internet qui plante (résolu)

[miroslav]

bonjour,

Je posséde windows vista et IE7, et depuis plusieurs semaine internet plante réguliérement. Soit il se met à ramer car il peut pas ouvrir un lien, et aprés plusieurs minutes, il indique "internet explorer ne répond pas, voulez vous fermer le programme, patienter......" et là je suis obligé de tout fermer, car il veut plus rien savoir. Ou alors, parfois il m'indique qu'il y à un "java script" et la impossible d'ouvrir le lien.
Que puis je faire pour remédier à cela ???

Merci

[nardino]

Bonsoir.

Télécharge RSIT de random/random, sur le Bureau :
http://images.malwareremoval.com/random/RSIT.exe

Double-clique sur RSIT.exe afin de lancer l'outil, il ne nécessite pas d'installation.
Clique Continue à l'écran Disclaimer si tu acceptes les conditions.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et accepte la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt, celui qui va s'ouvrir et ferme info.txt qui est réduit dans la Barre des Tâches.

NB :
Ces rapports sont enregistrés dans le dossier C:\rsit
Sous Vista, il faut lancer le fichier en cliquant droit dessus et par Exécuter en tant qu'administrateur.

@+

[miroslav]

Salut,
Voici le rapport demandé. Je sais vraiment pas comment tu peux faire pour y comprendre quelques choses. Merci et à bientôt.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Valkiri at 2009-06-06 10:33:45
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 29 GB (55%) free of 53 GB
Total RAM: 1013 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:34:31, on 06/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Valkiri\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Users\Valkiri\Desktop\RSIT.exe
C:\Program Files\trend micro\Valkiri.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60341
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/maco ... _1_2_1.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10323 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-01-02 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-28 501056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-01-02 151552]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2006-11-06 98304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2006-11-06 106496]
"Persistence"=C:\Windows\system32\igfxpers.exe [2006-11-06 81920]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-01-02 464168]
"PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2007-01-09 151552]
"Acer Tour"= []
"SetPanel"= []
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-08 614400]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"eRecoveryService"= []
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-01-14 151552]
"SystrayORAHSS"=C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [2006-12-12 90112]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 81920]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-06-01 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"????r"= []
"?????????"=??????????????e []
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"Acer Tour Reminder"= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="eNetHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2006-11-06 212992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-06-06 10:33:45 ----D---- C:\rsit
2009-06-01 21:31:04 ----D---- C:\Users\Valkiri\AppData\Roaming\Avira
2009-06-01 21:20:15 ----D---- C:\ProgramData\Avira
2009-06-01 21:20:15 ----D---- C:\Program Files\Avira

======List of files/folders modified in the last 1 months======

2009-06-06 10:34:31 ----D---- C:\Program Files\Trend Micro
2009-06-06 10:33:58 ----D---- C:\Windows\Prefetch
2009-06-06 10:33:50 ----D---- C:\Windows\Temp
2009-06-06 10:11:36 ----D---- C:\Windows\System32
2009-06-06 10:11:36 ----D---- C:\Windows\inf
2009-06-06 10:11:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-06-03 18:01:11 ----D---- C:\Windows\winsxs
2009-06-03 18:00:46 ----SHD---- C:\System Volume Information
2009-06-01 21:20:33 ----D---- C:\Windows\system32\drivers
2009-06-01 21:20:15 ----RD---- C:\Program Files
2009-06-01 21:20:15 ----HD---- C:\ProgramData
2009-06-01 21:10:37 ----SHD---- C:\Windows\Installer
2009-06-01 20:57:24 ----D---- C:\Windows
2009-05-31 15:08:23 ----D---- C:\Windows\system32\catroot2
2009-05-31 15:02:37 ----D---- C:\Windows\system32\Msdtc
2009-05-31 15:02:35 ----D---- C:\Windows\system32\wbem
2009-05-31 14:59:08 ----D---- C:\Windows\system32\config
2009-05-31 14:58:33 ----SD---- C:\Windows\Downloaded Program Files
2009-05-31 14:58:33 ----RD---- C:\Windows\Offline Web Pages
2009-05-31 14:58:33 ----D---- C:\Windows\Tasks
2009-05-31 14:58:33 ----D---- C:\Windows\system32\spool
2009-05-31 14:58:33 ----D---- C:\Windows\system32\fr-FR
2009-05-31 14:58:33 ----D---- C:\Windows\system32\CodeIntegrity
2009-05-31 14:58:33 ----D---- C:\Windows\rescache
2009-05-31 14:58:31 ----D---- C:\ProgramData\HP Product Assistant
2009-05-31 14:58:31 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-31 14:58:19 ----D---- C:\Windows\registration
2009-05-31 14:58:15 ----D---- C:\Windows\PolicyDefinitions
2009-05-29 06:46:35 ----D---- C:\Windows\system32\catroot
2009-05-14 18:18:44 ----D---- C:\Windows\Debug
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-06-01 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-06-01 96104]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-01 28376]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-06-01 55640]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
R3 bcm4sbxp;Pilote XP du contrôleur intégré Broadcom 440x 10/100; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
R3 Cam5607;Acer OrbiCam; C:\Windows\System32\Drivers\BisonC07.sys [2006-12-27 792368]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-10-25 62208]
R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2006-10-25 42240]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-10-25 76928]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-09 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-09 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 1473024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2005-12-16 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-09 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-04-21 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 1473024]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-02-28 47360]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-06-01 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-01 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-01 185089]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-06-01 432897]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2007-01-09 254014]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2007-01-09 114748]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2007-01-09 1073152]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-01-02 457512]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-28 49152]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 24576]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2006-12-12 57344]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-11-23 143360]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2007-03-20 263168]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-10-06 33752]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-04-21 216232]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

[miroslav]

Bonsoir,

Alors Nardino, tu m'as oubliés ??? Y a t il quelques choses d'anormal dans le rapport que je t'ai postés ???

A bientôt

[nardino]

Bonsoir,

Télécharge Combofix
IMPORTANT. Enregistre ComboFix.exe sur le Bureau.
Désactive les applications antivirus et anti-malware, en général via un clic droit sur l'icône de la Zone de notification.
Sinon, elles risquent d'interférer avec l'outil.

Fais un double clic sur l'icône et suis les invites.



Lorsque l'outil aura terminé, il affichera un rapport.
Copie le contenu de C:\ComboFix.txt dans ta prochaine réponse.

Télécharge et installe Malwarebyte's Anti-Malware de RubbeR DuckY
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée. Clique sur "Terminer"
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur le bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free, clique sur OK.
Laisse les Mises à jour se télécharger et referme le programme.

Lance Malwarebyte's Anti-Malware par clic droit sur l'icône du bureau et "Exécuter en tant qu'administrateur"
Onglet "Recherche", coche Exécuter un examen complet et Rechercher
Sélectionne ton disque dur et clique sur Lancer l'examen

A la fin du scan, sélectionne tout et clique sur Supprimer la sélection
Poste le rapport.
Il se trouve dans l'onglet Rapports/Logs avec la date et l'heure d'exécution

@+

[miroslav]

AU SECOURS NARDINO, AU SECOURS,

Aie, aie, aie !!!! J'ai suivi les consignes que tu ma demandé, et depuis mon pc est en vrac !!! Donc, j'aiinstallé combo fix, je l'ai lancer, bref j'ai suivi les instructions, il a été trés long à sortir le rapport, 3/4 heure, ensuite il à redémarré le pc ça été trés long, j'ai perdu mon fond d'écran (pas grave), internet était planté, connexion impossible, il ramait comme jamais, lancer la moindre applications était trés long, impossible de réactivé antivir, bref un gros bordel !!!! j'ai réstauré le systéme, mais ça n'a rien changé. Et là, j'ai réussi à relancer internet, il m'a dit qu'un composant était défectueux et il l'a supprimé et ça remarche. Pour antivir, "activer antivir guard" ça marche mais "antivir mail guard et antivir web guard" impossible à réactiver (parapluie fermé) , pourtant dans la configuration tout est normal, tout est activé ??? et le pc rame du tonnerre de feu, même pour taper le message c'est tout au ralenti. Je te poste le rapport de combo fix, et je fais faire un scan avec malveyres.

J'éspére à bientôt !!!

ComboFix 09-06-09.06 - Valkiri 10/06/2009 20:29:07.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.1013.381 [GMT 2:00]
Lancé depuis: C:\Users\Valkiri\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Avira\AntiVir Desktop\avsda.dll
C:\Users\Valkiri\AppData\Roaming\inst.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-10 au 2009-06-10 ))))))))))))))))))))))))))))))))))))
.

2009-06-10 18:43:46 . 2009-06-10 18:43:46 0 d-sh--w- \$RECYCLE.BIN
2009-06-10 18:34:08 . 2009-06-10 18:43:02 0 d-----w- C:\Users\Valkiri\AppData\Local\temp
2009-06-10 18:34:08 . 2009-06-10 18:34:08 0 d-----w- C:\temp
2009-06-10 18:34:08 . 2009-06-10 18:34:08 0 d-----w- \temp
2009-06-10 18:27:35 . 2009-06-10 18:45:15 0 d-s---w- \ComboFix
2009-06-10 18:21:52 . 2009-06-10 18:22:04 0 d-----w- \Qoobox
2009-06-10 17:29:45 . 2009-06-10 17:31:16 0 d-----w- C:\Windows\system32\ca-ES
2009-06-10 17:29:45 . 2009-06-10 17:31:07 0 d-----w- C:\Windows\system32\eu-ES
2009-06-10 17:29:41 . 2009-06-10 17:30:57 0 d-----w- C:\Windows\system32\vi-VN
2009-06-10 16:49:40 . 2009-06-10 16:49:40 0 d-----w- C:\Windows\system32\EventProviders
2009-06-10 16:48:07 . 2009-04-11 05:03:42 12240896 ----a-w- C:\Windows\system32\NlsLexicons0007.dll
2009-06-10 16:48:02 . 2009-04-11 06:28:24 1081344 ----a-w- C:\Windows\system32\SLCExt.dll
2009-06-10 16:48:02 . 2009-04-11 06:27:49 3408896 ----a-w- C:\Windows\system32\SLsvc.exe
2009-06-10 16:48:00 . 2009-04-11 06:28:19 2134528 ----a-w- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-06-10 16:48:00 . 2009-04-11 06:27:29 65536 ----a-w- C:\Windows\system32\DevicePairingWizard.exe
2009-06-10 16:46:59 . 2009-04-11 06:32:46 180712 ----a-w- C:\Windows\system32\drivers\msiscsi.sys
2009-06-10 16:45:45 . 2009-04-11 06:28:25 83968 ----a-w- C:\Windows\system32\wbem\wmiutils.dll
2009-06-10 16:45:45 . 2009-04-11 06:28:25 744448 ----a-w- C:\Windows\system32\wbem\wbemcore.dll
2009-06-10 16:45:45 . 2009-04-11 06:28:25 30208 ----a-w- C:\Windows\system32\wbem\wbemprox.dll
2009-06-10 16:45:45 . 2009-04-11 06:28:24 265728 ----a-w- C:\Windows\system32\wbem\repdrvfs.dll
2009-06-10 16:45:45 . 2009-04-11 06:28:20 189440 ----a-w- C:\Windows\system32\wbem\mofd.dll
2009-06-10 16:45:45 . 2009-04-11 06:28:19 614912 ----a-w- C:\Windows\system32\wbem\fastprox.dll
2009-06-10 16:45:45 . 2009-04-11 06:28:19 265728 ----a-w- C:\Windows\system32\wbem\esscli.dll
2009-06-10 16:45:44 . 2009-04-11 06:28:24 705536 ----a-w- C:\Windows\system32\SmiEngine.dll
2009-06-10 16:45:41 . 2009-04-11 06:28:25 218624 ----a-w- C:\Windows\system32\wdscore.dll
2009-06-10 16:45:41 . 2009-04-11 06:27:48 130560 ----a-w- C:\Windows\system32\PkgMgr.exe
2009-06-10 16:45:34 . 2009-04-11 06:28:18 247808 ----a-w- C:\Windows\system32\drvstore.dll
2009-06-10 15:45:23 . 2009-05-09 05:34:34 71680 ----a-w- C:\Windows\system32\iesetup.dll
2009-06-10 15:45:22 . 2009-05-09 05:50:28 915456 ----a-w- C:\Windows\system32\wininet.dll
2009-06-10 15:25:20 . 2009-04-21 11:39:47 2034688 ----a-w- C:\Windows\system32\win32k.sys
2009-06-10 15:24:14 . 2009-04-23 12:14:10 623616 ----a-w- C:\Windows\system32\localspl.dll
2009-06-10 15:24:09 . 2009-04-23 12:15:07 784896 ----a-w- C:\Windows\system32\rpcrt4.dll
2009-06-08 16:36:46 . 2009-06-08 16:36:55 0 d-----w- C:\Program Files\DVDFab 6
2009-06-06 17:13:16 . 2009-06-06 17:13:16 0 d-----w- C:\Program Files\iPod
2009-06-06 17:13:13 . 2009-06-06 17:13:40 0 d-----w- C:\Program Files\iTunes
2009-06-06 17:10:48 . 2009-06-06 17:11:21 0 d-----w- C:\Program Files\QuickTime
2009-06-06 17:04:56 . 2009-06-06 17:04:56 75048 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-06 08:33:45 . 2009-06-06 08:34:37 0 d-----w- C:\rsit
2009-06-06 08:33:45 . 2009-06-06 08:34:37 0 d-----w- \rsit
2009-06-01 19:31:04 . 2009-06-01 19:31:04 0 d-----w- C:\Users\Valkiri\AppData\Roaming\Avira
2009-06-01 19:20:28 . 2009-06-01 19:09:58 96104 ----a-w- C:\Windows\system32\drivers\avipbb.sys
2009-06-01 19:20:28 . 2009-06-01 19:09:58 55640 ----a-w- C:\Windows\system32\drivers\avgntflt.sys
2009-06-01 19:20:15 . 2009-06-01 19:20:39 0 d-----w- C:\ProgramData\Avira
2009-06-01 19:20:15 . 2009-06-01 19:20:15 0 d-----w- C:\Program Files\Avira

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-10 18:45:38 . 2006-11-02 15:45:36 672182 ----a-w- C:\Windows\system32\perfh00C.dat
2009-06-10 18:45:38 . 2006-11-02 15:45:36 124770 ----a-w- C:\Windows\system32\perfc00C.dat
2009-06-10 18:36:13 . 2007-03-29 08:46:01 1377177600 --sha-w- \pagefile.sys
2009-06-10 17:31:49 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Calendar
2009-06-10 17:31:48 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail
2009-06-10 17:31:46 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Sidebar
2009-06-10 17:31:45 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Collaboration
2009-06-10 17:31:43 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Photo Gallery
2009-06-10 17:31:37 . 2006-11-02 12:35:51 0 d-----w- C:\Program Files\Windows Defender
2009-06-10 17:29:33 . 2006-11-02 10:25:05 665600 ----a-w- C:\Windows\inf\drvindex.dat
2009-06-08 16:37:17 . 2008-02-28 17:17:24 0 d-----w- C:\Users\Valkiri\AppData\Roaming\Vso
2009-06-08 16:36:58 . 2008-02-28 17:17:25 47360 ----a-w- C:\Users\Valkiri\AppData\Roaming\pcouffin.sys
2009-06-08 16:36:58 . 2008-02-28 17:17:25 47360 ----a-w- C:\Users\Valkiri\AppData\Roaming\pcouffin.sys
2009-06-07 13:48:04 . 2009-01-04 19:59:31 0 d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-07 13:47:51 . 2009-01-21 19:07:24 3371383 ----a-w- C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-06 17:13:15 . 2008-11-17 20:24:30 0 d-----w- C:\Program Files\Common Files\Apple
2009-06-06 08:34:31 . 2009-01-03 20:33:26 0 d-----w- C:\Program Files\Trend Micro
2009-05-31 12:58:31 . 2009-01-27 14:34:42 0 d-----w- C:\ProgramData\HP Product Assistant
2009-05-31 11:27:01 . 2007-08-01 11:19:08 1356 ----a-w- C:\Users\Valkiri\AppData\Local\d3d9caps.dat
2009-05-26 11:20:08 . 2009-01-04 19:59:34 40160 ----a-w- C:\Windows\system32\drivers\mbamswissarmy.sys
2009-05-26 11:19:56 . 2009-01-04 19:59:37 19096 ----a-w- C:\Windows\system32\drivers\mbam.sys
2009-04-26 16:05:51 . 2009-04-26 16:05:32 0 d-----w- C:\Program Files\ma-config.com
2009-04-26 16:05:32 . 2009-04-26 16:05:32 0 d-----w- C:\ProgramData\ma-config.com
2009-04-18 16:05:51 . 2009-04-18 16:04:09 0 d-----w- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-13 13:27:40 . 2007-06-20 13:23:31 78440 ----a-w- C:\Users\Valkiri\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-13 13:24:56 . 2009-04-13 12:16:55 0 d-----w- C:\ProgramData\Microsoft Help
2009-04-11 06:33:19 . 2009-06-10 16:47:33 986600 ----a-w- C:\Windows\system32\winload.exe
2009-04-11 06:33:19 . 2009-06-10 16:47:05 926184 ----a-w- C:\Windows\system32\winresume.exe
2009-04-11 06:33:03 . 2009-06-10 16:46:44 292840 ----a-w- C:\Windows\system32\drivers\volmgrx.sys
2009-04-11 06:33:02 . 2009-06-10 16:47:31 897000 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2009-04-11 06:33:02 . 2009-06-10 16:47:10 614376 ----a-w- C:\Windows\system32\ci.dll
2009-04-11 06:28:28 . 2009-06-10 16:47:08 56320 ----a-w- C:\Windows\system32\xmlfilter.dll
2009-04-11 06:27:59 . 2009-06-10 16:47:42 441344 ----a-w- C:\Windows\system32\SearchIndexer.exe
2009-04-11 06:22:22 . 2009-06-10 16:46:06 7168 ----a-w- C:\Windows\system32\f3ahvoas.dll
2009-04-11 06:21:46 . 2009-06-10 16:46:17 37376 ----a-w- C:\Windows\system32\cdd.dll
2009-04-11 05:42:55 . 2009-06-10 16:46:08 93696 ----a-w- C:\Windows\system32\drivers\bridge.sys
2009-04-11 05:03:40 . 2009-06-10 16:47:58 2644480 ----a-w- C:\Windows\system32\NlsLexicons0009.dll
2009-04-11 04:57:26 . 2009-06-10 16:46:07 8147456 ----a-w- C:\Windows\system32\wmploc.DLL
2009-04-11 04:54:59 . 2009-06-10 16:46:06 2048 ----a-w- C:\Windows\system32\mferror.dll
2009-04-11 04:51:27 . 2009-06-10 16:46:16 180736 ----a-w- C:\Windows\system32\drivers\rdpwd.sys
2009-04-11 04:47:03 . 2009-06-10 16:46:22 273920 ----a-w- C:\Windows\system32\drivers\afd.sys
2009-04-11 04:46:40 . 2009-06-10 16:46:14 69120 ----a-w- C:\Windows\system32\drivers\rassstp.sys
2009-04-11 04:46:32 . 2009-06-10 16:46:15 121344 ----a-w- C:\Windows\system32\drivers\ndiswan.sys
2009-04-11 04:46:30 . 2009-06-10 16:46:07 41472 ----a-w- C:\Windows\system32\drivers\raspppoe.sys
2009-04-11 04:46:08 . 2009-06-10 16:46:07 15872 ----a-w- C:\Windows\system32\drivers\usb8023.sys
2009-04-11 04:46:07 . 2009-06-10 16:46:08 33280 ----a-w- C:\Windows\system32\drivers\RNDISMP.sys
2009-04-11 04:46:06 . 2009-06-10 16:46:23 30720 ----a-w- C:\Windows\system32\drivers\tcpipreg.sys
2009-04-11 04:45:56 . 2009-06-10 16:46:21 72192 ----a-w- C:\Windows\system32\drivers\tdx.sys
2009-04-11 04:45:51 . 2009-06-10 16:46:21 72192 ----a-w- C:\Windows\system32\drivers\pacer.sys
2009-04-11 04:45:37 . 2009-06-10 16:46:38 185856 ----a-w- C:\Windows\system32\drivers\netbt.sys
2009-04-11 04:45:32 . 2009-06-10 16:46:35 401408 ----a-w- C:\Windows\system32\drivers\http.sys
2009-04-11 04:45:24 . 2009-06-10 16:46:19 113664 ----a-w- C:\Windows\system32\drivers\rmcast.sys
2009-04-11 04:45:22 . 2009-06-10 16:46:17 66560 ----a-w- C:\Windows\system32\drivers\smb.sys
2009-04-11 04:43:28 . 2009-06-10 16:46:12 148480 ----a-w- C:\Windows\system32\drivers\nwifi.sys
2009-04-11 04:43:16 . 2009-06-10 16:47:04 196096 ----a-w- C:\Windows\system32\drivers\usbhub.sys
2009-04-11 04:42:57 . 2009-06-10 16:46:58 226304 ----a-w- C:\Windows\system32\drivers\usbport.sys
2009-04-11 04:42:56 . 2009-06-10 16:46:23 25856 ----a-w- C:\Windows\system32\drivers\USBCAMD2.sys
2009-04-11 04:42:56 . 2009-06-10 16:46:23 25856 ----a-w- C:\Windows\system32\drivers\USBCAMD.sys
2009-04-11 04:42:52 . 2009-06-10 16:46:31 39936 ----a-w- C:\Windows\system32\drivers\usbehci.sys
2009-04-11 04:42:50 . 2009-06-10 16:46:23 167936 ----a-w- C:\Windows\system32\drivers\portcls.sys
2009-04-11 04:42:48 . 2009-06-10 16:46:17 12800 ----a-w- C:\Windows\system32\drivers\hidusb.sys
2009-04-11 04:42:48 . 2009-06-10 16:46:13 39424 ----a-w- C:\Windows\system32\drivers\hidclass.sys
2009-04-11 04:42:47 . 2009-06-10 16:46:09 52992 ----a-w- C:\Windows\system32\drivers\stream.sys
2009-04-11 04:42:42 . 2009-06-10 16:47:52 561152 ----a-w- C:\Windows\system32\drivers\hdaudbus.sys
2009-04-11 04:39:57 . 2009-06-10 16:46:11 16384 ----a-w- C:\Windows\system32\iscsilog.dll
2009-04-11 04:39:17 . 2009-06-10 16:46:13 67072 ----a-w- C:\Windows\system32\drivers\cdrom.sys
2009-04-11 04:39:11 . 2009-06-10 16:46:10 19456 ----a-w- C:\Windows\system32\drivers\Diskdump.sys
2009-04-11 04:38:49 . 2009-06-10 16:46:30 149504 ----a-w- C:\Windows\system32\drivers\ks.sys
2009-04-11 04:38:40 . 2009-06-10 16:46:28 17408 ----a-w- C:\Windows\system32\drivers\kbdhid.sys
2009-04-11 04:27:17 . 2009-06-10 16:46:06 2560 ----a-w- C:\Windows\system32\msimsg.dll
2009-04-11 04:23:48 . 2009-06-10 16:47:14 626176 ----a-w- C:\Windows\system32\drivers\dxgkrnl.sys
2009-04-11 04:23:23 . 2009-06-10 16:46:10 76288 ----a-w- C:\Windows\system32\drivers\dxg.sys
2009-04-11 04:23:23 . 2009-06-10 16:46:09 289792 ----a-w- C:\Windows\system32\atmfd.dll
2009-04-11 04:22:46 . 2009-06-10 16:46:18 33280 ----a-w- C:\Windows\system32\drivers\watchdog.sys
2009-04-11 04:19:14 . 2009-06-10 16:46:28 89088 ----a-w- C:\Windows\system32\drivers\sdbus.sys
2009-04-11 04:15:20 . 2009-06-10 16:46:57 288768 ----a-w- C:\Windows\system32\drivers\srv.sys
2009-04-11 04:15:03 . 2009-06-10 16:46:50 144896 ----a-w- C:\Windows\system32\drivers\srv2.sys
2009-04-11 04:15:02 . 2009-06-10 16:46:35 98816 ----a-w- C:\Windows\system32\drivers\srvnet.sys
2009-04-11 04:14:40 . 2009-06-10 16:47:07 114688 ----a-w- C:\Windows\system32\drivers\mrxdav.sys
2009-04-11 04:14:36 . 2009-06-10 16:46:50 212992 ----a-w- C:\Windows\system32\drivers\mrxsmb10.sys
2009-04-11 04:14:29 . 2009-06-10 16:47:08 225280 ----a-w- C:\Windows\system32\drivers\rdbss.sys
2009-04-11 04:14:29 . 2009-06-10 16:46:33 79360 ----a-w- C:\Windows\system32\drivers\mrxsmb20.sys
2009-04-11 04:14:28 . 2009-06-10 16:46:36 105984 ----a-w- C:\Windows\system32\drivers\mrxsmb.sys
2009-04-11 04:14:12 . 2009-06-10 16:46:13 75264 ----a-w- C:\Windows\system32\drivers\dfsc.sys
2009-04-11 04:14:01 . 2009-06-10 16:46:22 35328 ----a-w- C:\Windows\system32\drivers\npfs.sys
2009-04-11 04:13:59 . 2009-06-10 16:46:17 226816 ----a-w- C:\Windows\system32\drivers\udfs.sys
2009-04-11 04:13:53 . 2009-06-10 16:46:26 136704 ----a-w- C:\Windows\system32\drivers\exfat.sys
2009-04-11 04:13:52 . 2009-06-10 16:46:20 142848 ----a-w- C:\Windows\system32\drivers\fastfat.sys
2009-04-11 04:12:43 . 2009-06-10 16:46:59 617984 ----a-w- C:\Windows\system32\adtschema.dll
2009-04-11 02:52:40 . 2009-06-10 16:47:54 684032 ----a-w- C:\Windows\system32\drivers\spsys.sys
2009-04-11 01:59:52 . 2009-06-10 16:46:28 18904 ----a-w- C:\Windows\system32\StructuredQuerySchemaTrivial.bin
2009-04-11 01:59:51 . 2009-06-10 16:47:18 107612 ----a-w- C:\Windows\system32\StructuredQuerySchema.bin
2009-03-30 04:42:21 . 2009-06-10 16:47:42 278848 ----a-w- C:\Windows\system32\mscoree.dll
2009-03-30 04:42:21 . 2009-06-10 16:46:56 93512 ----a-w- C:\Windows\system32\dfshim.dll
2009-03-30 04:42:21 . 2009-06-10 16:46:55 80720 ----a-w- C:\Windows\system32\mscories.dll
2009-03-30 04:42:21 . 2009-06-10 16:46:33 155456 ----a-w- C:\Windows\system32\mscorier.dll
2009-03-19 14:32:48 . 2009-04-18 16:05:56 23400 ----a-w- C:\Windows\system32\drivers\GEARAspiWDM.sys
2009-03-19 14:32:48 . 2009-03-19 14:32:48 23400 ----a-w- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnhancedStorageShell]
@="{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}"
[HKEY_CLASSES_ROOT\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}]
2009-04-11 06:28:19 114176 ----a-w- C:\Windows\System32\EhStorShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"="" [?]
"?????????"="" [?]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 13:30:30 249856]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2006-11-06 01:02:32 98304]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2006-11-06 01:05:32 106496]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2006-11-06 01:02:18 81920]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 03:00:36 815104]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 17:58:50 464168]
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2007-01-08 23:55:58 151552]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-12-08 12:35:24 614400]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 19:48:22 57344]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-01-14 03:38:48 151552]
"SystrayORAHSS"="C:\Program Files\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 17:16:26 90112]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 20:27:58 49152]
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 07:28:22 81920]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 15:10:28 35696]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2009-06-01 19:09:08 209153]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-05-26 15:18:30 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-05-30 10:30:26 292136]
"RtHDVCpl"="RtHDVCpl.exe" - C:\Windows\RtHDVCpl.exe [2006-12-01 05:37:00 4186112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-3 110592]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2005-12-16 528384]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"BindDirectlyToPropertySetStorage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\Windows\System32\eNetHook.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):8d,c6,a5,e2,f2,e9,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A875084D-9588-4FA6-A49A-5D3D5CE7A572}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{05D0EF89-B0F4-441F-A985-F0029C8C2CD6}"= C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{E1C59FC6-A461-449C-A3C0-798361DED2EB}"= C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{255FF904-8291-48A0-879B-AD1EB2D00039}"= C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{F8C3C3BA-E1EB-45B6-8E63-0C19009E0D74}"= C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{DB0DD2ED-6CF3-44E1-8A9B-ABFDCA087AB6}"= C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{11D5AB52-CBBE-4E77-BAD1-45AA57454758}"= C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{3DE3C4DC-A977-499B-8E95-A17671096070}"= C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{150541F1-A37B-40F2-837E-FAD59856BA01}"= C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{6407DE42-7EEC-4FC8-A580-38C57265A1FE}"= C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:hpqcopy2.exe
"{09005FEE-682A-492A-92DA-31C4FA15ED86}"= C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{7FB62850-FE9E-4E85-96F1-59E2A5C7F9F5}"= C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{9FC7776B-AB94-42F4-84B9-FDCEAEC01C5A}"= C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"{8B424939-916C-45FD-94D9-541402C2BF7F}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{FA5ED930-1720-4601-BC3C-46B7E8E5AB94}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{6B47AB76-233E-49C9-A3B1-BA50B45D5C9A}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{036853EC-C3EF-437F-B1A4-6892654439B7}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{AB2D21A5-DCDE-45E9-8C7C-697D4256F480}"= UDP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice
"{0E23CB9D-D552-4827-9865-B8741F06313B}"= TCP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice
"{D303AD28-CCC9-404C-9367-621E1DA3FAC7}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{56AFAFAE-BF56-48DC-BA76-741BC4B2AD21}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;C:\Program Files\Avira\AntiVir Desktop\sched.exe [01/06/2009 21:20:27 108289]
S2 AntiVirMailService;Avira AntiVir MailGuard;C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [01/06/2009 21:20:27 194817]
S2 AntiVirWebService;Avira AntiVir WebGuard;C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe [01/06/2009 21:20:27 432897]
S3 getPlus(R) Helper;getPlus(R) Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [30/11/2008 21:57:50 33752]
S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [21/04/2009 15:36:50 216232]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;C:\Windows\System32\drivers\PCAMp50.sys [15/07/2007 11:16:56 28224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-06-10 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20:38 . 2007-10-19 10:20:38]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Acer Tour Reminder - (no file)
HKLM-Run-Acer Tour - (no file)
HKLM-Run-SetPanel - (no file)
HKLM-Run-eRecoveryService - (no file)


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://fr.fr.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
IE: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: C:\Program Files\Avira\AntiVir Desktop\avsda.dll
.

[nardino]

Bonsoir,
**Création d'un Script Combofix**

ATTENTION : Cette procédure a été rédigée pour le cas présent, toute copie sur sur un autre système peut entrainer des dysfonctionnements graves.

Ouvre le bloc-notes : Tous les programmes-Accessoire-Bloc-notes
Colles-y les lignes écrites ci-dessous :
Veille à ce que Retour à la ligne ne soit pas coché dans Format.

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"=_
"?????????"=-

Enregistre-le sous CFScript.txt, sur le bureau
Comme sur l'image présentée ici, fais glisser CFScript.txt dans Combofix.exe

Combofix va se lancer et faire redémarrer l'ordinateur.
Poste le rapport C:\Combofix et un nouveau rapport HijackThis.
Donne des infos sur l'évolution de tes problèmes.

@+

[miroslav]

Bonjour,

Je te remercie d'avoir répondu si vite. Ouf ça va mieux. L'ordi se porte beaucoup mieux, à premiére vue tout est rentré dans l'ordre, sauf pour l'instant le Mail guard d'antivir qui ne s'active pas. Ci- joint le rapport combo fix, et le rapport hijackthis, et encore merci.


ComboFix 09-06-09.06 - Valkiri 11/06/2009 21:19.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.1013.341 [GMT 2:00]
Lancé depuis: c:\users\Valkiri\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Valkiri\Desktop\CFScript.txt.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-11 au 2009-06-11 ))))))))))))))))))))))))))))))))))))
.

2009-06-11 22:42 . 2009-06-11 22:54 -------- d-----w- c:\users\Valkiri\AppData\Local\temp
2009-06-11 22:42 . 2009-06-11 22:42 -------- d-----w- C:\temp
2009-06-11 22:42 . 2009-06-11 22:42 -------- d-----w- \temp
2009-06-11 18:50 . 2009-06-11 22:57 -------- d-s---w- \ComboFix
2009-06-10 18:21 . 2009-06-11 19:17 -------- d-----w- \Qoobox
2009-06-10 17:29 . 2009-06-10 17:31 -------- d-----w- c:\windows\system32\ca-ES
2009-06-10 17:29 . 2009-06-10 17:31 -------- d-----w- c:\windows\system32\eu-ES
2009-06-10 17:29 . 2009-06-10 17:30 -------- d-----w- c:\windows\system32\vi-VN
2009-06-10 16:49 . 2009-06-10 16:49 -------- d-----w- c:\windows\system32\EventProviders
2009-06-10 16:48 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-06-10 16:48 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2009-06-10 16:48 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2009-06-10 16:48 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2009-06-10 16:48 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2009-06-10 16:46 . 2009-04-11 06:32 180712 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2009-06-10 16:45 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-06-10 16:45 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-06-10 16:45 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-06-10 16:45 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-06-10 16:45 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-06-10 16:45 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-06-10 16:45 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-06-10 16:45 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-06-10 16:45 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-06-10 16:45 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-06-10 16:45 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-06-10 15:45 . 2009-05-09 05:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-06-10 15:45 . 2009-05-09 05:50 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-10 15:25 . 2009-04-21 11:39 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-06-10 15:24 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-06-10 15:24 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-08 16:36 . 2009-06-08 16:36 -------- d-----w- c:\program files\DVDFab 6
2009-06-06 17:13 . 2009-06-06 17:13 -------- d-----w- c:\program files\iPod
2009-06-06 17:13 . 2009-06-06 17:13 -------- d-----w- c:\program files\iTunes
2009-06-06 17:10 . 2009-06-06 17:11 -------- d-----w- c:\program files\QuickTime
2009-06-06 17:04 . 2009-06-06 17:04 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-06 08:33 . 2009-06-06 08:34 -------- d-----w- C:\rsit
2009-06-06 08:33 . 2009-06-06 08:34 -------- d-----w- \rsit
2009-06-01 19:31 . 2009-06-01 19:31 -------- d-----w- c:\users\Valkiri\AppData\Roaming\Avira
2009-06-01 19:20 . 2009-06-01 19:09 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-01 19:20 . 2009-06-01 19:09 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-01 19:20 . 2009-06-01 19:20 -------- d-----w- c:\programdata\Avira
2009-06-01 19:20 . 2009-06-01 19:20 -------- d-----w- c:\program files\Avira

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-11 18:36 . 2006-11-02 15:45 672182 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-11 18:36 . 2006-11-02 15:45 124770 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-11 15:26 . 2007-03-29 08:46 1377177600 --sha-w- \pagefile.sys
2009-06-10 20:31 . 2009-01-27 14:34 -------- d-----w- c:\programdata\HP Product Assistant
2009-06-10 20:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-06-10 20:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-10 20:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-06-10 20:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-06-10 20:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-06-10 20:31 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-10 17:29 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-08 16:37 . 2008-02-28 17:17 -------- d-----w- c:\users\Valkiri\AppData\Roaming\Vso
2009-06-08 16:36 . 2008-02-28 17:17 47360 ----a-w- c:\users\Valkiri\AppData\Roaming\pcouffin.sys
2009-06-08 16:36 . 2008-02-28 17:17 47360 ----a-w- c:\users\Valkiri\AppData\Roaming\pcouffin.sys
2009-06-07 13:48 . 2009-01-04 19:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-07 13:47 . 2009-01-21 19:07 3371383 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-06 17:13 . 2008-11-17 20:24 -------- d-----w- c:\program files\Common Files\Apple
2009-06-06 08:34 . 2009-01-03 20:33 -------- d-----w- c:\program files\Trend Micro
2009-05-31 11:27 . 2007-08-01 11:19 1356 ----a-w- c:\users\Valkiri\AppData\Local\d3d9caps.dat
2009-05-26 11:20 . 2009-01-04 19:59 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 11:19 . 2009-01-04 19:59 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-04-26 16:05 . 2009-04-26 16:05 -------- d-----w- c:\program files\ma-config.com
2009-04-26 16:05 . 2009-04-26 16:05 -------- d-----w- c:\programdata\ma-config.com
2009-04-18 16:05 . 2009-04-18 16:04 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-13 13:27 . 2007-06-20 13:23 78440 ----a-w- c:\users\Valkiri\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-13 13:24 . 2009-04-13 12:16 -------- d-----w- c:\programdata\Microsoft Help
2009-04-11 06:33 . 2009-06-10 16:47 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33 . 2009-06-10 16:47 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33 . 2009-06-10 16:46 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33 . 2009-06-10 16:47 897000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-11 06:33 . 2009-06-10 16:47 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28 . 2009-06-10 16:47 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27 . 2009-06-10 16:47 441344 ----a-w- c:\windows\system32\SearchIndexer.exe
2009-04-11 06:22 . 2009-06-10 16:46 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 06:21 . 2009-06-10 16:46 37376 ----a-w- c:\windows\system32\cdd.dll
2009-04-11 05:42 . 2009-06-10 16:46 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 05:03 . 2009-06-10 16:47 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-04-11 04:57 . 2009-06-10 16:46 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-04-11 04:54 . 2009-06-10 16:46 2048 ----a-w- c:\windows\system32\mferror.dll
2009-04-11 04:51 . 2009-06-10 16:46 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2009-04-11 04:47 . 2009-06-10 16:46 273920 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-11 04:46 . 2009-06-10 16:46 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46 . 2009-06-10 16:46 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46 . 2009-06-10 16:46 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46 . 2009-06-10 16:46 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-11 04:46 . 2009-06-10 16:46 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2009-04-11 04:46 . 2009-06-10 16:46 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-04-11 04:45 . 2009-06-10 16:46 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2009-04-11 04:45 . 2009-06-10 16:46 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-11 04:45 . 2009-06-10 16:46 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2009-04-11 04:45 . 2009-06-10 16:46 401408 ----a-w- c:\windows\system32\drivers\http.sys
2009-04-11 04:45 . 2009-06-10 16:46 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-11 04:45 . 2009-06-10 16:46 66560 ----a-w- c:\windows\system32\drivers\smb.sys
2009-04-11 04:43 . 2009-06-10 16:46 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-11 04:43 . 2009-06-10 16:47 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-04-11 04:42 . 2009-06-10 16:46 226304 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-04-11 04:42 . 2009-06-10 16:46 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys
2009-04-11 04:42 . 2009-06-10 16:46 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys
2009-04-11 04:42 . 2009-06-10 16:46 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-04-11 04:42 . 2009-06-10 16:46 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-04-11 04:42 . 2009-06-10 16:46 12800 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-04-11 04:42 . 2009-06-10 16:46 39424 ----a-w- c:\windows\system32\drivers\hidclass.sys
2009-04-11 04:42 . 2009-06-10 16:46 52992 ----a-w- c:\windows\system32\drivers\stream.sys
2009-04-11 04:42 . 2009-06-10 16:47 561152 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-04-11 04:39 . 2009-06-10 16:46 16384 ----a-w- c:\windows\system32\iscsilog.dll
2009-04-11 04:39 . 2009-06-10 16:46 67072 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-04-11 04:39 . 2009-06-10 16:46 19456 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2009-04-11 04:38 . 2009-06-10 16:46 149504 ----a-w- c:\windows\system32\drivers\ks.sys
2009-04-11 04:38 . 2009-06-10 16:46 17408 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-04-11 04:27 . 2009-06-10 16:46 2560 ----a-w- c:\windows\system32\msimsg.dll
2009-04-11 04:23 . 2009-06-10 16:47 626176 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-04-11 04:23 . 2009-06-10 16:46 76288 ----a-w- c:\windows\system32\drivers\dxg.sys
2009-04-11 04:23 . 2009-06-10 16:46 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-04-11 04:22 . 2009-06-10 16:46 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys
2009-04-11 04:19 . 2009-06-10 16:46 89088 ----a-w- c:\windows\system32\drivers\sdbus.sys
2009-04-11 04:15 . 2009-06-10 16:46 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-04-11 04:15 . 2009-06-10 16:46 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-04-11 04:15 . 2009-06-10 16:46 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-04-11 04:14 . 2009-06-10 16:47 114688 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-04-11 04:14 . 2009-06-10 16:46 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-11 04:14 . 2009-06-10 16:47 225280 ----a-w- c:\windows\system32\drivers\rdbss.sys
2009-04-11 04:14 . 2009-06-10 16:46 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-04-11 04:14 . 2009-06-10 16:46 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-04-11 04:14 . 2009-06-10 16:46 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2009-04-11 04:14 . 2009-06-10 16:46 35328 ----a-w- c:\windows\system32\drivers\npfs.sys
2009-04-11 04:13 . 2009-06-10 16:46 226816 ----a-w- c:\windows\system32\drivers\udfs.sys
2009-04-11 04:13 . 2009-06-10 16:46 136704 ----a-w- c:\windows\system32\drivers\exfat.sys
2009-04-11 04:13 . 2009-06-10 16:46 142848 ----a-w- c:\windows\system32\drivers\fastfat.sys
2009-04-11 04:12 . 2009-06-10 16:46 617984 ----a-w- c:\windows\system32\adtschema.dll
2009-04-11 02:52 . 2009-06-10 16:47 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2009-04-11 01:59 . 2009-06-10 16:46 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-04-11 01:59 . 2009-06-10 16:47 107612 ----a-w- c:\windows\system32\StructuredQuerySchema.bin
2009-03-30 04:42 . 2009-06-10 16:47 278848 ----a-w- c:\windows\system32\mscoree.dll
2009-03-30 04:42 . 2009-06-10 16:46 93512 ----a-w- c:\windows\system32\dfshim.dll
2009-03-30 04:42 . 2009-06-10 16:46 80720 ----a-w- c:\windows\system32\mscories.dll
2009-03-30 04:42 . 2009-06-10 16:46 155456 ----a-w- c:\windows\system32\mscorier.dll
2009-03-19 14:32 . 2009-04-18 16:05 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-06-10_18.44.27 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-12-16 16:26 . 2009-06-11 15:33 85772 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2009-06-11 15:36 79246 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2007-06-20 13:33 . 2009-06-11 15:36 14400 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3468738831-1423991707-1326933092-1000_UserData.bin
+ 2007-06-20 19:12 . 2009-06-11 17:52 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-06-20 19:12 . 2009-06-10 18:12 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-06-20 19:12 . 2009-06-11 17:52 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-06-20 19:12 . 2009-06-10 18:12 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-06-20 19:12 . 2009-06-11 17:52 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-06-20 19:12 . 2009-06-10 18:12 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-12-26 21:25 . 2008-12-26 21:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-12-26 21:25 . 2009-06-11 17:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-12-26 21:25 . 2008-12-26 21:25 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-26 21:25 . 2009-06-11 17:26 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-12-26 21:25 . 2008-12-26 21:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-12-26 21:25 . 2009-06-11 17:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-07-20 09:16 . 2009-06-11 05:05 6346 c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2007-08-11 20:16 . 2009-06-10 18:44 1598 c:\windows\System32\WDI\{b171ab1c-60e9-4301-a338-beab1c70b3e9}.bin
+ 2007-08-11 20:16 . 2009-06-10 20:16 1598 c:\windows\System32\WDI\{b171ab1c-60e9-4301-a338-beab1c70b3e9}.bin
+ 2009-06-10 21:17 . 2009-06-10 21:17 9560 c:\windows\System32\networklist\icons\{0A7AA568-90B4-4432-A42A-FEDC3FFB36A6}_48.bin
+ 2009-06-10 21:17 . 2009-06-10 21:17 4280 c:\windows\System32\networklist\icons\{0A7AA568-90B4-4432-A42A-FEDC3FFB36A6}_32.bin
+ 2009-06-10 21:17 . 2009-06-10 21:17 2456 c:\windows\System32\networklist\icons\{0A7AA568-90B4-4432-A42A-FEDC3FFB36A6}_24.bin
- 2009-06-10 18:37 . 2009-06-10 18:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-06-11 15:27 . 2009-06-11 15:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-06-10 18:37 . 2009-06-10 18:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-06-11 15:27 . 2009-06-11 15:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2006-11-02 10:33 . 2009-06-10 18:17 589794 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-06-11 18:36 589794 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-06-10 18:17 102464 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-06-11 18:36 102464 c:\windows\System32\perfc009.dat
- 2009-05-10 17:27 . 2009-06-10 18:12 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-05-10 17:27 . 2009-06-11 17:52 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnhancedStorageShell]
@="{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}"
[HKEY_CLASSES_ROOT\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}]
2009-04-11 06:28 114176 ----a-w- c:\windows\System32\EhStorShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"="" [?]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Acer Tour Reminder"="" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-11-06 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-11-06 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-11-06 81920]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2007-01-08 151552]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-08 614400]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-14 151552]
"SystrayORAHSS"="c:\program files\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 90112]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-06-01 209153]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-12-01 4186112]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-3 110592]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2005-12-16 528384]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"BindDirectlyToPropertySetStorage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\eNetHook.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):8d,c6,a5,e2,f2,e9,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A875084D-9588-4FA6-A49A-5D3D5CE7A572}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{05D0EF89-B0F4-441F-A985-F0029C8C2CD6}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{E1C59FC6-A461-449C-A3C0-798361DED2EB}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{255FF904-8291-48A0-879B-AD1EB2D00039}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{F8C3C3BA-E1EB-45B6-8E63-0C19009E0D74}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{DB0DD2ED-6CF3-44E1-8A9B-ABFDCA087AB6}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{11D5AB52-CBBE-4E77-BAD1-45AA57454758}"= c:\program files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{3DE3C4DC-A977-499B-8E95-A17671096070}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{150541F1-A37B-40F2-837E-FAD59856BA01}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{6407DE42-7EEC-4FC8-A580-38C57265A1FE}"= c:\program files\HP\Digital Imaging\bin\hpqcopy2.exe:hpqcopy2.exe
"{09005FEE-682A-492A-92DA-31C4FA15ED86}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{7FB62850-FE9E-4E85-96F1-59E2A5C7F9F5}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{9FC7776B-AB94-42F4-84B9-FDCEAEC01C5A}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"{8B424939-916C-45FD-94D9-541402C2BF7F}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{FA5ED930-1720-4601-BC3C-46B7E8E5AB94}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{6B47AB76-233E-49C9-A3B1-BA50B45D5C9A}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{036853EC-C3EF-437F-B1A4-6892654439B7}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{AB2D21A5-DCDE-45E9-8C7C-697D4256F480}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{0E23CB9D-D552-4827-9865-B8741F06313B}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{D303AD28-CCC9-404C-9367-621E1DA3FAC7}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{56AFAFAE-BF56-48DC-BA76-741BC4B2AD21}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [01/06/2009 21:20 108289]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [01/06/2009 21:20 194817]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [01/06/2009 21:20 432897]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [30/11/2008 21:57 33752]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 216232]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [15/07/2007 11:16 28224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-06-11 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://fr.fr.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-12 00:54
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(2116)
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Heure de fin: 2009-06-11 1:25
ComboFix-quarantined-files.txt 2009-06-11 23:14
ComboFix2.txt 2009-06-10 19:21

Avant-CF: 24 827 027 456 octets libres
Après-CF: 24 798 412 800 octets libres

320 --- E O F --- 2009-06-10 16:59

[miroslav]

Et le rapport hijackthis.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Valkiri at 2009-06-12 06:13:09
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2
System drive C: has 24 GB (44%) free of 53 GB
Total RAM: 1013 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:16:02, on 12/06/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Windows\system32\igfxext.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Users\Valkiri\Desktop\RSIT.exe
C:\Program Files\trend micro\Valkiri.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/maco ... _1_2_1.cab
O20 - AppInit_DLLs: C:\Windows\System32\eNetHook.dll
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9063 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-01-02 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-28 501056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-01-02 151552]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2006-11-06 98304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2006-11-06 106496]
"Persistence"=C:\Windows\system32\igfxpers.exe [2006-11-06 81920]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-01-02 464168]
"PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2007-01-09 151552]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-08 614400]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-01-14 151552]
"SystrayORAHSS"=C:\Program Files\OrangeHSS\Systray\SystrayApp.exe [2006-12-12 90112]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-06-01 209153]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-05-30 292136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\eNetHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2006-11-06 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-06-12 01:26:03 ----D---- C:\temp
2009-06-12 01:25:59 ----A---- C:\ComboFix.txt
2009-06-12 01:08:16 ----SHD---- C:\$RECYCLE.BIN
2009-06-11 20:50:14 ----SD---- C:\ComboFix
2009-06-10 20:27:45 ----A---- C:\Windows\zip.exe
2009-06-10 20:27:45 ----A---- C:\Windows\SWREG.exe
2009-06-10 20:27:45 ----A---- C:\Windows\sed.exe
2009-06-10 20:27:45 ----A---- C:\Windows\PEV.exe
2009-06-10 20:27:45 ----A---- C:\Windows\NIRCMD.exe
2009-06-10 20:27:45 ----A---- C:\Windows\grep.exe
2009-06-10 20:27:44 ----A---- C:\Windows\SWXCACLS.exe
2009-06-10 20:27:44 ----A---- C:\Windows\SWSC.exe
2009-06-10 20:22:04 ----D---- C:\Windows\ERDNT
2009-06-10 20:21:52 ----D---- C:\Qoobox
2009-06-10 19:29:45 ----D---- C:\Windows\system32\eu-ES
2009-06-10 19:29:45 ----D---- C:\Windows\system32\ca-ES
2009-06-10 19:29:41 ----D---- C:\Windows\system32\vi-VN
2009-06-10 18:49:40 ----D---- C:\Windows\system32\EventProviders
2009-06-10 18:48:07 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-06-10 18:48:02 ----A---- C:\Windows\system32\SLsvc.exe
2009-06-10 18:48:02 ----A---- C:\Windows\system32\SLCExt.dll
2009-06-10 18:48:00 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-06-10 18:48:00 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-06-10 18:47:58 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-06-10 18:47:56 ----A---- C:\Windows\system32\mssrch.dll
2009-06-10 18:47:54 ----A---- C:\Windows\system32\tquery.dll
2009-06-10 18:47:53 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-10 18:47:53 ----A---- C:\Windows\system32\lsasrv.dll
2009-06-10 18:47:52 ----A---- C:\Windows\system32\scavenge.dll
2009-06-10 18:47:52 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-06-10 18:47:52 ----A---- C:\Windows\system32\RMActivate.exe
2009-06-10 18:47:51 ----A---- C:\Windows\system32\msi.dll
2009-06-10 18:47:49 ----A---- C:\Windows\system32\secproc_isv.dll
2009-06-10 18:47:49 ----A---- C:\Windows\system32\imapi2fs.dll
2009-06-10 18:47:48 ----A---- C:\Windows\system32\WscEapPr.dll
2009-06-10 18:47:48 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-06-10 18:47:48 ----A---- C:\Windows\system32\sysmain.dll
2009-06-10 18:47:47 ----A---- C:\Windows\system32\mf.dll
2009-06-10 18:47:47 ----A---- C:\Windows\system32\icardagt.exe
2009-06-10 18:47:46 ----A---- C:\Windows\system32\EhStorShell.dll
2009-06-10 18:47:45 ----A---- C:\Windows\system32\spreview.exe
2009-06-10 18:47:45 ----A---- C:\Windows\system32\spinstall.exe
2009-06-10 18:47:45 ----A---- C:\Windows\system32\drmv2clt.dll
2009-06-10 18:47:44 ----A---- C:\Windows\system32\spwizui.dll
2009-06-10 18:47:44 ----A---- C:\Windows\system32\shell32.dll
2009-06-10 18:47:44 ----A---- C:\Windows\system32\secproc.dll
2009-06-10 18:47:44 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-06-10 18:47:42 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-06-10 18:47:42 ----A---- C:\Windows\system32\p2psvc.dll
2009-06-10 18:47:42 ----A---- C:\Windows\system32\mssvp.dll
2009-06-10 18:47:42 ----A---- C:\Windows\system32\mssphtb.dll
2009-06-10 18:47:42 ----A---- C:\Windows\system32\mscoree.dll
2009-06-10 18:47:41 ----A---- C:\Windows\system32\sdohlp.dll
2009-06-10 18:47:41 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-06-10 18:47:41 ----A---- C:\Windows\system32\mssph.dll
2009-06-10 18:47:41 ----A---- C:\Windows\system32\imapi2.dll
2009-06-10 18:47:40 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-06-10 18:47:40 ----A---- C:\Windows\system32\esent.dll
2009-06-10 18:47:40 ----A---- C:\Windows\system32\DevicePairing.dll
2009-06-10 18:47:39 ----A---- C:\Windows\system32\sperror.dll
2009-06-10 18:47:39 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-06-10 18:47:39 ----A---- C:\Windows\system32\korwbrkr.dll
2009-06-10 18:47:38 ----A---- C:\Windows\system32\wevtsvc.dll
2009-06-10 18:47:38 ----A---- C:\Windows\system32\SLC.dll
2009-06-10 18:47:38 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-06-10 18:47:38 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-10 18:47:38 ----A---- C:\Windows\system32\IasMigReader.exe
2009-06-10 18:47:37 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-06-10 18:47:37 ----A---- C:\Windows\system32\wmp.dll
2009-06-10 18:47:37 ----A---- C:\Windows\system32\msshsq.dll
2009-06-10 18:47:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-06-10 18:47:36 ----A---- C:\Windows\system32\msjet40.dll
2009-06-10 18:47:36 ----A---- C:\Windows\system32\MPSSVC.dll
2009-06-10 18:47:35 ----A---- C:\Windows\system32\Query.dll
2009-06-10 18:47:35 ----A---- C:\Windows\system32\qmgr.dll
2009-06-10 18:47:35 ----A---- C:\Windows\system32\msxml6.dll
2009-06-10 18:47:34 ----A---- C:\Windows\system32\P2PGraph.dll
2009-06-10 18:47:34 ----A---- C:\Windows\system32\ole32.dll
2009-06-10 18:47:34 ----A---- C:\Windows\system32\msexch40.dll
2009-06-10 18:47:34 ----A---- C:\Windows\system32\diagperf.dll
2009-06-10 18:47:33 ----A---- C:\Windows\system32\winload.exe
2009-06-10 18:47:33 ----A---- C:\Windows\system32\srchadmin.dll
2009-06-10 18:47:33 ----A---- C:\Windows\system32\ntdll.dll
2009-06-10 18:47:33 ----A---- C:\Windows\system32\msxml3.dll
2009-06-10 18:47:33 ----A---- C:\Windows\system32\mblctr.exe
2009-06-10 18:47:33 ----A---- C:\Windows\system32\EncDec.dll
2009-06-10 18:47:32 ----A---- C:\Windows\system32\uDWM.dll
2009-06-10 18:47:32 ----A---- C:\Windows\system32\riched20.dll
2009-06-10 18:47:32 ----A---- C:\Windows\system32\mmc.exe
2009-06-10 18:47:32 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-06-10 18:47:32 ----A---- C:\Windows\system32\dfsr.exe
2009-06-10 18:47:31 ----A---- C:\Windows\system32\RacEngn.dll
2009-06-10 18:47:31 ----A---- C:\Windows\system32\kernel32.dll
2009-06-10 18:47:31 ----A---- C:\Windows\system32\fdBth.dll
2009-06-10 18:47:30 ----A---- C:\Windows\system32\spoolss.dll
2009-06-10 18:47:30 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-06-10 18:47:30 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-06-10 18:47:30 ----A---- C:\Windows\system32\milcore.dll
2009-06-10 18:47:30 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-06-10 18:47:30 ----A---- C:\Windows\system32\CertEnroll.dll
2009-06-10 18:47:29 ----A---- C:\Windows\system32\schedsvc.dll
2009-06-10 18:47:29 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-06-10 18:47:29 ----A---- C:\Windows\system32\msjtes40.dll
2009-06-10 18:47:28 ----A---- C:\Windows\system32\WinSAT.exe
2009-06-10 18:47:28 ----A---- C:\Windows\system32\msvcp60.dll
2009-06-10 18:47:28 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-10 18:47:28 ----A---- C:\Windows\system32\gpedit.dll
2009-06-10 18:47:28 ----A---- C:\Windows\system32\es.dll
2009-06-10 18:47:27 ----A---- C:\Windows\system32\mstext40.dll
2009-06-10 18:47:27 ----A---- C:\Windows\system32\Magnify.exe
2009-06-10 18:47:27 ----A---- C:\Windows\system32\advapi32.dll
2009-06-10 18:47:26 ----A---- C:\Windows\system32\WMPhoto.dll
2009-06-10 18:47:26 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-06-10 18:47:26 ----A---- C:\Windows\system32\WebClnt.dll
2009-06-10 18:47:26 ----A---- C:\Windows\system32\slwmi.dll
2009-06-10 18:47:26 ----A---- C:\Windows\system32\msxbde40.dll
2009-06-10 18:47:26 ----A---- C:\Windows\system32\msexcl40.dll
2009-06-10 18:47:26 ----A---- C:\Windows\system32\comsvcs.dll
2009-06-10 18:47:25 ----A---- C:\Windows\system32\vssapi.dll
2009-06-10 18:47:25 ----A---- C:\Windows\system32\mstscax.dll
2009-06-10 18:47:25 ----A---- C:\Windows\system32\authui.dll
2009-06-10 18:47:24 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-10 18:47:24 ----A---- C:\Windows\system32\msrepl40.dll
2009-06-10 18:47:23 ----A---- C:\Windows\system32\propsys.dll
2009-06-10 18:47:23 ----A---- C:\Windows\system32\newdev.dll
2009-06-10 18:47:22 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-10 18:47:22 ----A---- C:\Windows\system32\iasrecst.dll
2009-06-10 18:47:22 ----A---- C:\Windows\system32\gpsvc.dll
2009-06-10 18:47:22 ----A---- C:\Windows\system32\eudcedit.exe
2009-06-10 18:47:22 ----A---- C:\Windows\system32\crypt32.dll
2009-06-10 18:47:22 ----A---- C:\Windows\explorer.exe
2009-06-10 18:47:21 ----A---- C:\Windows\system32\setupapi.dll
2009-06-10 18:47:21 ----A---- C:\Windows\system32\rpcss.dll
2009-06-10 18:47:21 ----A---- C:\Windows\system32\mspbde40.dll
2009-06-10 18:47:21 ----A---- C:\Windows\system32\d3d9.dll
2009-06-10 18:47:19 ----A---- C:\Windows\system32\msltus40.dll
2009-06-10 18:47:19 ----A---- C:\Windows\system32\davclnt.dll
2009-06-10 18:47:18 ----A---- C:\Windows\system32\shlwapi.dll
2009-06-10 18:47:18 ----A---- C:\Windows\system32\mfc42.dll
2009-06-10 18:47:17 ----A---- C:\Windows\system32\msrd3x40.dll
2009-06-10 18:47:17 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-06-10 18:47:17 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-06-10 18:47:15 ----A---- C:\Windows\system32\wevtapi.dll
2009-06-10 18:47:15 ----A---- C:\Windows\system32\msdtctm.dll
2009-06-10 18:47:15 ----A---- C:\Windows\system32\browseui.dll
2009-06-10 18:47:14 ----A---- C:\Windows\system32\photowiz.dll
2009-06-10 18:47:14 ----A---- C:\Windows\system32\nlhtml.dll
2009-06-10 18:47:12 ----A---- C:\Windows\system32\user32.dll
2009-06-10 18:47:11 ----A---- C:\Windows\system32\samsrv.dll
2009-06-10 18:47:10 ----A---- C:\Windows\system32\win32spl.dll
2009-06-10 18:47:10 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-06-10 18:47:10 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-06-10 18:47:10 ----A---- C:\Windows\system32\quartz.dll
2009-06-10 18:47:10 ----A---- C:\Windows\system32\oleaut32.dll
2009-06-10 18:47:10 ----A---- C:\Windows\system32\ci.dll
2009-06-10 18:47:09 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-06-10 18:47:09 ----A---- C:\Windows\system32\netshell.dll
2009-06-10 18:47:09 ----A---- C:\Windows\system32\msv1_0.dll
2009-06-10 18:47:09 ----A---- C:\Windows\system32\kerberos.dll
2009-06-10 18:47:09 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-06-10 18:47:09 ----A---- C:\Windows\system32\compcln.exe
2009-06-10 18:47:08 ----A---- C:\Windows\system32\xmlfilter.dll
2009-06-10 18:47:08 ----A---- C:\Windows\system32\winhttp.dll
2009-06-10 18:47:08 ----A---- C:\Windows\system32\mswstr10.dll
2009-06-10 18:47:08 ----A---- C:\Windows\system32\msctf.dll
2009-06-10 18:47:08 ----A---- C:\Windows\system32\emdmgmt.dll
2009-06-10 18:47:08 ----A---- C:\Windows\system32\audiosrv.dll
2009-06-10 18:47:08 ----A---- C:\Windows\system32\apds.dll
2009-06-10 18:47:07 ----A---- C:\Windows\system32\VSSVC.exe
2009-06-10 18:47:07 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-06-10 18:47:07 ----A---- C:\Windows\system32\msvcrt.dll
2009-06-10 18:47:07 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-06-10 18:47:07 ----A---- C:\Windows\system32\gdi32.dll
2009-06-10 18:47:06 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-06-10 18:47:06 ----A---- C:\Windows\system32\SLUI.exe
2009-06-10 18:47:06 ----A---- C:\Windows\system32\msrd2x40.dll
2009-06-10 18:47:06 ----A---- C:\Windows\system32\mfc42u.dll
2009-06-10 18:47:06 ----A---- C:\Windows\system32\eapphost.dll
2009-06-10 18:47:05 ----A---- C:\Windows\system32\winresume.exe
2009-06-10 18:47:05 ----A---- C:\Windows\system32\shdocvw.dll
2009-06-10 18:47:05 ----A---- C:\Windows\system32\propdefs.dll
2009-06-10 18:47:05 ----A---- C:\Windows\system32\odbc32.dll
2009-06-10 18:47:04 ----A---- C:\Windows\system32\wevtutil.exe
2009-06-10 18:47:04 ----A---- C:\Windows\system32\mssitlb.dll
2009-06-10 18:47:04 ----A---- C:\Windows\system32\dbgeng.dll
2009-06-10 18:47:03 ----A---- C:\Windows\system32\WsmSvc.dll
2009-06-10 18:47:03 ----A---- C:\Windows\system32\swprv.dll
2009-06-10 18:47:03 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-06-10 18:47:02 ----A---- C:\Windows\system32\vds.exe
2009-06-10 18:47:02 ----A---- C:\Windows\system32\usp10.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\WSDApi.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-06-10 18:47:01 ----A---- C:\Windows\system32\Wldap32.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\wcnwiz.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\schannel.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\netlogon.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\msscb.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\msctfp.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\evr.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\drvinst.exe
2009-06-10 18:47:01 ----A---- C:\Windows\system32\devmgr.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-06-10 18:47:01 ----A---- C:\Windows\system32\BFE.DLL
2009-06-10 18:47:01 ----A---- C:\Windows\system32\adsldpc.dll
2009-06-10 18:47:00 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-06-10 18:47:00 ----A---- C:\Windows\system32\wercon.exe
2009-06-10 18:47:00 ----A---- C:\Windows\system32\services.exe
2009-06-10 18:46:59 ----A---- C:\Windows\system32\wcncsvc.dll
2009-06-10 18:46:59 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-06-10 18:46:59 ----A---- C:\Windows\system32\mswdat10.dll
2009-06-10 18:46:59 ----A---- C:\Windows\system32\msjter40.dll
2009-06-10 18:46:59 ----A---- C:\Windows\system32\msdtcprx.dll
2009-06-10 18:46:59 ----A---- C:\Windows\system32\msdrm.dll
2009-06-10 18:46:59 ----A---- C:\Windows\system32\mimefilt.dll
2009-06-10 18:46:59 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-06-10 18:46:59 ----A---- C:\Windows\system32\comdlg32.dll
2009-06-10 18:46:59 ----A---- C:\Windows\system32\certcli.dll
2009-06-10 18:46:59 ----A---- C:\Windows\system32\adtschema.dll
2009-06-10 18:46:58 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-06-10 18:46:58 ----A---- C:\Windows\system32\w32time.dll
2009-06-10 18:46:58 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-06-10 18:46:58 ----A---- C:\Windows\system32\taskeng.exe
2009-06-10 18:46:58 ----A---- C:\Windows\system32\rtffilt.dll
2009-06-10 18:46:58 ----A---- C:\Windows\system32\reg.exe
2009-06-10 18:46:58 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-06-10 18:46:58 ----A---- C:\Windows\system32\dnsapi.dll
2009-06-10 18:46:58 ----A---- C:\Windows\system32\certutil.exe
2009-06-10 18:46:57 ----A---- C:\Windows\system32\rsaenh.dll
2009-06-10 18:46:57 ----A---- C:\Windows\system32\msshooks.dll
2009-06-10 18:46:57 ----A---- C:\Windows\system32\msscntrs.dll
2009-06-10 18:46:57 ----A---- C:\Windows\system32\msihnd.dll
2009-06-10 18:46:57 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-06-10 18:46:57 ----A---- C:\Windows\system32\bthserv.dll
2009-06-10 18:46:57 ----A---- C:\Windows\system32\bcrypt.dll
2009-06-10 18:46:56 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-06-10 18:46:56 ----A---- C:\Windows\system32\netapi32.dll
2009-06-10 18:46:56 ----A---- C:\Windows\system32\mtxclu.dll
2009-06-10 18:46:56 ----A---- C:\Windows\system32\msstrc.dll
2009-06-10 18:46:56 ----A---- C:\Windows\system32\inetpp.dll
2009-06-10 18:46:56 ----A---- C:\Windows\system32\inetcomm.dll
2009-06-10 18:46:56 ----A---- C:\Windows\system32\dfshim.dll
2009-06-10 18:46:55 ----A---- C:\Windows\system32\mscories.dll
2009-06-10 18:46:55 ----A---- C:\Windows\system32\hidserv.dll
2009-06-10 18:46:55 ----A---- C:\Windows\system32\fundisc.dll
2009-06-10 18:46:55 ----A---- C:\Windows\system32\cryptsvc.dll
2009-06-10 18:46:53 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-06-10 18:46:53 ----A---- C:\Windows\system32\termsrv.dll
2009-06-10 18:46:53 ----A---- C:\Windows\system32\profsvc.dll
2009-06-10 18:46:53 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-06-10 18:46:51 ----A---- C:\Windows\system32\wdc.dll
2009-06-10 18:46:51 ----A---- C:\Windows\system32\shsvcs.dll
2009-06-10 18:46:51 ----A---- C:\Windows\system32\msiexec.exe
2009-06-10 18:46:51 ----A---- C:\Windows\system32\imapi.dll
2009-06-10 18:46:51 ----A---- C:\Windows\system32\gameux.dll
2009-06-10 18:46:50 ----A---- C:\Windows\system32\spoolsv.exe
2009-06-10 18:46:50 ----A---- C:\Windows\system32\rasmans.dll
2009-06-10 18:46:50 ----A---- C:\Windows\system32\pnidui.dll
2009-06-10 18:46:50 ----A---- C:\Windows\system32\icardres.dll
2009-06-10 18:46:50 ----A---- C:\Windows\system32\iassdo.dll
2009-06-10 18:46:50 ----A---- C:\Windows\system32\chsbrkr.dll
2009-06-10 18:46:50 ----A---- C:\Windows\system32\autofmt.exe
2009-06-10 18:46:49 ----A---- C:\Windows\system32\wersvc.dll
2009-06-10 18:46:49 ----A---- C:\Windows\system32\slmgr.vbs
2009-06-10 18:46:49 ----A---- C:\Windows\system32\scrrun.dll
2009-06-10 18:46:49 ----A---- C:\Windows\system32\PSHED.DLL
2009-06-10 18:46:49 ----A---- C:\Windows\system32\pdh.dll
2009-06-10 18:46:49 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-06-10 18:46:49 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-06-10 18:46:49 ----A---- C:\Windows\system32\azroles.dll
2009-06-10 18:46:48 ----A---- C:\Windows\system32\pidgenx.dll
2009-06-10 18:46:46 ----A---- C:\Windows\system32\wmpmde.dll
2009-06-10 18:46:46 ----A---- C:\Windows\system32\winlogon.exe
2009-06-10 18:46:46 ----A---- C:\Windows\system32\SyncCenter.dll
2009-06-10 18:46:45 ----A---- C:\Windows\system32\SLUINotify.dll
2009-06-10 18:46:45 ----A---- C:\Windows\system32\sethc.exe
2009-06-10 18:46:45 ----A---- C:\Windows\system32\ncrypt.dll
2009-06-10 18:46:45 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-06-10 18:46:45 ----A---- C:\Windows\system32\kd1394.dll
2009-06-10 18:46:45 ----A---- C:\Windows\system32\comuid.dll
2009-06-10 18:46:45 ----A---- C:\Windows\system32\certmgr.dll
2009-06-10 18:46:44 ----A---- C:\Windows\system32\wisptis.exe
2009-06-10 18:46:44 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-06-10 18:46:44 ----A---- C:\Windows\system32\untfs.dll
2009-06-10 18:46:44 ----A---- C:\Windows\system32\taskcomp.dll
2009-06-10 18:46:44 ----A---- C:\Windows\system32\spp.dll
2009-06-10 18:46:44 ----A---- C:\Windows\system32\scrobj.dll
2009-06-10 18:46:44 ----A---- C:\Windows\system32\rtutils.dll
2009-06-10 18:46:44 ----A---- C:\Windows\system32\iassam.dll
2009-06-10 18:46:44 ----A---- C:\Windows\system32\dwm.exe
2009-06-10 18:46:44 ----A---- C:\Windows\system32\autochk.exe
2009-06-10 18:46:43 ----A---- C:\Windows\system32\printui.dll
2009-06-10 18:46:43 ----A---- C:\Windows\system32\iasnap.dll
2009-06-10 18:46:43 ----A---- C:\Windows\system32\autoconv.exe
2009-06-10 18:46:42 ----A---- C:\Windows\system32\winsrv.dll
2009-06-10 18:46:41 ----A---- C:\Windows\system32\onex.dll
2009-06-10 18:46:41 ----A---- C:\Windows\system32\kdcom.dll
2009-06-10 18:46:41 ----A---- C:\Windows\system32\cscript.exe
2009-06-10 18:46:41 ----A---- C:\Windows\system32\basecsp.dll
2009-06-10 18:46:40 ----A---- C:\Windows\system32\wow32.dll
2009-06-10 18:46:40 ----A---- C:\Windows\system32\userenv.dll
2009-06-10 18:46:40 ----A---- C:\Windows\system32\osk.exe
2009-06-10 18:46:40 ----A---- C:\Windows\system32\audiodg.exe
2009-06-10 18:46:39 ----A---- C:\Windows\system32\spcmsg.dll
2009-06-10 18:46:39 ----A---- C:\Windows\system32\mswsock.dll
2009-06-10 18:46:39 ----A---- C:\Windows\system32\kdusb.dll
2009-06-10 18:46:38 ----A---- C:\Windows\system32\WinSCard.dll
2009-06-10 18:46:38 ----A---- C:\Windows\system32\winmm.dll
2009-06-10 18:46:38 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-06-10 18:46:38 ----A---- C:\Windows\system32\RelMon.dll
2009-06-10 18:46:38 ----A---- C:\Windows\system32\rdpencom.dll
2009-06-10 18:46:38 ----A---- C:\Windows\system32\offfilt.dll
2009-06-10 18:46:38 ----A---- C:\Windows\system32\msftedit.dll
2009-06-10 18:46:38 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-06-10 18:46:37 ----A---- C:\Windows\system32\WerFault.exe
2009-06-10 18:46:37 ----A---- C:\Windows\system32\Utilman.exe
2009-06-10 18:46:37 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-06-10 18:46:37 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-06-10 18:46:36 ----A---- C:\Windows\system32\wsepno.dll
2009-06-10 18:46:36 ----A---- C:\Windows\system32\stobject.dll
2009-06-10 18:46:36 ----A---- C:\Windows\system32\SndVol.exe
2009-06-10 18:46:36 ----A---- C:\Windows\system32\prnntfy.dll
2009-06-10 18:46:36 ----A---- C:\Windows\system32\msnetobj.dll
2009-06-10 18:46:36 ----A---- C:\Windows\system32\mscms.dll
2009-06-10 18:46:36 ----A---- C:\Windows\system32\mfplat.dll
2009-06-10 18:46:36 ----A---- C:\Windows\system32\diskraid.exe
2009-06-10 18:46:36 ----A---- C:\Windows\system32\apphelp.dll
2009-06-10 18:46:36 ----A---- C:\Windows\system32\adsmsext.dll
2009-06-10 18:46:35 ----A---- C:\Windows\system32\wscript.exe
2009-06-10 18:46:35 ----A---- C:\Windows\system32\wscntfy.dll
2009-06-10 18:46:35 ----A---- C:\Windows\system32\wiaservc.dll
2009-06-10 18:46:35 ----A---- C:\Windows\system32\ulib.dll
2009-06-10 18:46:35 ----A---- C:\Windows\system32\sysclass.dll
2009-06-10 18:46:35 ----A---- C:\Windows\system32\secur32.dll
2009-06-10 18:46:35 ----A---- C:\Windows\system32\rastapi.dll
2009-06-10 18:46:35 ----A---- C:\Windows\system32\odbccp32.dll
2009-06-10 18:46:35 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-06-10 18:46:35 ----A---- C:\Windows\system32\iasdatastore.dll
2009-06-10 18:46:35 ----A---- C:\Windows\system32\dsound.dll
2009-06-10 18:46:35 ----A---- C:\Windows\system32\cryptui.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\wscsvc.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\wlansvc.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\wlangpui.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\vdsdyn.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\rastls.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\pnpsetup.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\iashlpr.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\gpapi.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\fdProxy.dll
2009-06-10 18:46:34 ----A---- C:\Windows\system32\diskpart.exe
2009-06-10 18:46:34 ----A---- C:\Windows\system32\brcpl.dll
2009-06-10 18:46:33 ----A---- C:\Windows\system32\wusa.exe
2009-06-10 18:46:33 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-06-10 18:46:33 ----A---- C:\Windows\system32\regsvc.dll
2009-06-10 18:46:33 ----A---- C:\Windows\system32\rasapi32.dll
2009-06-10 18:46:33 ----A---- C:\Windows\system32\ntprint.dll
2009-06-10 18:46:33 ----A---- C:\Windows\system32\netiohlp.dll
2009-06-10 18:46:33 ----A---- C:\Windows\system32\mscorier.dll
2009-06-10 18:46:33 ----A---- C:\Windows\system32\logman.exe
2009-06-10 18:46:33 ----A---- C:\Windows\system32\iasrad.dll
2009-06-10 18:46:32 ----A---- C:\Windows\system32\zipfldr.dll
2009-06-10 18:46:32 ----A---- C:\Windows\system32\wshext.dll
2009-06-10 18:46:32 ----A---- C:\Windows\system32\wpccpl.dll
2009-06-10 18:46:32 ----A---- C:\Windows\system32\netcenter.dll
2009-06-10 18:46:32 ----A---- C:\Windows\system32\findstr.exe
2009-06-10 18:46:31 ----A---- C:\Windows\system32\wsnmp32.dll
2009-06-10 18:46:31 ----A---- C:\Windows\system32\wer.dll
2009-06-10 18:46:31 ----A---- C:\Windows\system32\themecpl.dll
2009-06-10 18:46:31 ----A---- C:\Windows\system32\rasdlg.dll
2009-06-10 18:46:31 ----A---- C:\Windows\system32\iassvcs.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\uxsms.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\tsbyuv.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\srvsvc.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\slcc.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\scansetting.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\powrprof.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\ntmarta.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\msutb.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\mstsc.exe
2009-06-10 18:46:30 ----A---- C:\Windows\system32\mstlsapi.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\mssprxy.dll
2009-06-10 18:46:30 ----A---- C:\Windows\system32\iasads.dll
2009-06-10 18:46:29 ----A---- C:\Windows\system32\wlanhlp.dll
2009-06-10 18:46:29 ----A---- C:\Windows\system32\sud.dll
2009-06-10 18:46:29 ----A---- C:\Windows\system32\powercpl.dll
2009-06-10 18:46:29 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-06-10 18:46:29 ----A---- C:\Windows\system32\newdev.exe
2009-06-10 18:46:29 ----A---- C:\Windows\system32\networkmap.dll
2009-06-10 18:46:29 ----A---- C:\Windows\system32\iasacct.dll
2009-06-10 18:46:29 ----A---- C:\Windows\system32\dot3svc.dll
2009-06-10 18:46:29 ----A---- C:\Windows\system32\connect.dll
2009-06-10 18:46:29 ----A---- C:\Windows\system32\authz.dll
2009-06-10 18:46:28 ----A---- C:\Windows\system32\usercpl.dll
2009-06-10 18:46:28 ----A---- C:\Windows\system32\themeui.dll
2009-06-10 18:46:28 ----A---- C:\Windows\system32\systemcpl.dll
2009-06-10 18:46:28 ----A---- C:\Windows\system32\samlib.dll
2009-06-10 18:46:28 ----A---- C:\Windows\system32\pcaui.dll
2009-06-10 18:46:28 ----A---- C:\Windows\system32\mmci.dll
2009-06-10 18:46:28 ----A---- C:\Windows\system32\autoplay.dll
2009-06-10 18:46:28 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-06-10 18:46:27 ----A---- C:\Windows\system32\wpcao.dll
2009-06-10 18:46:27 ----A---- C:\Windows\system32\wlanpref.dll
2009-06-10 18:46:27 ----A---- C:\Windows\system32\vdsutil.dll
2009-06-10 18:46:27 ----A---- C:\Windows\system32\rpchttp.dll
2009-06-10 18:46:27 ----A---- C:\Windows\system32\regapi.dll
2009-06-10 18:46:27 ----A---- C:\Windows\system32\qdvd.dll
2009-06-10 18:46:27 ----A---- C:\Windows\system32\msinfo32.exe
2009-06-10 18:46:26 ----A---- C:\Windows\system32\tapisrv.dll
2009-06-10 18:46:26 ----A---- C:\Windows\system32\scksp.dll
2009-06-10 18:46:26 ----A---- C:\Windows\system32\scesrv.dll
2009-06-10 18:46:26 ----A---- C:\Windows\system32\psisdecd.dll
2009-06-10 18:46:26 ----A---- C:\Windows\system32\oleprn.dll
2009-06-10 18:46:26 ----A---- C:\Windows\system32\mpr.dll
2009-06-10 18:46:26 ----A---- C:\Windows\system32\feclient.dll
2009-06-10 18:46:26 ----A---- C:\Windows\system32\AudioSes.dll
2009-06-10 18:46:25 ----A---- C:\Windows\system32\wscisvif.dll
2009-06-10 18:46:25 ----A---- C:\Windows\system32\sdclt.exe
2009-06-10 18:46:25 ----A---- C:\Windows\system32\rekeywiz.exe
2009-06-10 18:46:25 ----A---- C:\Windows\system32\ncryptui.dll
2009-06-10 18:46:25 ----A---- C:\Windows\system32\imm32.dll
2009-06-10 18:46:25 ----A---- C:\Windows\system32\iaspolcy.dll
2009-06-10 18:46:25 ----A---- C:\Windows\system32\Faultrep.dll
2009-06-10 18:46:25 ----A---- C:\Windows\system32\dpapimig.exe
2009-06-10 18:46:25 ----A---- C:\Windows\system32\dot3msm.dll
2009-06-10 18:46:25 ----A---- C:\Windows\system32\DeviceEject.exe
2009-06-10 18:46:24 ----A---- C:\Windows\system32\TSTheme.exe
2009-06-10 18:46:24 ----A---- C:\Windows\system32\spwinsat.dll
2009-06-10 18:46:24 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-06-10 18:46:24 ----A---- C:\Windows\system32\scecli.dll
2009-06-10 18:46:24 ----A---- C:\Windows\system32\rasplap.dll
2009-06-10 18:46:24 ----A---- C:\Windows\system32\rasgcw.dll
2009-06-10 18:46:24 ----A---- C:\Windows\system32\qedit.dll
2009-06-10 18:46:24 ----A---- C:\Windows\system32\pnpui.dll
2009-06-10 18:46:24 ----A---- C:\Windows\system32\perfdisk.dll
2009-06-10 18:46:24 ----A---- C:\Windows\system32\hdwwiz.exe
2009-06-10 18:46:24 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-06-10 18:46:24 ----A---- C:\Windows\system32\certreq.exe
2009-06-10 18:46:23 ----A---- C:\Windows\system32\whealogr.dll
2009-06-10 18:46:23 ----A---- C:\Windows\system32\tcpmon.dll
2009-06-10 18:46:23 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-06-10 18:46:23 ----A---- C:\Windows\system32\srcore.dll
2009-06-10 18:46:23 ----A---- C:\Windows\system32\SCardSvr.dll
2009-06-10 18:46:23 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-06-10 18:46:23 ----A---- C:\Windows\system32\fdWSD.dll
2009-06-10 18:46:23 ----A---- C:\Windows\system32\conime.exe
2009-06-10 18:46:23 ----A---- C:\Windows\system32\cmmon32.exe
2009-06-10 18:46:23 ----A---- C:\Windows\system32\cmdial32.dll
2009-06-10 18:46:22 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-06-10 18:46:22 ----A---- C:\Windows\system32\wlanui.dll
2009-06-10 18:46:22 ----A---- C:\Windows\system32\wiaaut.dll
2009-06-10 18:46:22 ----A---- C:\Windows\system32\shwebsvc.dll
2009-06-10 18:46:22 ----A---- C:\Windows\system32\rasppp.dll
2009-06-10 18:46:22 ----A---- C:\Windows\system32\raschap.dll
2009-06-10 18:46:22 ----A---- C:\Windows\system32\PnPutil.exe
2009-06-10 18:46:22 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-06-10 18:46:22 ----A---- C:\Windows\system32\fontext.dll
2009-06-10 18:46:22 ----A---- C:\Windows\system32\dsprop.dll
2009-06-10 18:46:21 ----A---- C:\Windows\system32\wlanmsm.dll
2009-06-10 18:46:21 ----A---- C:\Windows\system32\shsetup.dll
2009-06-10 18:46:21 ----A---- C:\Windows\system32\rasmontr.dll
2009-06-10 18:46:21 ----A---- C:\Windows\system32\oobefldr.dll
2009-06-10 18:46:21 ----A---- C:\Windows\system32\modemui.dll
2009-06-10 18:46:21 ----A---- C:\Windows\system32\dimsroam.dll
2009-06-10 18:46:20 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-06-10 18:46:20 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-06-10 18:46:20 ----A---- C:\Windows\system32\mscandui.dll
2009-06-10 18:46:20 ----A---- C:\Windows\system32\dataclen.dll
2009-06-10 18:46:20 ----A---- C:\Windows\system32\chtbrkr.dll
2009-06-10 18:46:19 ----A---- C:\Windows\system32\WSDMon.dll
2009-06-10 18:46:19 ----A---- C:\Windows\system32\wmpeffects.dll
2009-06-10 18:46:19 ----A---- C:\Windows\system32\smss.exe
2009-06-10 18:46:19 ----A---- C:\Windows\system32\rdpwsx.dll
2009-06-10 18:46:19 ----A---- C:\Windows\system32\networkexplorer.dll
2009-06-10 18:46:19 ----A---- C:\Windows\system32\netplwiz.dll
2009-06-10 18:46:19 ----A---- C:\Windows\system32\credui.dll
2009-06-10 18:46:19 ----A---- C:\Windows\system32\certprop.dll
2009-06-10 18:46:19 ----A---- C:\Windows\system32\blackbox.dll
2009-06-10 18:46:18 ----A---- C:\Windows\system32\wscapi.dll
2009-06-10 18:46:18 ----A---- C:\Windows\system32\wpcsvc.dll
2009-06-10 18:46:18 ----A---- C:\Windows\system32\thawbrkr.dll
2009-06-10 18:46:18 ----A---- C:\Windows\system32\msscp.dll
2009-06-10 18:46:18 ----A---- C:\Windows\system32\msimtf.dll
2009-06-10 18:46:18 ----A---- C:\Windows\system32\logagent.exe
2009-06-10 18:46:18 ----A---- C:\Windows\system32\InkEd.dll
2009-06-10 18:46:18 ----A---- C:\Windows\system32\ifmon.dll
2009-06-10 18:46:18 ----A---- C:\Windows\system32\gpresult.exe
2009-06-10 18:46:18 ----A---- C:\Windows\system32\cipher.exe
2009-06-10 18:46:17 ----A---- C:\Windows\system32\softkbd.dll
2009-06-10 18:46:17 ----A---- C:\Windows\system32\sendmail.dll
2009-06-10 18:46:17 ----A---- C:\Windows\system32\puiapi.dll
2009-06-10 18:46:17 ----A---- C:\Windows\system32\olepro32.dll
2009-06-10 18:46:17 ----A---- C:\Windows\system32\msctfui.dll
2009-06-10 18:46:17 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-06-10 18:46:17 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-06-10 18:46:17 ----A---- C:\Windows\system32\dmsynth.dll
2009-06-10 18:46:17 ----A---- C:\Windows\system32\cdd.dll
2009-06-10 18:46:17 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-06-10 18:46:16 ----A---- C:\Windows\system32\wshbth.dll
2009-06-10 18:46:16 ----A---- C:\Windows\system32\version.dll
2009-06-10 18:46:16 ----A---- C:\Windows\system32\SLLUA.exe
2009-06-10 18:46:16 ----A---- C:\Windows\system32\msisip.dll
2009-06-10 18:46:16 ----A---- C:\Windows\system32\mprapi.dll
2009-06-10 18:46:16 ----A---- C:\Windows\system32\input.dll
2009-06-10 18:46:16 ----A---- C:\Windows\system32\fdSSDP.dll
2009-06-10 18:46:16 ----A---- C:\Windows\system32\fc.exe
2009-06-10 18:46:16 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\wsdchngr.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\rrinstaller.exe
2009-06-10 18:46:15 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\msjint40.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\l2nacp.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\ftp.exe
2009-06-10 18:46:15 ----A---- C:\Windows\system32\eapp3hst.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\dmusic.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\cscdll.dll
2009-06-10 18:46:15 ----A---- C:\Windows\system32\cscapi.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\tscupgrd.exe
2009-06-10 18:46:14 ----A---- C:\Windows\system32\Storprop.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\slcinst.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\rasdial.exe
2009-06-10 18:46:14 ----A---- C:\Windows\system32\rasdiag.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\nslookup.exe
2009-06-10 18:46:14 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\mfps.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\ipconfig.exe
2009-06-10 18:46:14 ----A---- C:\Windows\system32\fdWCN.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\eappcfg.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\dot3cfg.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\bthudtask.exe
2009-06-10 18:46:14 ----A---- C:\Windows\system32\bthci.dll
2009-06-10 18:46:14 ----A---- C:\Windows\system32\aaclient.dll
2009-06-10 18:46:13 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-06-10 18:46:13 ----A---- C:\Windows\system32\ocsetup.exe
2009-06-10 18:46:13 ----A---- C:\Windows\system32\mmcico.dll
2009-06-10 18:46:13 ----A---- C:\Windows\system32\mfpmp.exe
2009-06-10 18:46:13 ----A---- C:\Windows\system32\hbaapi.dll
2009-06-10 18:46:13 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-06-10 18:46:13 ----A---- C:\Windows\system32\fdeploy.dll
2009-06-10 18:46:13 ----A---- C:\Windows\system32\eappgnui.dll
2009-06-10 18:46:12 ----A---- C:\Windows\system32\tsgqec.dll
2009-06-10 18:46:12 ----A---- C:\Windows\system32\gpupdate.exe
2009-06-10 18:46:12 ----A---- C:\Windows\system32\csrstub.exe
2009-06-10 18:46:12 ----A---- C:\Windows\system32\cbsra.exe
2009-06-10 18:46:12 ----A---- C:\Windows\system32\bitsigd.dll
2009-06-10 18:46:12 ----A---- C:\Windows\system32\atmlib.dll
2009-06-10 18:46:11 ----A---- C:\Windows\system32\NcdProp.dll
2009-06-10 18:46:11 ----A---- C:\Windows\system32\iscsilog.dll
2009-06-10 18:46:10 ----A---- C:\Windows\system32\winrnr.dll
2009-06-10 18:46:10 ----A---- C:\Windows\system32\vdmdbg.dll
2009-06-10 18:46:10 ----A---- C:\Windows\system32\slwga.dll
2009-06-10 18:46:10 ----A---- C:\Windows\system32\odbcconf.dll
2009-06-10 18:46:10 ----A---- C:\Windows\system32\inetppui.dll
2009-06-10 18:46:09 ----A---- C:\Windows\system32\midimap.dll
2009-06-10 18:46:09 ----A---- C:\Windows\system32\atmfd.dll
2009-06-10 18:46:08 ----A---- C:\Windows\system32\spwmp.dll
2009-06-10 18:46:07 ----A---- C:\Windows\system32\wmploc.DLL
2009-06-10 18:46:07 ----A---- C:\Windows\system32\dxmasf.dll
2009-06-10 18:46:06 ----A---- C:\Windows\system32\msimsg.dll
2009-06-10 18:46:06 ----A---- C:\Windows\system32\mferror.dll
2009-06-10 18:46:06 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-06-10 18:45:44 ----A---- C:\Windows\system32\SmiEngine.dll
2009-06-10 18:45:41 ----A---- C:\Windows\system32\wdscore.dll
2009-06-10 18:45:41 ----A---- C:\Windows\system32\PkgMgr.exe
2009-06-10 18:45:34 ----A---- C:\Windows\system32\drvstore.dll
2009-06-10 17:45:23 ----A---- C:\Windows\system32\iesetup.dll
2009-06-10 17:45:22 ----A---- C:\Windows\system32\wininet.dll
2009-06-10 17:45:22 ----A---- C:\Windows\system32\ieui.dll
2009-06-10 17:45:22 ----A---- C:\Windows\system32\iertutil.dll
2009-06-10 17:45:22 ----A---- C:\Windows\system32\iernonce.dll
2009-06-10 17:45:22 ----A---- C:\Windows\system32\ie4uinit.exe
2009-06-10 17:45:20 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-10 17:45:20 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-10 17:45:19 ----A---- C:\Windows\system32\urlmon.dll
2009-06-10 17:45:18 ----A---- C:\Windows\system32\ieframe.dll
2009-06-10 17:45:17 ----A---- C:\Windows\system32\mshtml.dll
2009-06-10 17:43:13 ----A---- C:\Windows\system32\mshtmler.dll
2009-06-10 17:43:13 ----A---- C:\Windows\system32\mshtmled.dll
2009-06-10 17:43:13 ----A---- C:\Windows\system32\icardie.dll
2009-06-10 17:43:13 ----A---- C:\Windows\system32\admparse.dll
2009-06-10 17:43:12 ----A---- C:\Windows\system32\msls31.dll
2009-06-10 17:43:12 ----A---- C:\Windows\system32\imgutil.dll
2009-06-10 17:43:12 ----A---- C:\Windows\system32\ieakeng.dll
2009-06-10 17:43:12 ----A---- C:\Windows\system32\dxtrans.dll
2009-06-10 17:43:12 ----A---- C:\Windows\system32\dxtmsft.dll
2009-06-10 17:43:12 ----A---- C:\Windows\system32\corpol.dll
2009-06-10 17:43:11 ----A---- C:\Windows\system32\occache.dll
2009-06-10 17:43:11 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-06-10 17:43:11 ----A---- C:\Windows\system32\licmgr10.dll
2009-06-10 17:43:11 ----A---- C:\Windows\system32\inseng.dll
2009-06-10 17:43:11 ----A---- C:\Windows\system32\iepeers.dll
2009-06-10 17:43:11 ----A---- C:\Windows\system32\ieaksie.dll
2009-06-10 17:43:10 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-06-10 17:43:10 ----A---- C:\Windows\system32\wextract.exe
2009-06-10 17:43:10 ----A---- C:\Windows\system32\webcheck.dll
2009-06-10 17:43:10 ----A---- C:\Windows\system32\mstime.dll
2009-06-10 17:43:10 ----A---- C:\Windows\system32\msrating.dll
2009-06-10 17:43:10 ----A---- C:\Windows\system32\msfeedssync.exe
2009-06-10 17:43:10 ----A---- C:\Windows\system32\ieakui.dll
2009-06-10 17:43:09 ----A---- C:\Windows\system32\vbscript.dll
2009-06-10 17:43:09 ----A---- C:\Windows\system32\pngfilt.dll
2009-06-10 17:43:09 ----A---- C:\Windows\system32\msfeeds.dll
2009-06-10 17:43:09 ----A---- C:\Windows\system32\jscript.dll
2009-06-10 17:43:09 ----A---- C:\Windows\system32\ieapfltr.dll
2009-06-10 17:43:09 ----A---- C:\Windows\system32\advpack.dll
2009-06-10 17:43:08 ----A---- C:\Windows\system32\url.dll
2009-06-10 17:43:07 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-06-10 17:43:07 ----A---- C:\Windows\system32\SetDepNx.exe
2009-06-10 17:43:07 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-06-10 17:43:07 ----A---- C:\Windows\system32\PDMSetup.exe
2009-06-10 17:43:07 ----A---- C:\Windows\system32\mshta.exe
2009-06-10 17:43:07 ----A---- C:\Windows\system32\iexpress.exe
2009-06-10 17:43:07 ----A---- C:\Windows\system32\ieUnatt.exe
2009-06-10 17:43:07 ----A---- C:\Windows\system32\iesysprep.dll
2009-06-10 17:24:14 ----A---- C:\Windows\system32\localspl.dll
2009-06-10 17:24:09 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-08 18:36:46 ----D---- C:\Program Files\DVDFab 6
2009-06-06 19:13:16 ----D---- C:\Program Files\iPod
2009-06-06 19:13:13 ----D---- C:\Program Files\iTunes
2009-06-06 19:10:48 ----D---- C:\Program Files\QuickTime
2009-06-06 10:33:45 ----D---- C:\rsit
2009-06-01 21:31:04 ----D---- C:\Users\Valkiri\AppData\Roaming\Avira
2009-06-01 21:20:15 ----D---- C:\ProgramData\Avira
2009-06-01 21:20:15 ----D---- C:\Program Files\Avira

======List of files/folders modified in the last 1 months======

2009-06-12 06:15:46 ----D---- C:\Windows\Temp
2009-06-12 06:13:14 ----D---- C:\Program Files\Trend Micro
2009-06-12 01:28:23 ----D---- C:\Windows\system32\fr-FR
2009-06-12 01:28:22 ----D---- C:\Windows\System32
2009-06-12 00:56:59 ----D---- C:\Windows
2009-06-12 00:56:59 ----A---- C:\Windows\system.ini
2009-06-11 23:03:14 ----D---- C:\Windows\system32\drivers
2009-06-11 23:03:14 ----D---- C:\Windows\AppPatch
2009-06-11 23:03:13 ----D---- C:\Program Files\Common Files
2009-06-11 20:36:09 ----D---- C:\Windows\inf
2009-06-11 20:36:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-06-10 22:33:56 ----D---- C:\Windows\system32\wbem
2009-06-10 22:32:17 ----D---- C:\Windows\winsxs
2009-06-10 22:32:11 ----D---- C:\Windows\Tasks
2009-06-10 22:32:11 ----D---- C:\Windows\system32\zh-TW
2009-06-10 22:32:11 ----D---- C:\Windows\system32\zh-CN
2009-06-10 22:32:11 ----D---- C:\Windows\system32\XPSViewer
2009-06-10 22:32:11 ----D---- C:\Windows\system
2009-06-10 22:32:10 ----D---- C:\Windows\system32\uk-UA
2009-06-10 22:32:10 ----D---- C:\Windows\system32\tr-TR
2009-06-10 22:32:10 ----D---- C:\Windows\system32\th-TH
2009-06-10 22:32:10 ----D---- C:\Windows\system32\sv-SE
2009-06-10 22:32:10 ----D---- C:\Windows\system32\sr-Latn-CS
2009-06-10 22:32:10 ----D---- C:\Windows\system32\spool
2009-06-10 22:32:09 ----D---- C:\Windows\system32\SLUI
2009-06-10 22:32:09 ----D---- C:\Windows\system32\sl-SI
2009-06-10 22:32:09 ----D---- C:\Windows\system32\sk-SK
2009-06-10 22:32:09 ----D---- C:\Windows\system32\setup
2009-06-10 22:32:09 ----D---- C:\Windows\system32\ru-RU
2009-06-10 22:32:09 ----D---- C:\Windows\system32\RTCOM
2009-06-10 22:32:09 ----D---- C:\Windows\system32\ro-RO
2009-06-10 22:32:09 ----D---- C:\Windows\system32\pt-PT
2009-06-10 22:32:09 ----D---- C:\Windows\system32\pt-BR
2009-06-10 22:32:09 ----D---- C:\Windows\system32\pl-PL
2009-06-10 22:32:09 ----D---- C:\Windows\system32\oobe
2009-06-10 22:32:08 ----D---- C:\Windows\system32\nl-NL
2009-06-10 22:32:08 ----D---- C:\Windows\system32\nb-NO
2009-06-10 22:32:08 ----D---- C:\Windows\system32\migwiz
2009-06-10 22:32:08 ----D---- C:\Windows\system32\migration
2009-06-10 22:32:08 ----D---- C:\Windows\system32\manifeststore
2009-06-10 22:32:08 ----D---- C:\Windows\system32\lv-LV
2009-06-10 22:32:08 ----D---- C:\Windows\system32\lt-LT
2009-06-10 22:32:07 ----D---- C:\Windows\system32\ko-KR
2009-06-10 22:32:07 ----D---- C:\Windows\system32\ja-JP
2009-06-10 22:32:07 ----D---- C:\Windows\system32\it-IT
2009-06-10 22:32:07 ----D---- C:\Windows\system32\hu-HU
2009-06-10 22:32:07 ----D---- C:\Windows\system32\hr-HR
2009-06-10 22:32:06 ----D---- C:\Windows\system32\he-IL
2009-06-10 22:32:06 ----D---- C:\Windows\system32\fr
2009-06-10 22:32:05 ----D---- C:\Windows\system32\fi-FI
2009-06-10 22:32:05 ----D---- C:\Windows\system32\et-EE
2009-06-10 22:32:05 ----D---- C:\Windows\system32\es-ES
2009-06-10 22:32:05 ----D---- C:\Windows\system32\en-US
2009-06-10 22:32:05 ----D---- C:\Windows\system32\el-GR
2009-06-10 22:32:03 ----D---- C:\Windows\system32\de-DE
2009-06-10 22:32:03 ----D---- C:\Windows\system32\da-DK
2009-06-10 22:32:03 ----D---- C:\Windows\system32\cs-CZ
2009-06-10 22:32:03 ----D---- C:\Windows\system32\CodeIntegrity
2009-06-10 22:32:03 ----D---- C:\Windows\system32\catroot2
2009-06-10 22:32:03 ----D---- C:\Windows\system32\Boot
2009-06-10 22:32:03 ----D---- C:\Windows\system32\bg-BG
2009-06-10 22:32:02 ----D---- C:\Windows\system32\ar-SA
2009-06-10 22:32:02 ----D---- C:\Windows\system32\AdvancedInstallers
2009-06-10 22:32:02 ----D---- C:\Windows\servicing
2009-06-10 22:32:02 ----D---- C:\Windows\rescache
2009-06-10 22:31:58 ----RSD---- C:\Windows\Fonts
2009-06-10 22:31:58 ----D---- C:\Windows\IME
2009-06-10 22:31:58 ----D---- C:\Windows\BisonC07
2009-06-10 22:31:55 ----D---- C:\ProgramData\HP Product Assistant
2009-06-10 22:31:55 ----D---- C:\Program Files\Windows Sidebar
2009-06-10 22:31:55 ----D---- C:\Program Files\Windows Photo Gallery
2009-06-10 22:31:55 ----D---- C:\Program Files\Windows Media Player
2009-06-10 22:31:55 ----D---- C:\Program Files\Windows Mail
2009-06-10 22:31:55 ----D---- C:\Program Files\Windows Defender
2009-06-10 22:31:55 ----D---- C:\Program Files\Windows Collaboration
2009-06-10 22:31:55 ----D---- C:\Program Files\Windows Calendar
2009-06-10 22:31:55 ----D---- C:\Program Files\Movie Maker
2009-06-10 22:31:55 ----D---- C:\Program Files\Internet Explorer
2009-06-10 22:31:55 ----D---- C:\Program Files\Common Files\System
2009-06-10 22:31:54 ----D---- C:\Windows\registration
2009-06-10 22:21:29 ----SHD---- C:\System Volume Information
2009-06-10 19:54:24 ----D---- C:\Windows\Microsoft.NET
2009-06-10 19:54:16 ----RSD---- C:\Windows\assembly
2009-06-10 19:42:49 ----D---- C:\Windows\system32\catroot
2009-06-10 19:42:47 ----SHD---- C:\Boot
2009-06-10 18:06:01 ----D---- C:\Windows\PolicyDefinitions
2009-06-10 17:33:31 ----SHD---- C:\Windows\Installer
2009-06-10 17:33:14 ----A---- C:\Windows\win.ini
2009-06-10 17:29:44 ----D---- C:\Windows\Prefetch
2009-06-08 18:37:17 ----D---- C:\Users\Valkiri\AppData\Roaming\Vso
2009-06-08 18:36:46 ----RD---- C:\Program Files
2009-06-07 15:48:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-06 19:13:15 ----D---- C:\Program Files\Common Files\Apple
2009-06-01 21:20:15 ----HD---- C:\ProgramData
2009-06-01 18:51:12 ----A---- C:\Windows\system32\mrt.exe
2009-05-31 15:02:37 ----D---- C:\Windows\system32\Msdtc
2009-05-31 14:59:08 ----D---- C:\Windows\system32\config
2009-05-31 14:58:33 ----SD---- C:\Windows\Downloaded Program Files
2009-05-31 14:58:33 ----RD---- C:\Windows\Offline Web Pages
2009-05-14 18:18:44 ----D---- C:\Windows\Debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-06-01 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-06-01 96104]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-01 28376]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-06-01 55640]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
R3 bcm4sbxp;Pilote XP du contrôleur intégré Broadcom 440x 10/100; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
R3 Cam5607;Acer OrbiCam; C:\Windows\System32\Drivers\BisonC07.sys [2006-12-27 792368]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-10-25 62208]
R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2006-10-25 42240]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-10-25 76928]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-09 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-09 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 1473024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2005-12-16 6144]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-02-28 47360]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-09 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 catchme;catchme; \??\C:\Users\Valkiri\AppData\Local\Temp\catchme.sys []
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-04-21 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 1473024]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-01 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-01 185089]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2007-01-09 254014]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2007-01-09 114748]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2007-01-09 1073152]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-01-02 457512]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-28 49152]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 24576]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2006-12-12 57344]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-11-23 143360]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992]
S2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-06-01 194817]
S2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-06-01 432897]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2007-03-20 263168]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-10-06 33752]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-04-21 216232]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

[nardino]

Bonjour.
Reste une petite chose à faire.
J'ai fait une faute de frappe dans mon script et une valeur n'a donc pas été supprimée.
Tu recommences un nouveau script Combofix avec ce qui suit :

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"=-

Poste le nouveau rapport.
@+

[miroslav]

Bonjour Nardino,

Je t'envoie le nouveau rapport combofix avec la modif que tu ma demandé.
Par contre je n'arrive toujours pas à réactivé "Antivir mail guard" et les mises à jour de windows defender ne se font plus (cela date d'avant le petit beugh) il est actif mais obsolète. Que faut-il faire ? Merci et à bientôt.

ComboFix 09-06-09.06 - Valkiri 14/06/2009 13:47.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.1013.302 [GMT 2:00]
Lancé depuis: c:\users\Valkiri\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Valkiri\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-14 au 2009-06-14 ))))))))))))))))))))))))))))))))))))
.

2009-06-14 11:53 . 2009-06-14 11:53 -------- d-----w- c:\users\Valkiri\AppData\Local\temp
2009-06-14 11:53 . 2009-06-14 11:53 -------- d-----w- C:\temp
2009-06-14 11:53 . 2009-06-14 11:53 -------- d-----w- \temp
2009-06-14 11:44 . 2009-06-14 11:53 -------- d-s---w- \ComboFix
2009-06-10 18:21 . 2009-06-14 11:47 -------- d-----w- \Qoobox
2009-06-10 17:29 . 2009-06-10 17:31 -------- d-----w- c:\windows\system32\ca-ES
2009-06-10 17:29 . 2009-06-10 17:31 -------- d-----w- c:\windows\system32\eu-ES
2009-06-10 17:29 . 2009-06-10 17:30 -------- d-----w- c:\windows\system32\vi-VN
2009-06-10 16:49 . 2009-06-10 16:49 -------- d-----w- c:\windows\system32\EventProviders
2009-06-10 16:48 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-06-10 16:48 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2009-06-10 16:48 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2009-06-10 16:48 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2009-06-10 16:48 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2009-06-10 16:46 . 2009-04-11 06:32 180712 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2009-06-10 16:45 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-06-10 16:45 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-06-10 16:45 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-06-10 16:45 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-06-10 16:45 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-06-10 16:45 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-06-10 16:45 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-06-10 16:45 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-06-10 16:45 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-06-10 16:45 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-06-10 16:45 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-06-10 15:45 . 2009-05-09 05:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-06-10 15:45 . 2009-05-09 05:50 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-10 15:25 . 2009-04-21 11:39 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-06-10 15:24 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-06-10 15:24 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-08 16:36 . 2009-06-08 16:36 -------- d-----w- c:\program files\DVDFab 6
2009-06-06 17:13 . 2009-06-06 17:13 -------- d-----w- c:\program files\iPod
2009-06-06 17:13 . 2009-06-06 17:13 -------- d-----w- c:\program files\iTunes
2009-06-06 17:10 . 2009-06-06 17:11 -------- d-----w- c:\program files\QuickTime
2009-06-06 17:04 . 2009-06-06 17:04 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-06 08:33 . 2009-06-06 08:34 -------- d-----w- C:\rsit
2009-06-06 08:33 . 2009-06-06 08:34 -------- d-----w- \rsit
2009-06-01 19:31 . 2009-06-01 19:31 -------- d-----w- c:\users\Valkiri\AppData\Roaming\Avira
2009-06-01 19:20 . 2009-06-01 19:09 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-01 19:20 . 2009-06-01 19:09 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-01 19:20 . 2009-06-01 19:20 -------- d-----w- c:\programdata\Avira
2009-06-01 19:20 . 2009-06-01 19:20 -------- d-----w- c:\program files\Avira

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-14 11:40 . 2006-11-02 15:45 672182 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-14 11:40 . 2006-11-02 15:45 124770 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-14 11:33 . 2007-03-29 08:46 1377177600 --sha-w- \pagefile.sys
2009-06-12 04:13 . 2009-01-03 20:33 -------- d-----w- c:\program files\Trend Micro
2009-06-10 20:31 . 2009-01-27 14:34 -------- d-----w- c:\programdata\HP Product Assistant
2009-06-10 20:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-06-10 20:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-10 20:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-06-10 20:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-06-10 20:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-06-10 20:31 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-10 17:29 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-08 16:37 . 2008-02-28 17:17 -------- d-----w- c:\users\Valkiri\AppData\Roaming\Vso
2009-06-08 16:36 . 2008-02-28 17:17 47360 ----a-w- c:\users\Valkiri\AppData\Roaming\pcouffin.sys
2009-06-08 16:36 . 2008-02-28 17:17 47360 ----a-w- c:\users\Valkiri\AppData\Roaming\pcouffin.sys
2009-06-07 13:48 . 2009-01-04 19:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-07 13:47 . 2009-01-21 19:07 3371383 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-06 17:13 . 2008-11-17 20:24 -------- d-----w- c:\program files\Common Files\Apple
2009-05-31 11:27 . 2007-08-01 11:19 1356 ----a-w- c:\users\Valkiri\AppData\Local\d3d9caps.dat
2009-05-26 11:20 . 2009-01-04 19:59 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 11:19 . 2009-01-04 19:59 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-04-26 16:05 . 2009-04-26 16:05 -------- d-----w- c:\program files\ma-config.com
2009-04-26 16:05 . 2009-04-26 16:05 -------- d-----w- c:\programdata\ma-config.com
2009-04-18 16:05 . 2009-04-18 16:04 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-13 13:27 . 2007-06-20 13:23 78440 ----a-w- c:\users\Valkiri\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-11 06:33 . 2009-06-10 16:47 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33 . 2009-06-10 16:47 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33 . 2009-06-10 16:46 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33 . 2009-06-10 16:47 897000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-11 06:33 . 2009-06-10 16:47 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28 . 2009-06-10 16:47 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27 . 2009-06-10 16:47 441344 ----a-w- c:\windows\system32\SearchIndexer.exe
2009-04-11 06:22 . 2009-06-10 16:46 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 06:21 . 2009-06-10 16:46 37376 ----a-w- c:\windows\system32\cdd.dll
2009-04-11 05:42 . 2009-06-10 16:46 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 05:03 . 2009-06-10 16:47 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-04-11 04:57 . 2009-06-10 16:46 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-04-11 04:54 . 2009-06-10 16:46 2048 ----a-w- c:\windows\system32\mferror.dll
2009-04-11 04:51 . 2009-06-10 16:46 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2009-04-11 04:47 . 2009-06-10 16:46 273920 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-11 04:46 . 2009-06-10 16:46 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46 . 2009-06-10 16:46 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46 . 2009-06-10 16:46 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46 . 2009-06-10 16:46 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-11 04:46 . 2009-06-10 16:46 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2009-04-11 04:46 . 2009-06-10 16:46 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-04-11 04:45 . 2009-06-10 16:46 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2009-04-11 04:45 . 2009-06-10 16:46 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-11 04:45 . 2009-06-10 16:46 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2009-04-11 04:45 . 2009-06-10 16:46 401408 ----a-w- c:\windows\system32\drivers\http.sys
2009-04-11 04:45 . 2009-06-10 16:46 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-11 04:45 . 2009-06-10 16:46 66560 ----a-w- c:\windows\system32\drivers\smb.sys
2009-04-11 04:43 . 2009-06-10 16:46 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-11 04:43 . 2009-06-10 16:47 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-04-11 04:42 . 2009-06-10 16:46 226304 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-04-11 04:42 . 2009-06-10 16:46 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys
2009-04-11 04:42 . 2009-06-10 16:46 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys
2009-04-11 04:42 . 2009-06-10 16:46 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-04-11 04:42 . 2009-06-10 16:46 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-04-11 04:42 . 2009-06-10 16:46 12800 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-04-11 04:42 . 2009-06-10 16:46 39424 ----a-w- c:\windows\system32\drivers\hidclass.sys
2009-04-11 04:42 . 2009-06-10 16:46 52992 ----a-w- c:\windows\system32\drivers\stream.sys
2009-04-11 04:42 . 2009-06-10 16:47 561152 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-04-11 04:39 . 2009-06-10 16:46 16384 ----a-w- c:\windows\system32\iscsilog.dll
2009-04-11 04:39 . 2009-06-10 16:46 67072 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-04-11 04:39 . 2009-06-10 16:46 19456 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2009-04-11 04:38 . 2009-06-10 16:46 149504 ----a-w- c:\windows\system32\drivers\ks.sys
2009-04-11 04:38 . 2009-06-10 16:46 17408 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-04-11 04:27 . 2009-06-10 16:46 2560 ----a-w- c:\windows\system32\msimsg.dll
2009-04-11 04:23 . 2009-06-10 16:47 626176 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-04-11 04:23 . 2009-06-10 16:46 76288 ----a-w- c:\windows\system32\drivers\dxg.sys
2009-04-11 04:23 . 2009-06-10 16:46 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-04-11 04:22 . 2009-06-10 16:46 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys
2009-04-11 04:19 . 2009-06-10 16:46 89088 ----a-w- c:\windows\system32\drivers\sdbus.sys
2009-04-11 04:15 . 2009-06-10 16:46 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-04-11 04:15 . 2009-06-10 16:46 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-04-11 04:15 . 2009-06-10 16:46 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-04-11 04:14 . 2009-06-10 16:47 114688 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-04-11 04:14 . 2009-06-10 16:46 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-11 04:14 . 2009-06-10 16:47 225280 ----a-w- c:\windows\system32\drivers\rdbss.sys
2009-04-11 04:14 . 2009-06-10 16:46 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-04-11 04:14 . 2009-06-10 16:46 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-04-11 04:14 . 2009-06-10 16:46 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2009-04-11 04:14 . 2009-06-10 16:46 35328 ----a-w- c:\windows\system32\drivers\npfs.sys
2009-04-11 04:13 . 2009-06-10 16:46 226816 ----a-w- c:\windows\system32\drivers\udfs.sys
2009-04-11 04:13 . 2009-06-10 16:46 136704 ----a-w- c:\windows\system32\drivers\exfat.sys
2009-04-11 04:13 . 2009-06-10 16:46 142848 ----a-w- c:\windows\system32\drivers\fastfat.sys
2009-04-11 04:12 . 2009-06-10 16:46 617984 ----a-w- c:\windows\system32\adtschema.dll
2009-04-11 02:52 . 2009-06-10 16:47 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2009-04-11 01:59 . 2009-06-10 16:46 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-04-11 01:59 . 2009-06-10 16:47 107612 ----a-w- c:\windows\system32\StructuredQuerySchema.bin
2009-03-30 04:42 . 2009-06-10 16:47 278848 ----a-w- c:\windows\system32\mscoree.dll
2009-03-30 04:42 . 2009-06-10 16:46 93512 ----a-w- c:\windows\system32\dfshim.dll
2009-03-30 04:42 . 2009-06-10 16:46 80720 ----a-w- c:\windows\system32\mscories.dll
2009-03-30 04:42 . 2009-06-10 16:46 155456 ----a-w- c:\windows\system32\mscorier.dll
2009-03-19 14:32 . 2009-04-18 16:05 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-06-10_18.44.27 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-12-16 16:26 . 2009-06-14 11:37 85836 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2009-06-14 11:38 79294 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2007-06-20 13:33 . 2009-06-14 11:38 14640 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3468738831-1423991707-1326933092-1000_UserData.bin
+ 2007-06-20 19:12 . 2009-06-12 14:47 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-06-20 19:12 . 2009-06-10 18:12 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-06-20 19:12 . 2009-06-10 18:12 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-06-20 19:12 . 2009-06-12 14:47 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-06-20 19:12 . 2009-06-10 18:12 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-06-20 19:12 . 2009-06-12 14:47 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-12-26 21:25 . 2008-12-26 21:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-12-26 21:25 . 2009-06-11 17:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-12-26 21:25 . 2008-12-26 21:25 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-26 21:25 . 2009-06-11 17:26 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-26 21:25 . 2009-06-11 17:26 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-12-26 21:25 . 2008-12-26 21:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-07-20 09:16 . 2009-06-12 14:50 6346 c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2007-08-11 20:16 . 2009-06-10 18:44 1598 c:\windows\System32\WDI\{b171ab1c-60e9-4301-a338-beab1c70b3e9}.bin
+ 2007-08-11 20:16 . 2009-06-10 20:16 1598 c:\windows\System32\WDI\{b171ab1c-60e9-4301-a338-beab1c70b3e9}.bin
+ 2009-06-10 21:17 . 2009-06-10 21:17 9560 c:\windows\System32\networklist\icons\{0A7AA568-90B4-4432-A42A-FEDC3FFB36A6}_48.bin
+ 2009-06-10 21:17 . 2009-06-10 21:17 4280 c:\windows\System32\networklist\icons\{0A7AA568-90B4-4432-A42A-FEDC3FFB36A6}_32.bin
+ 2009-06-10 21:17 . 2009-06-10 21:17 2456 c:\windows\System32\networklist\icons\{0A7AA568-90B4-4432-A42A-FEDC3FFB36A6}_24.bin
- 2009-06-10 18:37 . 2009-06-10 18:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-06-14 11:34 . 2009-06-14 11:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-06-14 11:34 . 2009-06-14 11:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-06-10 18:37 . 2009-06-10 18:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2007-06-20 17:13 . 2009-06-12 14:30 326620 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 10:33 . 2009-06-14 11:40 589794 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-06-10 18:17 589794 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-06-10 18:17 102464 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-06-14 11:40 102464 c:\windows\System32\perfc009.dat
- 2009-05-10 17:27 . 2009-06-10 18:12 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-05-10 17:27 . 2009-06-12 14:47 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnhancedStorageShell]
@="{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}"
[HKEY_CLASSES_ROOT\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}]
2009-04-11 06:28 114176 ----a-w- c:\windows\System32\EhStorShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Acer Tour Reminder"="" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-11-06 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-11-06 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-11-06 81920]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2007-01-08 151552]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-08 614400]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-01-14 151552]
"SystrayORAHSS"="c:\program files\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 90112]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-06-01 209153]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-12-01 4186112]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-3 110592]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2005-12-16 528384]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"BindDirectlyToPropertySetStorage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\eNetHook.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):8d,c6,a5,e2,f2,e9,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A875084D-9588-4FA6-A49A-5D3D5CE7A572}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{05D0EF89-B0F4-441F-A985-F0029C8C2CD6}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{E1C59FC6-A461-449C-A3C0-798361DED2EB}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{255FF904-8291-48A0-879B-AD1EB2D00039}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{F8C3C3BA-E1EB-45B6-8E63-0C19009E0D74}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{DB0DD2ED-6CF3-44E1-8A9B-ABFDCA087AB6}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{11D5AB52-CBBE-4E77-BAD1-45AA57454758}"= c:\program files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{3DE3C4DC-A977-499B-8E95-A17671096070}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{150541F1-A37B-40F2-837E-FAD59856BA01}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{6407DE42-7EEC-4FC8-A580-38C57265A1FE}"= c:\program files\HP\Digital Imaging\bin\hpqcopy2.exe:hpqcopy2.exe
"{09005FEE-682A-492A-92DA-31C4FA15ED86}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{7FB62850-FE9E-4E85-96F1-59E2A5C7F9F5}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{9FC7776B-AB94-42F4-84B9-FDCEAEC01C5A}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"{8B424939-916C-45FD-94D9-541402C2BF7F}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{FA5ED930-1720-4601-BC3C-46B7E8E5AB94}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{6B47AB76-233E-49C9-A3B1-BA50B45D5C9A}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{036853EC-C3EF-437F-B1A4-6892654439B7}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{AB2D21A5-DCDE-45E9-8C7C-697D4256F480}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{0E23CB9D-D552-4827-9865-B8741F06313B}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{D303AD28-CCC9-404C-9367-621E1DA3FAC7}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{56AFAFAE-BF56-48DC-BA76-741BC4B2AD21}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [01/06/2009 21:20 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [01/06/2009 21:20 432897]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [01/06/2009 21:20 194817]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [30/11/2008 21:57 33752]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 216232]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [15/07/2007 11:16 28224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-06-12 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://fr.fr.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-14 13:53
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(1184)
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Heure de fin: 2009-06-14 13:54
ComboFix-quarantined-files.txt 2009-06-14 11:54
ComboFix2.txt 2009-06-11 23:25
ComboFix3.txt 2009-06-10 19:21

Avant-CF: 25 438 588 928 octets libres
Après-CF: 25 303 318 528 octets libres

321 --- E O F --- 2009-06-10 16:59

[nardino]

Bonjour,
Télécharge cette dll et tu la copies dans : C:\Program Files\Avira\AntiVir Desktop\
http://rapidshare.de/files/47533047/avsda.dll.html

@+

[miroslav]

Salut,

Désolé, mais je n'ai pas tout compris. Je clic sur le lien que tu ma donné et j'arrive sur une page d'acceuil, et la je clic où ??? Sur select download premium ou free ??? où ailleurs ?

Et une fois téléchargé le dll, je vais dans ordinateur, ensuite sur c:, ensuite programe, et là je fais un copier coller de ce que j'ai téléchargé sur le dossier Avira ? C'est bien celà ?

Merci. @+

[nardino]

Bonsoir.
Tu cliques sur Free.
Dans la page suivante tu tapes les trois caractères en respectant la casse dans la case adéquate et tu cliques sur Download.
Tu la vérifies avec l'antivirus avant toute chose.(Clique droit dessus et Contrôler les fichiers sélectionner avec Antivir)
Tu vas dans le dossier C:\Program Files\Avira\AntiVir Desktop\ et tu y copies la dll téléchargée.
Tout devrait être revenu dans l'ordre.
@+

[miroslav]

Salut,

J'ai du faire une fausse manip', ça marche pas. J'ai bien téléchargé le lien, mais pour le copier je crois que je me suis trompé. Je suis allé sur c: programmes, avira, et là j'ai copié coller dans le dossier avira, alors que je pense qu'il fallait aller dans le dossier antivir desktop, donc un clic plus loin !!! J'ai essayer de supprimer et de recommencer, mais visiblement ça ne fonctionne pas. Et je pense ne pas pouvoir t'envoyer ce qu'il y a dans le programmes Avira puisque ça pése 70MO. Que dois-je faire