04 . 2010-02-15 13:05 -------- d-----w- C:\rsit 2010-02-15 13:04 . 2010-02-15 13:05 -------- d-----w- c:\program files\trend micro 2010-02-14 16:58 . 2010-02-14 16:58 -------- d-----w- c:\users\Moustiiick\AppData\Roaming\Malwarebytes 2010-02-14 16:58 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-14 16:58 . 2010-02-14 16:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-02-14 16:58 . 2010-02-14 16:58 -------- d-----w- c:\programdata\Malwarebytes 2010-02-14 16:58 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-14 14:30 . 2010-02-14 14:30 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys 2010-02-14 14:30 . 2010-02-14 15:42 -------- d-----w- c:\users\Moustiiick\AppData\Roaming\Spyware Terminator 2010-02-14 14:30 . 2010-02-14 15:49 -------- d-----w- c:\programdata\Spyware Terminator 2010-02-14 14:30 . 2010-02-14 15:48 -------- d-----w- c:\program files\Spyware Terminator 2010-02-10 13:15 . 2009-12-11 12:15 306688 ----a-w- c:\windows\system32\drivers\srv.sys 2010-02-10 13:15 . 2009-12-11 12:15 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-02-10 13:15 . 2009-12-08 20:54 3467848 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-10 13:15 . 2009-12-08 20:54 3502168 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-04 21:22 . 2010-02-04 21:23 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-01-22 17:42 . 2009-12-18 08:45 48128 ----a-w- c:\windows\system32\mshtmler.dll 2010-01-20 20:11 . 2010-01-20 20:11 -------- d-----w- c:\program files\Microsoft Silverlight . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-15 13:08 . 2006-12-10 19:02 690832 ----a-w- c:\windows\system32\perfh00C.dat 2010-02-15 13:08 . 2006-12-10 19:02 117572 ----a-w- c:\windows\system32\perfc00C.dat 2010-02-15 13:02 . 2008-12-12 16:01 30956 ----a-w- c:\users\Moustiiick\AppData\Roaming\nvModes.dat 2010-02-14 14:30 . 2010-02-14 14:30 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe 2010-02-14 14:30 . 2010-02-14 14:30 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys 2010-02-11 16:49 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-02-04 21:29 . 2007-09-23 19:14 -------- d-----w- c:\program files\Google 2010-02-04 21:23 . 2007-11-24 01:27 -------- d-----w- c:\program files\DivX 2010-02-04 21:07 . 2009-01-20 12:21 -------- d-----w- c:\users\Moustiiick\AppData\Roaming\DivX 2010-02-02 20:24 . 2010-02-02 20:24 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\Rrl2REDMIGO0nUB.vbs 2010-02-02 18:31 . 2007-07-14 09:54 -------- d-----w- c:\program files\OpenOffice.org 2.2 2010-02-02 17:58 . 2008-12-13 10:19 -------- d-----w- c:\users\Moustiiick\AppData\Roaming\OpenOffice.org2 2010-02-02 16:24 . 2010-02-02 16:24 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\dhUTL6v.vbs 2010-02-01 20:33 . 2010-02-01 20:33 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\Dbo9oGw.vbs 2010-02-01 16:33 . 2010-02-01 16:33 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\1IRKa.vbs 2010-01-31 16:31 . 2010-01-31 16:31 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\ahixOfcGRV3x4.vbs 2010-01-31 12:27 . 2010-01-31 12:27 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\NkA3Nv0tFAiVQM2.vbs 2010-01-30 20:19 . 2010-01-30 20:19 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\nk2NItzgP9Nbk.vbs 2010-01-30 15:35 . 2010-01-30 15:35 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\Sok6kiG.vbs 2010-01-30 11:09 . 2010-01-30 11:09 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\5OUcLCz.vbs 2010-01-30 10:28 . 2010-01-30 10:28 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\33QQbtl.vbs 2010-01-30 10:26 . 2010-01-30 10:26 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbE9F2.tmp.exe 2010-01-29 15:27 . 2010-01-29 15:27 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\bJZ1SOq.vbs 2010-01-28 19:45 . 2010-01-28 19:45 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\qS9cy9zXED6uo2i.vbs 2010-01-27 16:53 . 2010-01-27 16:53 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\c0j7p.vbs 2010-01-26 21:02 . 2010-01-03 16:01 -------- d-----w- c:\programdata\Lavasoft 2010-01-26 20:15 . 2010-01-26 20:15 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\tXEze2e.vbs 2010-01-25 17:07 . 2010-01-25 17:07 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\BrnWv.vbs 2010-01-24 19:37 . 2010-01-24 19:37 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\mMyzlXh.vbs 2010-01-23 11:13 . 2010-01-23 11:13 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\iS2CBRD.vbs 2010-01-22 17:29 . 2010-01-22 17:29 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\ar13bDlL5Oua4.vbs 2010-01-21 17:25 . 2010-01-21 17:25 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\z83j62THPwSta.vbs 2010-01-20 17:06 . 2010-01-20 17:06 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\myqguJe.vbs 2010-01-19 18:32 . 2010-01-19 18:32 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\pdK3k0ZJUbXCHWx.vbs 2010-01-18 20:45 . 2010-01-18 20:45 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\3mXZl2l0PBLAU.vbs 2010-01-15 18:14 . 2010-01-15 18:14 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\cX6GS8HMhsejDM6.vbs 2010-01-14 11:23 . 2010-01-14 11:23 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\7xt5k.vbs 2010-01-14 10:12 . 2009-10-02 16:32 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-13 20:27 . 2010-01-13 20:27 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\nNBxWYBnEhOxUdg.vbs 2010-01-12 20:43 . 2010-01-12 20:43 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\0E3SvsI.vbs 2010-01-11 22:45 . 2010-01-11 22:45 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\d9FnpJb.vbs 2010-01-11 09:02 . 2010-01-11 09:02 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\yb5JHCAC9KWuowt.vbs 2010-01-10 11:33 . 2010-01-10 11:33 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\bHqKeTQishBmC.vbs 2010-01-09 16:52 . 2010-01-09 16:52 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\60aXkQskVB7Rn68.vbs 2010-01-06 14:26 . 2010-01-06 14:26 1372 ----a-w- c:\users\Moustiiick\AppData\Roaming\t5U2vMSLQaIr6.vbs 2010-01-03 16:01 . 2010-01-03 16:01 -------- d-----w- c:\program files\Lavasoft 2009-12-28 12:36 . 2010-02-10 13:14 11776 ----a-w- c:\windows\system32\tsbyuv.dll 2009-12-28 12:35 . 2010-02-10 13:14 1327616 ----a-w- c:\windows\system32\quartz.dll 2009-12-28 12:34 . 2010-02-10 13:14 22528 ----a-w- c:\windows\system32\msyuv.dll 2009-12-28 12:34 . 2010-02-10 13:14 31232 ----a-w- c:\windows\system32\msvidc32.dll 2009-12-28 12:34 . 2010-02-10 13:14 123904 ----a-w- c:\windows\system32\msvfw32.dll 2009-12-28 12:34 . 2010-02-10 13:14 13312 ----a-w- c:\windows\system32\msrle32.dll 2009-12-28 12:33 . 2010-02-10 13:14 82944 ----a-w- c:\windows\system32\mciavi32.dll 2009-12-28 12:32 . 2010-02-10 13:14 50176 ----a-w- c:\windows\system32\iyuv_32.dll 2009-12-28 12:30 . 2010-02-10 13:14 88576 ----a-w- c:\windows\system32\avifil32.dll 2009-12-28 12:30 . 2010-02-10 13:14 65024 ----a-w- c:\windows\system32\avicap32.dll 2009-12-24 11:24 . 2009-12-24 11:24 653560 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-12-18 20:34 . 2009-03-08 12:46 -------- d-----w- c:\program files\Opera 2009-12-18 12:52 . 2010-01-22 17:43 832512 ----a-w- c:\windows\system32\wininet.dll 2009-12-18 12:48 . 2010-01-22 17:43 56320 ----a-w- c:\windows\system32\iesetup.dll 2009-12-18 12:48 . 2010-01-22 17:43 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-12-18 12:48 . 2010-01-22 17:43 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll 2009-12-18 12:46 . 2010-01-22 17:43 72704 ----a-w- c:\windows\system32\admparse.dll 2009-12-18 10:18 . 2010-01-22 17:43 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-12-08 20:19 . 2010-02-10 13:14 167424 ----a-w- c:\windows\system32\tcpipcfg.dll 2009-12-08 17:58 . 2010-02-10 13:14 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-12-08 17:57 . 2010-02-10 13:14 22016 ----a-w- c:\windows\system32\netiougc.exe 2009-12-04 16:27 . 2010-02-10 13:14 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2009-12-04 16:27 . 2010-02-10 13:14 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2009-11-30 16:21 . 2009-11-30 16:21 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb41E1.tmp.exe 2009-11-27 10:29 . 2009-11-27 10:29 292864 ----a-w- c:\program files\mozilla firefox\components\cniqpyqrpzlw.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF}] 2008-06-28 20:16 147456 ----a-w- c:\programdata\uPlayMe\plugins\MSIE.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "drv acid"="c:\programdata\EncCopyCopy.rjng3" [X] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-17 39408] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] "SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-14 3037696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-07-22 1006264] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104] "NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-20 90191] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-20 7766016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-20 81920] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-21 659456] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-14 151552] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-02-13 35328] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-28 148888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2009-10-15 206192] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-7-23 110592] Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2006-12-10 528384] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\eNetHook.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [10/10/2009 10:26 114768] R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [14/02/2010 15:30 142592] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [29/07/2008 21:47 719392] R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [10/10/2009 10:26 20560] R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [10/10/2009 10:26 53328] S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30/01/2010 12:08 135664] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232] . Contenu du dossier 'Tâches planifiées' 2010-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 11:08] 2010-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 11:08] 2010-02-15 c:\windows\Tasks\User_Feed_Synchronization-{2184D04A-1F7B-405C-9814-C5297D952E5F}.job - c:\windows\system32\msfeedssync.exe [2006-11-02 09:45] . . ------- Examen supplémentaire ------- . uDefault_Search_URL = hxxp://www.google.com/ie uStart Page = hxxp://mystart.hiyo.com/ mStart Page = hxxp://home.sweetim.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab FF - ProfilePath - c:\users\Moustiiick\AppData\Roaming\Mozilla\Firefox\Profiles\mt7b71rr.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2148694&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q= FF - component: c:\program files\Mozilla Firefox\components\cniqpyqrpzlw.dll FF - component: c:\users\Moustiiick\AppData\Roaming\Mozilla\Firefox\Profiles\mt7b71rr.default\extensions\{ab7e676a-f2a2-4747-a780-b0ac3cdc934c}\components\FFExternalAlert.dll FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- FF - user.js: yahoo.homepage.dontask - true . - - - - ORPHELINS SUPPRIMES - - - - BHO-{A6E9BAAF-53CD-4575-967B-2AF710A7D21F} - c:\program files\Iminent\IMBooster\Iminent.LinkToContent.dll BHO-{EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll HKLM-Run-Acer Tour - (no file) HKLM-Run-eRecoveryService - (no file) AddRemove-3337ef6d-1b2f-b94f-e6da-fbf63d88b328 - c:\windows\system32\3337ef6d-1b2f-b94f-e6da-fbf63d88b328.exe AddRemove-SM - c:\program files\SM\uninstaller.exe AddRemove-{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1 - c:\program files\Tetris\unins000.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-15 15:54 Windows 6.0.6000 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(4528) c:\acer\Empowering Technology\EPOWER\SysHook.dll c:\program files\ArcSoft\Software Suite\PhotoImpression 5\share\pihook.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\acer\Empowering Technology\eDataSecurity\eDSService.exe c:\acer\Empowering Technology\eLock\Service\eLockServ.exe c:\acer\Empowering Technology\eNet\eNet Service.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Spyware Terminator\sp_rsser.exe c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe c:\acer\Empowering Technology\eSettings\Service\capuserv.exe c:\acer\Empowering Technology\ePower\ePowerSvc.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows\system32\conime.exe c:\windows\RtHDVCpl.exe c:\program files\Launch Manager\LManager.exe c:\program files\Alwil Software\Avast4\ashDisp.exe c:\acer\Empowering Technology\ENET\ENMTRAY.EXE c:\acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE c:\windows\ehome\ehmsas.exe c:\acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE c:\acer\Empowering Technology\eRecovery\ERAGENT.EXE c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Heure de fin: 2010-02-15 16:02:21 - La machine a redémarré ComboFix-quarantined-files.txt 2010-02-15 15:02 Avant-CF: 9 855 553 536 octets libres Après-CF: 12 026 523 648 octets libres - - End Of File - - 6597D1264DA82733B9C274B4EC240BDD Merci

Logfile of random's system information tool 1.06 (written by random/random) Run by Moustiiick at 2010-02-15 14:04:46 Microsoft® Windows Vista™ Édition Familiale Premium System drive C: has 11 GB (15%) free of 72 GB Total RAM: 2046 MB (50% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:05:03, on 15/02/2010 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16982) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Launch Manager\LManager.exe C:\Windows\System32\rundll32.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\HiYo\Bin\HiYo.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\taskeng.exe C:\Users\MOUSTI~1\AppData\Local\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Moustiiick\Downloads\RSIT.exe C:\Program Files\trend micro\Moustiiick.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.hiyo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: MSIEPlugin - {4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} - C:\ProgramData\uPlayMe\plugins\MSIE.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Iminent.LinkToContent - {A6E9BAAF-53CD-4575-967B-2AF710A7D21F} - C:\Program Files\Iminent\IMBooster\Iminent.LinkToContent.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [drv acid] "C:\ProgramData\EncCopyCopy.rjng3" O4 - HKCU\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O13 - Gopher Prefix: O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Windows\System32\CNHIPRO32.dll eNetHook.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio.exe (file missing) -- End of file - 10414 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Ad-Aware Update (Daily 1).job C:\Windows\tasks\Ad-Aware Update (Daily 2).job C:\Windows\tasks\Ad-Aware Update (Daily 3).job C:\Windows\tasks\Ad-Aware Update (Daily 4).job C:\Windows\tasks\Ad-Aware Update (Weekly).job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{2184D04A-1F7B-405C-9814-C5297D952E5F}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF}] MSIEPlugin Class - C:\ProgramData\uPlayMe\plugins\MSIE.dll [2008-06-28 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6E9BAAF-53CD-4575-967B-2AF710A7D21F}] LinkToContent Class - C:\Program Files\Iminent\IMBooster\Iminent.LinkToContent.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-30 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-01-30 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-28 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-01-02 151552] {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - SYSTRAN Web Translator 5.0 - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll [2005-03-10 262144] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-30 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-07-22 1006264] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-09 3784704] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104] "Acer Tour"= [] "NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-20 90191] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-20 7766016] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-20 81920] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-01-02 464168] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-21 659456] "eRecoveryService"= [] "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344] "Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-01-14 151552] "SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2007-02-13 35328] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-28 148888] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-11-07 111936] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000] "Hiyo"=C:\Program Files\HiYo\bin\HiYo.exe [2009-10-15 206192] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-17 39408] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440] "drv acid"=C:\ProgramData\EncCopyCopy.rjng3 [2009-08-13 86032] "SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-02-14 3037696] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\Windows\System32\CNHIPRO32.dll eNetHook.dll" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu" "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption" "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-02-15 14:04:46 ----D---- C:\rsit 2010-02-15 14:04:46 ----D---- C:\Program Files\trend micro 2010-02-14 17:58:20 ----D---- C:\Users\Moustiiick\AppData\Roaming\Malwarebytes 2010-02-14 17:58:12 ----D---- C:\ProgramData\Malwarebytes 2010-02-14 17:58:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-14 15:30:26 ----D---- C:\Users\Moustiiick\AppData\Roaming\Spyware Terminator 2010-02-14 15:30:15 ----D---- C:\ProgramData\Spyware Terminator 2010-02-14 15:30:13 ----D---- C:\Program Files\Spyware Terminator 2010-02-10 14:15:12 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-02-10 14:15:10 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-02-10 14:14:53 ----A---- C:\Windows\system32\tcpipcfg.dll 2010-02-10 14:14:53 ----A---- C:\Windows\system32\netiougc.exe 2010-02-10 14:14:47 ----A---- C:\Windows\system32\quartz.dll 2010-02-10 14:14:47 ----A---- C:\Windows\system32\msvidc32.dll 2010-02-10 14:14:46 ----A---- C:\Windows\system32\msyuv.dll 2010-02-10 14:14:46 ----A---- C:\Windows\system32\msrle32.dll 2010-02-10 14:14:46 ----A---- C:\Windows\system32\iyuv_32.dll 2010-02-10 14:14:45 ----A---- C:\Windows\system32\tsbyuv.dll 2010-02-10 14:14:45 ----A---- C:\Windows\system32\mciavi32.dll 2010-02-10 14:14:45 ----A---- C:\Windows\system32\avifil32.dll 2010-02-10 14:14:44 ----A---- C:\Windows\system32\msvfw32.dll 2010-02-10 14:14:44 ----A---- C:\Windows\system32\avicap32.dll 2010-02-04 22:22:36 ----D---- C:\Program Files\Common Files\DivX Shared 2010-02-02 21:24:12 ----A---- C:\Users\Moustiiick\AppData\Roaming\Rrl2REDMIGO0nUB.vbs 2010-02-02 17:24:02 ----A---- C:\Users\Moustiiick\AppData\Roaming\dhUTL6v.vbs 2010-02-01 21:33:20 ----A---- C:\Users\Moustiiick\AppData\Roaming\Dbo9oGw.vbs 2010-02-01 17:33:03 ----A---- C:\Users\Moustiiick\AppData\Roaming\1IRKa.vbs 2010-01-31 17:31:21 ----A---- C:\Users\Moustiiick\AppData\Roaming\ahixOfcGRV3x4.vbs 2010-01-31 13:27:50 ----A---- C:\Users\Moustiiick\AppData\Roaming\NkA3Nv0tFAiVQM2.vbs 2010-01-30 21:19:00 ----A---- C:\Users\Moustiiick\AppData\Roaming\nk2NItzgP9Nbk.vbs 2010-01-30 16:35:33 ----A---- C:\Users\Moustiiick\AppData\Roaming\Sok6kiG.vbs 2010-01-30 12:09:09 ----A---- C:\Users\Moustiiick\AppData\Roaming\5OUcLCz.vbs 2010-01-30 11:28:10 ----A---- C:\Users\Moustiiick\AppData\Roaming\33QQbtl.vbs 2010-01-29 16:27:21 ----A---- C:\Users\Moustiiick\AppData\Roaming\bJZ1SOq.vbs 2010-01-28 20:45:53 ----A---- C:\Users\Moustiiick\AppData\Roaming\qS9cy9zXED6uo2i.vbs 2010-01-27 17:53:15 ----A---- C:\Users\Moustiiick\AppData\Roaming\c0j7p.vbs 2010-01-26 21:15:17 ----A---- C:\Users\Moustiiick\AppData\Roaming\tXEze2e.vbs 2010-01-25 18:07:27 ----A---- C:\Users\Moustiiick\AppData\Roaming\BrnWv.vbs 2010-01-24 20:37:35 ----A---- C:\Users\Moustiiick\AppData\Roaming\mMyzlXh.vbs 2010-01-23 12:13:39 ----A---- C:\Users\Moustiiick\AppData\Roaming\iS2CBRD.vbs 2010-01-22 18:43:16 ----A---- C:\Windows\system32\mshtml.dll 2010-01-22 18:43:14 ----A---- C:\Windows\system32\wininet.dll 2010-01-22 18:43:12 ----A---- C:\Windows\system32\urlmon.dll 2010-01-22 18:43:11 ----A---- C:\Windows\system32\ieframe.dll 2010-01-22 18:43:09 ----A---- C:\Windows\system32\mstime.dll 2010-01-22 18:43:09 ----A---- C:\Windows\system32\ieapfltr.dll 2010-01-22 18:43:07 ----A---- C:\Windows\system32\iedkcs32.dll 2010-01-22 18:43:06 ----A---- C:\Windows\system32\occache.dll 2010-01-22 18:43:06 ----A---- C:\Windows\system32\iertutil.dll 2010-01-22 18:43:06 ----A---- C:\Windows\system32\dxtmsft.dll 2010-01-22 18:43:05 ----A---- C:\Windows\system32\mshtmled.dll 2010-01-22 18:43:05 ----A---- C:\Windows\system32\msfeeds.dll 2010-01-22 18:43:05 ----A---- C:\Windows\system32\ieaksie.dll 2010-01-22 18:43:04 ----A---- C:\Windows\system32\ieencode.dll 2010-01-22 18:43:04 ----A---- C:\Windows\system32\icardie.dll 2010-01-22 18:43:04 ----A---- C:\Windows\system32\dxtrans.dll 2010-01-22 18:43:03 ----A---- C:\Windows\system32\jsproxy.dll 2010-01-22 18:43:03 ----A---- C:\Windows\system32\advpack.dll 2010-01-22 18:43:03 ----A---- C:\Windows\system32\admparse.dll 2010-01-22 18:43:02 ----A---- C:\Windows\system32\ieui.dll 2010-01-22 18:43:02 ----A---- C:\Windows\system32\iesetup.dll 2010-01-22 18:43:02 ----A---- C:\Windows\system32\iernonce.dll 2010-01-22 18:43:01 ----A---- C:\Windows\system32\pngfilt.dll 2010-01-22 18:43:01 ----A---- C:\Windows\system32\ieUnatt.exe 2010-01-22 18:43:01 ----A---- C:\Windows\system32\ie4uinit.exe 2010-01-22 18:43:00 ----A---- C:\Windows\system32\ieakui.dll 2010-01-22 18:42:59 ----A---- C:\Windows\system32\mshtmler.dll 2010-01-22 18:29:58 ----A---- C:\Users\Moustiiick\AppData\Roaming\ar13bDlL5Oua4.vbs 2010-01-21 18:25:00 ----A---- C:\Users\Moustiiick\AppData\Roaming\z83j62THPwSta.vbs 2010-01-20 21:11:40 ----D---- C:\Program Files\Microsoft Silverlight 2010-01-20 18:06:17 ----A---- C:\Users\Moustiiick\AppData\Roaming\myqguJe.vbs 2010-01-19 19:32:59 ----A---- C:\Users\Moustiiick\AppData\Roaming\pdK3k0ZJUbXCHWx.vbs 2010-01-18 21:45:00 ----A---- C:\Users\Moustiiick\AppData\Roaming\3mXZl2l0PBLAU.vbs ======List of files/folders modified in the last 1 months====== 2010-02-15 14:05:02 ----D---- C:\Windows\Temp 2010-02-15 14:04:46 ----RD---- C:\Program Files 2010-02-15 14:04:46 ----D---- C:\Windows\Prefetch 2010-02-14 21:18:57 ----SHD---- C:\System Volume Information 2010-02-14 21:00:09 ----D---- C:\Windows\tracing 2010-02-14 20:47:32 ----AD---- C:\Windows\System32 2010-02-14 20:47:31 ----D---- C:\Windows\inf 2010-02-14 20:47:31 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-02-14 20:20:25 ----AD---- C:\Windows 2010-02-14 20:20:17 ----D---- C:\Windows\ehome 2010-02-14 20:20:17 ----AD---- C:\Windows\system32\drivers 2010-02-14 20:15:00 ----D---- C:\Program Files\Internet Explorer 2010-02-14 17:58:12 ----HD---- C:\ProgramData 2010-02-14 16:32:11 ----D---- C:\Windows\Debug 2010-02-11 17:53:04 ----D---- C:\Windows\winsxs 2010-02-11 17:52:55 ----D---- C:\Windows\system32\catroot 2010-02-11 17:52:54 ----D---- C:\Windows\system32\catroot2 2010-02-11 17:49:26 ----D---- C:\Windows\system32\migration 2010-02-11 17:49:26 ----D---- C:\Program Files\Windows Mail 2010-02-04 22:29:34 ----D---- C:\Program Files\Google 2010-02-04 22:23:50 ----D---- C:\Program Files\DivX 2010-02-04 22:22:55 ----SHD---- C:\Windows\Installer 2010-02-04 22:22:36 ----D---- C:\Program Files\Common Files 2010-02-04 22:07:16 ----D---- C:\Users\Moustiiick\AppData\Roaming\DivX 2010-02-02 19:31:49 ----RSD---- C:\Windows\assembly 2010-02-02 19:31:48 ----D---- C:\Program Files\OpenOffice.org 2.2 2010-02-02 18:58:42 ----D---- C:\Users\Moustiiick\AppData\Roaming\OpenOffice.org2 2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe 2010-01-30 12:08:39 ----D---- C:\Windows\Tasks 2010-01-30 12:08:39 ----D---- C:\Windows\system32\Tasks 2010-01-26 22:02:31 ----D---- C:\ProgramData\Lavasoft 2010-01-26 22:02:30 ----DC---- C:\Windows\system32\DRVSTORE 2010-01-23 12:09:07 ----D---- C:\Windows\AppPatch 2010-01-20 22:22:38 ----D---- C:\Program Files\Mozilla Firefox ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-09-15 23152] R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-09-15 52368] R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-02-14 142592] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328] R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584] R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016] R3 Cam5607;Acer OrbiCam; C:\Windows\System32\Drivers\BisonC07.sys [2005-11-29 792368] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-11-15 14208] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648] R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-09 1647976] R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2004-10-11 22016] R3 NVENETFD;Pilote du contrôleur de réseau NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-20 4448160] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2006-09-15 11520] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896] R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2007-11-15 11264] S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [] S2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [] S3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688] S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456] S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016] S3 catchme;catchme; \??\C:\Users\Aurore\AppData\Local\Temp\catchme.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-03-15 14336] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [] S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016] S3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2006-12-10 6144] S3 PID_0928;Labtec WebCam(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2004-10-11 211712] S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328] S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432] S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-07-30 719392] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680] R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-01-02 457512] R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576] R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976] R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-28 49152] R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 24576] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440] R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-20 262247] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-02-14 488960] R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920] S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30 135664] S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [] S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2009-02-03 398848] S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2009-05-05 69120] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-14 182768] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232] -----------------EOF----------------- et le 2eme rapport : info.txt logfile of random's system information tool 1.06 2010-02-15 14:05:06 ======Uninstall list====== -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20} -->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE} -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall 7-Zip 4.62-->"C:\Program Files\7-Zip\Uninstall.exe" Acer Arcade Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x40c -removeonly Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly Acer OrbiCam-->Rundll32.exe BisonR07.dll,WinMainRmv Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Photoshop Elements 2.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.dll" Adobe Reader 8.1.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003} Adobe Shockwave Player 11.5-->C:\Windows\system32\Adobe\uninstaller.exe ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F96368D6-ECE9-4502-B5C4-A4200637F2A3}\Setup.exe" -l0x40c Ares 2.1.1-->"C:\Program Files\Ares\uninstall.exe" a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Bomberclone-->"C:\Program Files\bomberclone\uninstall.exe" CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Contextual Tool Milehighads-->C:\Windows\system32\3337ef6d-1b2f-b94f-e6da-fbf63d88b328.exe DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Favorit-->c:\users\aurore\appdata\local\bcjemt.bat Favorit-->c:\users\aurore\appdata\local\idxruok.bat Favorit-->c:\users\aurore\appdata\local\kmaykuu.bat Favorit-->c:\users\aurore\appdata\local\vltkbjyp.bat FixMessenger-->C:\Program Files\FixMessenger\uninstall.exe Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.0.249.89\Installer\setup.exe" --uninstall --system-level Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall HiYo -->MsiExec.exe /X{1353AD69-6F86-484F-B56B-3508F60ACCC4} ARPVAL="UnInst" /qf /L*V "%temp%\HiYoUninstallLog.log" HiYo-->MsiExec.exe /X{1353AD69-6F86-484F-B56B-3508F60ACCC4} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe livebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c Ma-Config.com-->MsiExec.exe /X{560BD6E0-0BA6-43AF-B423-E1DF4D2EB3C3} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Mario Forever 3.5-->C:\Program Files\Mario Forever\uninst.exe MaxTV-->"C:\Windows\MaxTV\uninstall_maxtv.exe" "/U:C:\Program Files\DMV\MaxTV4\Uninstall\MaxTV\uninstall_maxtv.xml" MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe" Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} MobileMe Control Panel-->MsiExec.exe /I{924EB80F-C2BB-4B9F-8412-88BBA937393F} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7 NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Pacman 2005 1.1-->C:\Program Files\Pacman 2005\uninst.exe PaperPort-->MsiExec.exe /I{71C97545-E547-4A8B-B0C8-61FF853270AC} Photocite Collection 4-->"C:\Program Files\Photocite Collection 4\Photocite Collection 4\uninstall.exe" PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4} Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe" Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} SM-->C:\Program Files\SM\uninstaller.exe Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003} Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe" Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall SYSTRAN Web Translator 5.0-->MsiExec.exe /I{E0B38894-0E4D-4AE1-B17E-CFBC3692E86A} Tetris-->"C:\Program Files\Tetris\unins000.exe" Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{F7B05784-334C-4F76-8BAB-30ABEB7FD534}\setup.exe -runfromtemp -l0x0409 Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421} VideoLAN VLC media player 0.8.6b-->C:\Program Files\VideoLAN\VLC\uninstall.exe Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe ======Security center information====== AV: Avira AntiVir PersonalEdition Classic (disabled) AV: avast! antivirus 4.8.1356 [VPS 100215-0] AS: Windows Defender AS: Spyware Terminator (disabled) AS: avast! antivirus 4.8.1356 [VPS 100215-0] ======System event log====== Computer Name: PC-de-Aurore Event Code: 4001 Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement. Record Number: 580682 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20100214191834.448400-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Aurore Event Code: 6 Message: IRQARB : le BIOS ACP ne contient pas un IRQ pour le périphérique dans le connecteur PCI 2, fonction 0. Contactez le fabricant de votre ordinateur pour une assistance technique. Record Number: 580683 Source Name: ACPI Time Written: 20100214192008.921202-000 Event Type: Erreur User: Computer Name: PC-de-Aurore Event Code: 6 Message: IRQARB : le BIOS ACP ne contient pas un IRQ pour le périphérique dans le connecteur PCI 3, fonction 0. Contactez le fabricant de votre ordinateur pour une assistance technique. Record Number: 580684 Source Name: ACPI Time Written: 20100214192008.921202-000 Event Type: Erreur User: Computer Name: PC-de-Aurore Event Code: 6 Message: IRQARB : le BIOS ACP ne contient pas un IRQ pour le périphérique dans le connecteur PCI 4, fonction 0. Contactez le fabricant de votre ordinateur pour une assistance technique. Record Number: 580685 Source Name: ACPI Time Written: 20100214192008.921202-000 Event Type: Erreur User: Computer Name: PC-de-Aurore Event Code: 4001 Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement. Record Number: 580714 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20100214222910.874000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: PC-de-Aurore Event Code: 8194 Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {cc9b30bf-46bd-47ba-a338-87266f97ff66} Record Number: 75645 Source Name: VSS Time Written: 20100214154815.000000-000 Event Type: Erreur User: Computer Name: PC-de-Aurore Event Code: 1000 Message: Application défaillante iexplore.exe, version 7.0.6000.16982, horodatage 0x4b2b56f5, module défaillant 804b842b-c3d5-7f87-4d88-537220f5eda4.dll, version 4.6.5.6, horodatage 0x4a8eb190, code d’exception 0xc0000005, décalage d’erreur 0x000ae8d5, ID du processus 0x16ac, heure de début de l’application 0x01caad8c1b5c87e4. Record Number: 75649 Source Name: Application Error Time Written: 20100214174651.000000-000 Event Type: Erreur User: Computer Name: PC-de-Aurore Event Code: 1000 Message: Application défaillante regsvr32.exe, version 6.0.6000.16386, horodatage 0x4549b3c7, module défaillant ole32.dll, version 6.0.6000.16386, horodatage 0x4549bd92, code d’exception 0xc0000005, décalage d’erreur 0x0004101f, ID du processus 0x1634, heure de début de l’application 0x01caad8c1a64f8e4. Record Number: 75651 Source Name: Application Error Time Written: 20100214174658.000000-000 Event Type: Erreur User: Computer Name: PC-de-Aurore Event Code: 1000 Message: Application défaillante regsvr32.exe, version 6.0.6000.16386, horodatage 0x4549b3c7, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9, code d’exception 0xc0000374, décalage d’erreur 0x000af1c9, ID du processus 0xa0, heure de début de l’application 0x01caad9f25314e54. Record Number: 75653 Source Name: Application Error Time Written: 20100214175749.000000-000 Event Type: Erreur User: Computer Name: PC-de-Aurore Event Code: 5007 Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9. Record Number: 75683 Source Name: WerSvc Time Written: 20100214192526.000000-000 Event Type: Erreur User: =====Security event log===== Computer Name: PC-de-Aurore Event Code: 4672 Message: Privilèges spéciaux attribués à la nouvelle ouverture de session. Sujet : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 Privilèges : SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 67773 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090724140334.326047-000 Event Type: Succès de l'audit User: Computer Name: PC-de-Aurore Event Code: 5038 Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle. Nom du fichier : \Device\HarddiskVolume2\Windows\System32\eNetHook.dll Record Number: 67774 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090724140334.794050-000 Event Type: Échec de l'audit User: Computer Name: PC-de-Aurore Event Code: 5056 Message: Un autotest de chiffrement a été effectué. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-AURORE$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Module : ncrypt.dll Code de retour : 0x0 Record Number: 67775 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090724140335.588455-000 Event Type: Succès de l'audit User: Computer Name: PC-de-Aurore Event Code: 4648 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-AURORE$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Compte dont les informations d’identification ont été utilisées : Nom du compte : SYSTEM Domaine du compte : AUTORITE NT GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Serveur cible : Nom du serveur cible : localhost Informations supplémentaires : localhost Informations sur le processus : ID du processus : 0x264 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Adresse du réseau : - Port : - Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS. Record Number: 67776 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090724140337.021455-000 Event Type: Succès de l'audit User: Computer Name: PC-de-Aurore Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-AURORE$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Type d’ouverture de session : 5 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x264 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Nom de la station de travail : Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : Advapi Package d’authentification : Negotiate Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 67777 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090724140337.021455-000 Event Type: Succès de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem\C:\Program Files\DMV\MaxTV4\plugins;;C:\Program Files\Common Files\DivX Shared\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 72 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=4802 "NUMBER_OF_PROCESSORS"=2 "LANG"=fr "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip -----------------EOF----------------- Je ne suis pas super callée niveau informatique, alors je vous remercie d'avance =) !En esperant que vous arriviez a me venir un ti peu en aide =)

Ca y est j'ai reussi, MBAM à deja fait un bon boulot je trouve, mon pc a repris en rapidité, et j'ai un message d'erreur qui est parti, que j'avais avant, mais je pense pas que cela soit suffisant ...Voici mon rapport de MBAM : Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3739 Windows 6.0.6000 Internet Explorer 7.0.6000.16982 14/02/2010 20:15:00 mbam-log-2010-02-14 (20-15-00).txt Type de recherche: Examen complet (C:\|D:\|F:\|) Eléments examinés: 270247 Temps écoulé: 1 hour(s), 17 minute(s), 56 second(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 2 Clé(s) du Registre infectée(s): 27 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 18 Processus mémoire infecté(s): C:\Users\Moustiiick\AppData\Local\av.exe (Rogue.MultipleAV) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\Windows\System32\CNHIPRO32.dll (Trojan.Agent) -> Delete on reboot. C:\Windows\System32\804b842b-c3d5-7f87-4d88-537220f5eda4.dll (Trojan.BHO) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{243178bc-ff62-e53e-65f0-49002291f936} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{243178bc-ff62-e53e-65f0-49002291f936} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243178bc-ff62-e53e-65f0-49002291f936} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\chrtgystje (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{de8bcb48-5110-dc24-46d9-be1f47265949} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\secfile (Trojan.Fakealert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MessengerSkinner (Rogue.MessengerSkinner) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14942dba-1602-e5ce-0dd0-032cfe9ccad6} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{14942dba-1602-e5ce-0dd0-032cfe9ccad6} (Trojan.BHO) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rfsuvbkjuxkaqlg (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: c:\windows\system32\cnhipro32.dll -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: system32\cnhipro32.dll -> Delete on reboot. HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Users\Aurore\AppData\Roaming\WinButler (Adware.WinButler) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Users\Aurore\Local Settings\Application Data\iymsgyo_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Aurore\Local Settings\Application Data\iymsgyo_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Aurore\Local Settings\Application Data\iymsgyo.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Aurore\Local Settings\Application Data\okomkce_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Aurore\Local Settings\Application Data\okomkce_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Aurore\Local Settings\Application Data\okomkce.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Windows\System32\CNHIPRO32.dll (Trojan.Agent) -> Delete on reboot. C:\Windows\System32\804b842b-c3d5-7f87-4d88-537220f5eda4.dll (Trojan.BHO) -> Quarantined and deleted successfully. C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\Internet Explorer\MSIMG32.dll.ren (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Users\Moustiiick\AppData\Local\Temp\2616.tmp (Trojan.Tracur) -> Quarantined and deleted successfully. C:\Windows\System32\chrtgystje.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\System32\u_cniqpyqrpzlw.dll.exe (Trojan.BHO) -> Quarantined and deleted successfully. C:\Users\Aurore\AppData\Roaming\WinButler\config.cfg (Adware.WinButler) -> Quarantined and deleted successfully. C:\Users\Moustiiick\AppData\Local\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully. C:\Users\Moustiiick\Local Settings\Application Data\av.exe (ROGUE.Win7Antispyware2010) -> Quarantined and deleted successfully. C:\Windows\System32\uixvfolhtbgoediw.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Oui j'ai aussi Launch Manager, mais ca m'ettonne quand même un peu vu que c'est un programme d'origine sur les pc acer, et que je l'avais bien avant ce programme ...Merci quand même !

Bonjour à tous ! Voila j'ai un soucis ... Je posséde un pc portable fonctionnant sous vista edition familiale ... J'avais déja les fenetres de pubs inempestives d'explorer, que je n'ai pas reussi a eliminer de moi même .. Ce matin, vista antispiware 2010 à decidé de pointer son nez sur mon pc, j'aime pas trop ca a vrai dire ... Je me suis donc balladée sur le forum, et j'ai téléchargé MBAM, mais une fois téléchargé, il ne veut pas s'installé ...Ca commence vraiment mal, car je voulais poster mon rapport... Je crois que mon pc est plein de soucis en fait ... En attendant un peu d'aide, je vous remercie

Bonjour, j'ai egalement ce soucis, je ne suis pas super douée en informatique, c'est pour ça que je viens chercher un peu d'aide ici d'ailleurs, histoire de ne pas faire de betises ... J'ai deja lu quelque chose sur comment supprimer vista antispiware 2010, mais je ne suis pas trés douée sur la lecture des rapports qui s'en suivents ...Si quelqu'un pouvait me donner un petit coup de pouce, je lui en serait fortement reconnaissante =) ! Merki beaucoup !!!