Je suis infecter par win32/psw.lineage.dn/psw lineage que faire?

seiko_ForYou · Octobre 13, 2009, 6:06

Je suis infecter par win32/psw.lineage.dn/psw lineage que faire ?certain programme se bloque au lancement et on m indique la phrase du dessus alors que mon anti virus est a jour et ne trouve pas de menaces[kaspersky 2009] aidez moi svp

difisi · Octobre 13, 2009, 8:30

fais un essais d’esset en téléchargeant la version d’essai de 30 jour >ici<
c’est le meilleur que je connaisse, et qui est utilisé par les sociétés microsoft…
Edité le 13/10/2009 à 20:30

cricri58 · Octobre 13, 2009, 8:43

Salut

en respectant ce soft ==>Eset NOD32 ==>si ce que je crois qu a seiko ForYou sur son PC j ai bien peur que ton Eset n y peuves pas grand Chose et
t inquiétes ==>jeanmimigab vas s en occuper

seiko_ForYou · Octobre 13, 2009, 9:15

BONSOIR et merci de m avoir repondu !
Scan saved at 20:41:32, on 13/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\system32\conime.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM…\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM…\Run: [Google Quick Search Box] “C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe” /autorun
O4 - HKLM…\Run: [Skytel] Skytel.exe
O4 - HKLM…\Run: [UnlockerAssistant] “C:\Program Files\Unlocker\UnlockerAssistant.exe”
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [AVP] “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe”
O4 - HKCU…\Run: [swg] “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU…\Run: [uTorrent] “C:\Program Files\uTorrent\uTorrent.exe”
O4 - HKUS\S-1-5-19…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE RÉSEAU’)
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O13 - Gopher Prefix:
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - download.eset.com…
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - acs.pandasoftware.com…
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - platformdl.adobe.com…
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

–
End of file - 4945 bytes

riri38 · Octobre 13, 2009, 9:17

Salut Cricri58 : comment sa tu abandonne un sujet de virus

cricri58 · Octobre 13, 2009, 9:24

Je n abondonne pas un Sujet

jeanmimigab étant le premier et

je te présente ==>jeanmimigab un t- bon Helpeur nouveau sur Clubic depuis quelques temps

et retiens son nom ,tu verras :super:

cricri58:hello:

seiko_ForYou · Octobre 13, 2009, 9:26

bonsoir j ai utiliser malware bytes en mode sans echec pour un scan,mais riendu tout…j espere que vous pourrez m aider

riri38 · Octobre 13, 2009, 9:33

cool alors un autre désinfecteur

seiko_ForYou · Octobre 13, 2009, 10:40

me voila de retour avec combot fix
Microsoft® Windows Vista Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.3070.2224 [GMT 2:00]
Lancé depuis: c:\users\gauthier\Desktop\seiko.exe
SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:$recycle.bin\S-1-5-21-2365545147-1999384947-2466353664-500
c:\users\gauthier\AppData\Roaming\Desktopicon
c:\windows\is-ADNJ8.exe
c:\windows\system32\404Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-13 au 2009-10-13 ))))))))))))))))))))))))))))))))))))
.

2009-10-13 18:41 . 2009-10-13 18:41 -------- d-----w- c:\program files\Trend Micro
2009-10-13 14:52 . 2009-10-13 14:52 87552 ----a-w- c:\users\gauthier\AppData\Local\mbr_rest.exe
2009-10-13 14:52 . 2009-10-13 14:52 87552 ----a-w- c:\users\gauthier\AppData\Local\mbr_inst.exe
2009-10-13 14:01 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-10-13 14:01 . 2009-10-13 14:01 -------- d-----w- c:\program files\Panda Security
2009-10-13 09:49 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-13 09:05 . 2009-10-13 09:49 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2009-10-13 09:05 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-13 08:33 . 2005-05-26 18:00 403968 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2009-10-13 08:33 . 2005-06-01 18:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-10-13 08:33 . 2005-06-01 18:11 877568 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2009-10-13 08:33 . 2003-03-19 17:03 544768 ----a-w- c:\windows\system32\msvcr71d.dll
2009-10-13 08:33 . 2009-10-13 08:33 -------- d-----w- c:\program files\Magic Audio Converter
2009-10-12 17:18 . 2009-10-12 17:18 -------- d-----w- c:\programdata\2019D
2009-10-11 10:45 . 2009-10-11 10:45 -------- d-----w- c:\users\gauthier\AppData\Roaming\GlarySoft
2009-10-11 10:26 . 2009-10-12 07:45 -------- d-----w- c:\program files\Glary Utilities
2009-10-10 10:59 . 2009-10-10 10:59 -------- d-----w- c:\programdata\Sunbelt
2009-10-10 05:55 . 2009-10-10 05:55 -------- d-----w- c:\program files\Vodei
2009-10-07 19:09 . 2009-10-08 19:12 -------- dc----w- c:\windows\system32\DRVSTORE
2009-10-02 17:14 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-09-25 20:44 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll
2009-09-25 19:59 . 2009-09-25 19:59 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-09-25 19:59 . 2009-09-25 19:59 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-09-25 19:59 . 2009-07-15 09:48 17224 ----a-w- c:\windows\system32\authuitu.dll
2009-09-25 19:59 . 2009-07-15 09:48 29000 ----a-w- c:\windows\system32\uxtuneup.dll
2009-09-25 19:55 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-25 19:55 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-25 19:48 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-25 19:48 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-25 19:48 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-25 19:48 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-25 19:48 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-25 19:48 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-25 19:48 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-25 19:48 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-25 19:48 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-25 19:48 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-09-25 19:48 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-25 19:46 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-25 19:46 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-25 19:46 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-25 19:46 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-25 19:46 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-25 19:46 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-13 20:20 . 2006-11-02 15:45 669328 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-13 20:20 . 2006-11-02 15:45 123350 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-13 20:18 . 2009-07-28 19:49 -------- d-----w- c:\users\gauthier\AppData\Roaming\uTorrent
2009-10-13 20:14 . 2009-07-29 15:16 -------- d-----w- c:\programdata\Kaspersky Lab
2009-10-13 20:13 . 2009-07-29 15:16 663584 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-13 20:13 . 2009-07-29 15:16 4396 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-13 20:13 . 2009-07-29 15:16 2956832 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-13 20:13 . 2009-07-29 15:16 25228 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-13 11:18 . 2009-08-14 08:35 691 ----a-w- c:\users\gauthier\AppData\Roaming\GetValue.vbs
2009-10-13 11:18 . 2009-08-14 08:35 35 ----a-w- c:\users\gauthier\AppData\Roaming\SetValue.bat
2009-10-12 12:43 . 2009-08-03 19:42 -------- d-----w- c:\program files\Unlocker
2009-10-12 12:43 . 2009-07-28 20:29 -------- d-----w- c:\users\gauthier\AppData\Roaming\vlc
2009-10-12 11:25 . 2009-07-29 15:08 -------- d-----w- c:\users\gauthier\AppData\Roaming\Softplicity
2009-10-12 06:32 . 2009-07-28 19:42 -------- d-----w- c:\programdata\NVIDIA
2009-10-11 17:33 . 2009-07-29 20:21 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-10-11 11:11 . 2009-07-29 15:13 -------- d-----w- c:\program files\DAMN NFO Viewer
2009-10-08 16:15 . 2009-07-28 22:02 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-07 19:10 . 2009-07-28 14:52 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-09-25 20:45 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-25 18:28 . 2009-07-29 15:16 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-09-25 18:28 . 2009-07-29 15:16 107547 ----a-w- c:\windows\system32\drivers\klin.dat
2009-09-22 18:19 . 2009-08-14 09:28 -------- d-----w- c:\users\gauthier\AppData\Roaming\dvdcss
2009-08-28 09:30 . 2009-07-29 20:19 -------- d-----w- c:\programdata\DVD Shrink
2009-08-03 19:32 . 2009-08-03 19:32 687104 ----a-w- c:\windows\is-EDA9J.exe
2009-08-03 18:36 . 2009-08-03 18:36 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-08-01 10:11 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-08-01 10:11 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-07-30 17:35 . 2009-07-28 14:47 52776 ----a-w- c:\users\gauthier\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-29 15:37 . 2008-01-29 16:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-07-28 21:25 . 2009-07-28 21:25 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-07-28 21:25 . 2009-07-28 21:25 272896 ----a-w- c:\windows\system32\polstore.dll
2009-07-28 21:20 . 2009-07-28 21:20 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-07-28 21:19 . 2009-07-28 21:19 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-28 21:19 . 2009-07-28 21:19 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-28 21:19 . 2009-07-28 21:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-07-28 21:19 . 2009-07-28 21:19 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-28 21:19 . 2009-07-28 21:19 23552 ----a-w- c:\windows\system32\lpk.dll
2009-07-28 21:19 . 2009-07-28 21:19 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-28 21:08 . 2009-07-28 21:08 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-07-28 21:01 . 2009-07-28 21:01 623616 ----a-w- c:\windows\system32\localspl.dll
2009-07-28 20:52 . 2009-07-28 20:52 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-07-28 20:43 . 2009-07-28 20:43 37888 ----a-w- c:\windows\system32\printcom.dll
2009-07-28 20:42 . 2009-07-28 20:42 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-07-28 20:32 . 2009-07-28 20:32 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-07-28 20:29 . 2009-07-28 20:29 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-07-28 20:28 . 2009-07-28 20:28 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-07-28 20:27 . 2009-07-28 20:27 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-07-28 20:05 . 2009-07-28 20:05 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-07-28 20:05 . 2009-07-28 20:05 43544 ----a-w- c:\windows\system32\wups2.dll
2009-07-28 20:05 . 2009-07-28 20:05 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-07-28 20:05 . 2009-07-28 20:05 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-07-28 20:05 . 2009-07-28 20:05 83456 ----a-w- c:\windows\system32\wudriver.dll
2009-07-28 20:05 . 2009-07-28 20:05 561688 ----a-w- c:\windows\system32\wuapi.dll
2009-07-28 20:05 . 2009-07-28 20:05 34328 ----a-w- c:\windows\system32\wups.dll
2009-07-28 20:05 . 2009-07-28 20:05 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-07-28 20:05 . 2009-07-28 20:05 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-07-28 19:36 . 2009-07-28 14:47 680 ----a-w- c:\users\gauthier\AppData\Local\d3d9caps.dat
2009-07-28 14:52 . 2009-07-28 14:52 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-07-28 14:52 . 2009-07-28 14:52 315392 ----a-w- c:\windows\HideWin.exe
2009-07-21 21:52 . 2009-08-01 09:38 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-08-01 09:38 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-08-01 09:38 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-08-01 09:38 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-12 05:55 71680 ----a-w- c:\windows\system32\atl.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2009-07-29 39408]
“uTorrent”=“c:\program files\uTorrent\uTorrent.exe” [2009-08-11 274224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Windows Defender”=“c:\program files\Windows Defender\MSASCui.exe” [2008-01-19 1008184]
“NVRaidService”=“c:\windows\system32\nvraidservice.exe” [2008-11-12 203296]
“Google Quick Search Box”=“c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe” [2009-07-29 122368]
“UnlockerAssistant”=“c:\program files\Unlocker\UnlockerAssistant.exe” [2008-05-02 15872]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2009-03-27 13687328]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2009-03-27 92704]
“AVP”=“c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe” [2009-07-29 208616]
“RtHDVCpl”=“RtHDVCpl.exe” - c:\windows\RtHDVCpl.exe [2008-03-26 5369856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“EnableUIADesktopToggle”= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r ??\L:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@=“Service”

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
“BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe”

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
“NBKeyScan”=“c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe”
“NeroFilterCheck”=c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
“UpdatesDisableNotify”=“0x00000000”

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
“FirewallOverride”=dword:00000001
“VistaSp2”=hex(b):44,80,42,13,be,14,ca,01

[HKLM~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
“{9832D154-5445-41C0-BDA3-431397305320}”= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
“{C92D6446-3FEF-4AD5-95E2-BD11762B9BEC}”= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

[HKLM~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
“EnableFirewall”= 0 (0x0)

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/2008 18:29 33808]
R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [13/10/2009 16:01 28544]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [09/07/2008 17:28 20496]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [25/09/2009 21:59 604488]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [26/06/2009 22:55 66080]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
“c:\windows\System32\rundll32.exe” “c:\windows\System32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP
.
Contenu du dossier ‘Tâches planifiées’

2009-10-13 c:\windows\Tasks\GlaryInitialize.job

c:\program files\Glary Utilities\initialize.exe [2009-10-11 17:27]

2009-10-13 c:\windows\Tasks\Maintenance en 1 clic.job

c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 09:00]

2009-10-13 c:\windows\Tasks\User_Feed_Synchronization-{4D3A81A7-DADD-4A40-8576-479C1871638B}.job

c:\windows\system32\msfeedssync.exe [2009-08-01 20:13]
.
.
------- Examen supplémentaire -------
.
uStart Page = www.google.fr…
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - download.eset.com…
.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-10-13 22:21
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

c:\windows\TEMP\TMP0000005C2C10734040087C8C 524288 bytes executable

Scan terminé avec succès
Fichiers cachés: 1

.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker3”

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
“Version”=“1.0”
.
Heure de fin: 2009-10-13 22:22
ComboFix-quarantined-files.txt 2009-10-13 20:22

Avant-CF: 270 025 396 224 octets libres
Après-CF: 270 048 280 576 octets libres

229 — E O F — 2009-10-13 08:20
e…que dois je faire maitenant ?
Edité le 13/10/2009 à 22:58

seiko_ForYou · Octobre 14, 2009, 6:14

bonjour, j ai suivi les instructiComboFix 09-10-13.04 - gauthier 14/10/2009 17:59.2.4 - NTFSx86
Microsoft® Windows Vista Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.3070.2027 [GMT 2:00]
Lancé depuis: c:\users\gauthier\Desktop\seiko.exe
Commutateurs utilisés :: c:\users\gauthier\Desktop\CFScript.txt
SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
“c:\windows\is-EDA9J.exe”
“c:\windows\TEMP\TMP0000005C2C10734040087C8C”
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\is-EDA9J.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-14 au 2009-10-14 ))))))))))))))))))))))))))))))))))))
.

2009-10-14 16:03 . 2009-10-14 16:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-10-14 16:03 . 2009-10-14 16:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-13 20:16 . 2009-10-13 20:22 -------- d-----w- C:\seiko
2009-10-13 18:41 . 2009-10-13 18:41 -------- d-----w- c:\program files\Trend Micro
2009-10-13 14:52 . 2009-10-13 14:52 87552 ----a-w- c:\users\gauthier\AppData\Local\mbr_rest.exe
2009-10-13 14:52 . 2009-10-13 14:52 87552 ----a-w- c:\users\gauthier\AppData\Local\mbr_inst.exe
2009-10-13 14:01 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-10-13 14:01 . 2009-10-13 14:01 -------- d-----w- c:\program files\Panda Security
2009-10-13 09:49 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-13 09:05 . 2009-10-13 09:49 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2009-10-13 09:05 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-13 08:33 . 2005-05-26 18:00 403968 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2009-10-13 08:33 . 2005-06-01 18:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-10-13 08:33 . 2005-06-01 18:11 877568 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2009-10-13 08:33 . 2003-03-19 17:03 544768 ----a-w- c:\windows\system32\msvcr71d.dll
2009-10-13 08:33 . 2009-10-13 08:33 -------- d-----w- c:\program files\Magic Audio Converter
2009-10-12 17:18 . 2009-10-12 17:18 -------- d-----w- c:\programdata\2019D
2009-10-11 10:45 . 2009-10-11 10:45 -------- d-----w- c:\users\gauthier\AppData\Roaming\GlarySoft
2009-10-11 10:26 . 2009-10-12 07:45 -------- d-----w- c:\program files\Glary Utilities
2009-10-10 10:59 . 2009-10-10 10:59 -------- d-----w- c:\programdata\Sunbelt
2009-10-10 05:55 . 2009-10-10 05:55 -------- d-----w- c:\program files\Vodei
2009-10-07 19:09 . 2009-10-08 19:12 -------- dc----w- c:\windows\system32\DRVSTORE
2009-10-02 17:14 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-09-25 20:44 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll
2009-09-25 19:59 . 2009-09-25 19:59 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-09-25 19:59 . 2009-09-25 19:59 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-09-25 19:59 . 2009-07-15 09:48 17224 ----a-w- c:\windows\system32\authuitu.dll
2009-09-25 19:59 . 2009-07-15 09:48 29000 ----a-w- c:\windows\system32\uxtuneup.dll
2009-09-25 19:55 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-25 19:55 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-25 19:48 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-25 19:48 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-25 19:48 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-25 19:48 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-25 19:48 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-25 19:48 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-25 19:48 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-25 19:48 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-25 19:48 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-25 19:48 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-09-25 19:48 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-25 19:46 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-25 19:46 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-25 19:46 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-25 19:46 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-25 19:46 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-25 19:46 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-14 15:49 . 2006-11-02 15:45 669328 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-14 15:49 . 2006-11-02 15:45 123350 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-14 15:45 . 2009-07-28 19:49 -------- d-----w- c:\users\gauthier\AppData\Roaming\uTorrent
2009-10-14 15:44 . 2009-07-29 15:16 -------- d-----w- c:\programdata\Kaspersky Lab
2009-10-14 15:43 . 2009-07-29 15:16 663584 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-14 15:43 . 2009-07-29 15:16 4396 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-14 15:43 . 2009-07-29 15:16 2956832 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-14 15:43 . 2009-07-29 15:16 25228 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-14 15:43 . 2009-07-29 15:16 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-14 15:43 . 2009-07-29 15:16 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-13 11:18 . 2009-08-14 08:35 691 ----a-w- c:\users\gauthier\AppData\Roaming\GetValue.vbs
2009-10-13 11:18 . 2009-08-14 08:35 35 ----a-w- c:\users\gauthier\AppData\Roaming\SetValue.bat
2009-10-12 12:43 . 2009-08-03 19:42 -------- d-----w- c:\program files\Unlocker
2009-10-12 12:43 . 2009-07-28 20:29 -------- d-----w- c:\users\gauthier\AppData\Roaming\vlc
2009-10-12 11:25 . 2009-07-29 15:08 -------- d-----w- c:\users\gauthier\AppData\Roaming\Softplicity
2009-10-12 06:32 . 2009-07-28 19:42 -------- d-----w- c:\programdata\NVIDIA
2009-10-11 17:33 . 2009-07-29 20:21 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-10-11 11:11 . 2009-07-29 15:13 -------- d-----w- c:\program files\DAMN NFO Viewer
2009-10-08 16:15 . 2009-07-28 22:02 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-07 19:10 . 2009-07-28 14:52 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-09-25 20:45 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-22 18:19 . 2009-08-14 09:28 -------- d-----w- c:\users\gauthier\AppData\Roaming\dvdcss
2009-08-28 09:30 . 2009-07-29 20:19 -------- d-----w- c:\programdata\DVD Shrink
2009-08-03 18:36 . 2009-08-03 18:36 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-08-01 10:11 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-08-01 10:11 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-07-30 17:35 . 2009-07-28 14:47 52776 ----a-w- c:\users\gauthier\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-29 15:37 . 2008-01-29 16:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-07-28 21:25 . 2009-07-28 21:25 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-07-28 21:25 . 2009-07-28 21:25 272896 ----a-w- c:\windows\system32\polstore.dll
2009-07-28 21:20 . 2009-07-28 21:20 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-07-28 21:19 . 2009-07-28 21:19 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-28 21:19 . 2009-07-28 21:19 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-28 21:19 . 2009-07-28 21:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-07-28 21:19 . 2009-07-28 21:19 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-28 21:19 . 2009-07-28 21:19 23552 ----a-w- c:\windows\system32\lpk.dll
2009-07-28 21:19 . 2009-07-28 21:19 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-28 21:08 . 2009-07-28 21:08 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-07-28 21:01 . 2009-07-28 21:01 623616 ----a-w- c:\windows\system32\localspl.dll
2009-07-28 20:52 . 2009-07-28 20:52 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-07-28 20:43 . 2009-07-28 20:43 37888 ----a-w- c:\windows\system32\printcom.dll
2009-07-28 20:42 . 2009-07-28 20:42 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-07-28 20:32 . 2009-07-28 20:32 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-07-28 20:29 . 2009-07-28 20:29 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-07-28 20:28 . 2009-07-28 20:28 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-07-28 20:27 . 2009-07-28 20:27 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-07-28 20:05 . 2009-07-28 20:05 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-07-28 20:05 . 2009-07-28 20:05 43544 ----a-w- c:\windows\system32\wups2.dll
2009-07-28 20:05 . 2009-07-28 20:05 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-07-28 20:05 . 2009-07-28 20:05 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-07-28 20:05 . 2009-07-28 20:05 83456 ----a-w- c:\windows\system32\wudriver.dll
2009-07-28 20:05 . 2009-07-28 20:05 561688 ----a-w- c:\windows\system32\wuapi.dll
2009-07-28 20:05 . 2009-07-28 20:05 34328 ----a-w- c:\windows\system32\wups.dll
2009-07-28 20:05 . 2009-07-28 20:05 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-07-28 20:05 . 2009-07-28 20:05 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-07-28 19:36 . 2009-07-28 14:47 680 ----a-w- c:\users\gauthier\AppData\Local\d3d9caps.dat
2009-07-28 14:52 . 2009-07-28 14:52 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-07-28 14:52 . 2009-07-28 14:52 315392 ----a-w- c:\windows\HideWin.exe
2009-07-21 21:52 . 2009-08-01 09:38 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-08-01 09:38 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-08-01 09:38 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-08-01 09:38 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-12 05:55 71680 ----a-w- c:\windows\system32\atl.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\2019D ----

2009-10-12 17:18 . 2009-07-07 14:19 2329 ----a-w- c:\programdata\2019D{BC8AE07E-5F63-4B48-A1C2-EBDA7C304EDD}.swf

((((((((((((((((((((((((((((( SnapShot@2009-10-13_20.21.32 )))))))))))))))))))))))))))))))))))))))))
.

2009-07-28 14:57 . 2009-10-14 15:46 28994 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
2006-11-02 13:02 . 2009-10-14 15:46 52890 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

2009-07-28 14:44 . 2009-10-13 20:15 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

2009-07-28 14:44 . 2009-10-14 15:55 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

2009-07-28 14:44 . 2009-10-13 20:15 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

2009-07-28 14:44 . 2009-10-14 15:55 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

2009-07-28 14:44 . 2009-10-13 20:15 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

2009-07-28 14:44 . 2009-10-14 15:55 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2009-08-01 09:54 . 2009-10-13 20:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

2009-08-01 09:54 . 2009-10-12 13:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2009-08-01 09:54 . 2009-10-12 13:39 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

2009-08-01 09:54 . 2009-10-13 20:23 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2009-08-01 09:54 . 2009-10-13 20:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

2009-08-01 09:54 . 2009-10-12 13:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

2009-07-28 14:49 . 2009-10-14 15:46 5524 c:\windows\System32\WDI{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3883846523-1448754031-3493128317-1000_UserData.bin

2009-10-13 20:14 . 2009-10-13 20:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

2009-10-14 15:44 . 2009-10-14 15:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

2009-10-13 20:14 . 2009-10-13 20:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

2009-10-14 15:44 . 2009-10-14 15:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
2009-08-13 05:22 . 2009-06-15 21:17 439880 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\ksecdd.sys
2009-08-13 05:22 . 2009-06-15 18:40 439880 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\ksecdd.sys
2009-08-13 05:22 . 2009-06-15 23:20 408136 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\ksecdd.sys

2006-11-02 10:33 . 2009-10-13 20:20 586980 c:\windows\System32\perfh009.dat

2006-11-02 10:33 . 2009-10-14 15:49 586980 c:\windows\System32\perfh009.dat

2006-11-02 10:33 . 2009-10-13 20:20 101052 c:\windows\System32\perfc009.dat

2006-11-02 10:33 . 2009-10-14 15:49 101052 c:\windows\System32\perfc009.dat

2006-11-02 10:22 . 2009-10-07 19:10 5505024 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT

2006-11-02 10:22 . 2009-10-14 15:49 5505024 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
2009-10-14 15:58 . 2009-10-14 15:58 5496832 c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT
2009-08-01 09:22 . 2009-10-14 15:53 153316302 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4