Problème de vidéo

C’est bon sa marche je remets mes extension.

T’est sur que maintenant je suis plus infecter ?

Merci pour ton aide.

Je suis réinfecter.


Les fichiers sont revenue.

Hello

Les fichiers : is-28GNU

Le bug de mémoire commence chez Firefox.

Je crois savoir d’où sa viens.
J’ai bloquer les fichier qui sont dans : C:\Windows avec Comodo Défense++.
Edité le 09/12/2009 à 20:24

Help !!!

Je fais sa ! Sa sert à quoi le log ?

Voici le rapport,mais il y a eu une erreur :

ROOTREPEAL © AD, 2007-2009

Scan Start Time: 2009/12/11 18:32
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2

Drivers

Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x93A6B000 Size: 815104 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xB1659000 Size: 49152 File Visible: No Signed: -
Status: -

Processes

Path: System
PID: 4 Status: Locked to the Windows API!

Path: C:\Windows\System32\audiodg.exe
PID: 1424 Status: Locked to the Windows API!

SSDT

#: 012 Function Name: NtAdjustPrivilegesToken
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb6f80

#: 021 Function Name: NtAlpcConnectPort
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb7f4e

#: 022 Function Name: NtAlpcCreatePort
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb7166

#: 048 Function Name: NtClose
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e847160

#: 054 Function Name: NtConnectPort
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb63ec

#: 060 Function Name: NtCreateFile
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e846868

#: 064 Function Name: NtCreateKey
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e843320

#: 071 Function Name: NtCreatePort
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb62ce

#: 072 Function Name: NtCreateProcess
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e845e90

#: 073 Function Name: NtCreateProcessEx
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e845d9c

#: 075 Function Name: NtCreateSection
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb6a74

#: 077 Function Name: NtCreateSymbolicLinkObject
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb7c08

#: 078 Function Name: NtCreateThread
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e8463fc

#: 122 Function Name: NtDeleteFile
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e847210

#: 123 Function Name: NtDeleteKey
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e843786

#: 126 Function Name: NtDeleteValueKey
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e843846

#: 129 Function Name: NtDuplicateObject
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb5cc6

#: 165 Function Name: NtLoadDriver
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb788a

#: 174 Function Name: NtMakeTemporaryObject
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb6670

#: 186 Function Name: NtOpenFile
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e846b54

#: 189 Function Name: NtOpenKey
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e8435ca

#: 194 Function Name: NtOpenProcess
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb59f6

#: 197 Function Name: NtOpenSection
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb6900

#: 201 Function Name: NtOpenThread
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb5b6e

#: 276 Function Name: NtRequestWaitReplyPort
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb83b8

#: 282 Function Name: NtResumeThread
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e8464ec

#: 286 Function Name: NtSecureConnectPort
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb7626

#: 301 Function Name: NtSetInformationFile
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e846e8c

#: 317 Function Name: NtSetSystemInformation
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb7a38

#: 324 Function Name: NtSetValueKey
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e8439bc

#: 326 Function Name: NtShutdownSystem
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb660a

#: 332 Function Name: NtSystemDebugControl
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb67f4

#: 334 Function Name: NtTerminateProcess
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb6198

#: 335 Function Name: NtTerminateThread
Status: Hooked by “C:\Windows\System32\DRIVERS\cmdguard.sys” at address 0x88bb6066

#: 355 Function Name: NtWriteFile
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e846de0

#: 382 Function Name: NtCreateThreadEx
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e84648e

#: 383 Function Name: NtCreateUserProcess
Status: Hooked by “C:\Windows\system32\drivers\SbFw.sys” at address 0x8e845f82

==EOF==

Ces des fichiers.Je fais sa.Il y a 3 fichiers.


Voilà sur les 3 fichier le problème :

[Photo supprimée]

Non
Edité le 12/12/2009 à 19:31

:kaola:

Ok je fais sa !

Ton lien ne marche pas !!

Ok et je vide la corbeille ? Edit : je les ait bloquer avec Comodo

Oui j’ai réussi.


:clap:

Toujours pas dispo Combofix !!:frown::o(:confused:

Toujours pas dispo !! :ouch::etonne2::etonne::/:-(::o(:frown::frown::frown::frown::frown::frown::frown::frown::frown::frown::frown::frown::frown::frown::frown::frown::frown::grrr::grrr::grrr::grrr::grrr::grrr::grrr::grrr::grrr::peur::peur::peur::peur::peur::peur::peur::peur:

C’est bon il remarche.Je le fais cette après-midi normalement.

Voici le rapport :

ComboFix 09-12-21.04 - Brigitte 22/12/2009 13:07:19.7.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2037.920 [GMT 1:00]
Lancé depuis: c:\users\Brigitte\Desktop\poisson.exe
SP: SUPERAntiSpyware disabled (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-11-22 au 2009-12-22 ))))))))))))))))))))))))))))))))))))
.

2009-12-22 12:20 . 2009-12-22 12:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-22 10:45 . 2009-12-22 10:45 -------- d-----w- c:\program files\SuperCopier2
2009-12-20 15:40 . 2009-12-16 20:22 311296 ----a-w- c:\windows\system32\TubeFinder.exe
2009-12-20 15:40 . 2009-06-19 17:51 9728 ----a-w- c:\windows\system32\PCCLPFR.DLL
2009-12-20 15:39 . 2009-12-20 15:45 -------- d-----w- c:\users\Brigitte\AppData\Roaming\FreeFLVConverter
2009-12-20 15:39 . 2009-12-20 15:40 -------- d-----w- c:\program files\Free FLV Converter
2009-12-19 19:55 . 2009-12-19 19:55 -------- d-----w- c:\program files\VS Revo Group
2009-12-19 16:17 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-19 16:17 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-19 16:17 . 2009-12-19 16:17 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2009-12-19 13:49 . 2009-12-19 13:49 -------- d-----w- c:\users\Brigitte\AppData\Local\VS Revo Group
2009-12-19 10:32 . 2009-12-22 09:54 52224 ----a-w- c:\users\Brigitte\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-19 10:30 . 2009-12-19 10:30 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-12-19 10:30 . 2009-12-19 10:30 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-18 12:26 . 2009-12-18 12:26 98304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy{86AC1ECB-A37F-CB2F-1F9A-F8F2B7D9A210}-nssdbm3.dll
2009-12-18 12:26 . 2009-12-18 12:26 266240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy{03C205AA-D25F-18CF-2008-2FE6DDC2251F}-GrabXpcom.dll
2009-12-18 12:26 . 2009-12-18 12:26 249856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy{356A0E9D-C2C7-EEA0-8EDB-3478DE25A333}-freebl3.dll
2009-12-18 12:26 . 2009-12-18 12:26 155648 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy{E1E8AF74-2F36-6FEF-F946-426066718935}-softokn3.dll
2009-12-18 12:25 . 2009-12-20 08:14 -------- d–h--w- c:\windows\PIF
2009-12-18 12:12 . 2009-12-18 12:12 98304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy{6D97A77D-987C-2397-8518-03ED386DE213}-nssdbm3.dll
2009-12-18 12:12 . 2009-12-18 12:12 266240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy{A660F9F0-E572-FF98-A5E6-F4B325FDE81C}-GrabXpcom.dll
2009-12-18 12:12 . 2009-12-18 12:12 249856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy{C512E0D2-F04F-1F75-0E55-EE57BFA0B5EE}-freebl3.dll
2009-12-18 12:12 . 2009-12-18 12:12 155648 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy{53BDCC77-6D9E-56F0-5554-82732816396A}-softokn3.dll
2009-12-14 19:55 . 2009-12-19 12:56 -------- d-----w- c:\programdata\Comodo
2009-12-14 19:55 . 2009-12-14 19:55 74328 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-12-14 19:55 . 2009-12-14 19:55 29520 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-12-14 19:55 . 2009-12-14 19:55 171552 ----a-w- c:\windows\system32\guard32.dll
2009-12-14 19:55 . 2009-12-14 19:55 128376 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-12-14 19:51 . 2009-12-14 19:51 -------- d-----w- c:\program files\Microsoft Security Essentials
2009-12-14 18:40 . 2009-12-14 18:40 -------- d-----w- c:\users\Brigitte\Kaspersky Internet Security 2010 with genuine serial 165 Days
2009-12-14 18:34 . 2009-12-14 20:01 -------- d-----w- c:\programdata\Kaspersky Lab
2009-12-13 10:24 . 2009-12-13 10:24 653576 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-12 08:39 . 2009-12-12 08:39 -------- d–h--w- c:\users\Brigitte\AppData\Local\acer eNM
2009-12-11 19:17 . 2009-12-11 19:21 -------- d-----w- c:\users\Brigitte\AppData\Roaming\GPGshell
2009-12-11 19:15 . 2002-07-24 12:00 1355776 ----a-w- c:\windows\system32\Msvbvm50.dll
2009-12-11 19:15 . 2009-12-11 19:16 -------- d-----w- c:\program files\GPGshell
2009-12-11 18:07 . 2009-12-11 18:07 -------- d-----w- c:\program files\Common Files\Skype
2009-12-11 18:07 . 2009-12-11 18:07 -------- d-----r- c:\program files\Skype
2009-12-09 18:21 . 2009-12-09 18:21 -------- d-----r- C:\Sandbox
2009-12-09 18:18 . 2009-12-09 18:18 -------- d-----w- c:\program files\Sandboxie
2009-12-09 12:11 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-09 12:11 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-09 12:11 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 12:02 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-08 12:09 . 2009-12-08 12:09 -------- d-----w- c:\program files\QS
2009-12-08 12:06 . 2009-12-08 12:06 -------- d-----w- c:\users\Brigitte\AppData\Roaming\TeamViewer
2009-12-08 12:06 . 2009-12-15 18:48 -------- d-----w- c:\users\Brigitte\temp
2009-12-06 12:27 . 2009-12-06 12:27 107008 ----a-w- c:\users\Brigitte\AppData\Roaming\MessengerDiscovery 2\Plugins\JcheckMDUpdate.dll
2009-12-06 12:13 . 2009-07-22 13:07 77824 ----a-w- c:\users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\f7thy391.default\extensions\lazarus@interclue.com\platform\WINNT_x86-msvc\components\WeaveCrypto.dll
2009-12-06 12:13 . 2009-11-08 13:46 86016 ----a-w- c:\users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\f7thy391.default\extensions\firegpg@firegpg.team\platform\WINNT_x86-msvc\components\ipc.dll
2009-12-06 12:13 . 2009-10-05 11:34 796400 ----a-w- c:\users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\f7thy391.default\extensions\keyscrambler@qfx.software.corporation\components\KeyScramblerIE.dll
2009-12-06 10:12 . 2009-12-06 10:12 -------- d-----w- c:\users\Brigitte\AppData\Local\Mozilla
2009-12-06 09:35 . 2009-12-20 14:47 -------- d-----w- c:\users\Brigitte\Nettoyage registre CCleaner
2009-12-05 20:09 . 2009-12-22 12:21 -------- d-----w- c:\users\Brigitte\AppData\Local\temp
2009-12-05 12:29 . 2009-12-05 12:33 -------- d-----w- c:\program files\TubeMaster++
2009-12-05 08:52 . 2009-12-05 08:58 -------- d-----w- c:\users\Brigitte\SecurityScans
2009-12-02 18:22 . 2009-12-19 10:20 -------- d-----w- c:\users\Brigitte\AppData\Roaming\VMware
2009-12-02 17:46 . 2009-12-02 17:46 909320 ----a-w- c:\programdata\VMware\VMware Workstation\Uninstaller\uninstall.exe
2009-12-02 17:46 . 2009-12-02 17:33 703024 ----a-w- c:\programdata\VMware\VMware Workstation\Uninstaller\vnetlib.exe
2009-12-02 17:46 . 2009-12-02 17:33 958000 ----a-w- c:\programdata\VMware\VMware Workstation\Uninstaller\vnetlib64.dll
2009-12-02 17:46 . 2009-12-02 17:33 922672 ----a-w- c:\programdata\VMware\VMware Workstation\Uninstaller\vnetlib64.exe
2009-12-02 17:46 . 2009-12-02 17:46 625200 ----a-w- c:\programdata\VMware\VMware Workstation\Uninstaller\instUtils.dll
2009-12-02 17:46 . 2009-12-02 17:33 331776 ----a-w- c:\programdata\VMware\VMware Workstation\Uninstaller\module_ws.dll
2009-12-02 17:46 . 2009-12-02 17:33 760368 ----a-w- c:\programdata\VMware\VMware Workstation\Uninstaller\vnetlib.dll
2009-12-02 17:46 . 2009-12-02 17:33 731696 ----a-w- c:\programdata\VMware\VMware Workstation\Uninstaller\vminstutil.dll
2009-12-02 17:46 . 2009-12-02 17:33 569344 ----a-w- c:\programdata\VMware\VMware Workstation\Uninstaller\module_core.dll
2009-12-02 17:46 . 2009-12-02 17:33 360448 ----a-w- c:\programdata\VMware\VMware Workstation\Uninstaller\module_license.dll
2009-12-02 17:43 . 2009-10-21 23:13 59952 ----a-w- c:\windows\system32\vnetinst.dll
2009-12-02 17:43 . 2009-10-21 23:13 16560 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
2009-12-02 17:43 . 2009-10-22 03:59 334384 ----a-w- c:\windows\system32\vmnetdhcp.exe
2009-12-02 17:43 . 2009-10-22 04:00 395824 ----a-w- c:\windows\system32\vmnat.exe
2009-12-02 17:43 . 2009-10-22 04:00 26288 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2009-12-02 17:42 . 2009-10-21 23:13 51248 ----a-r- c:\windows\system32\vmnetbridge.dll
2009-12-02 17:42 . 2009-10-21 23:13 36400 ----a-r- c:\windows\system32\drivers\vmnetbridge.sys
2009-12-02 17:42 . 2009-10-21 23:13 18736 ----a-r- c:\windows\system32\drivers\vmnet.sys
2009-12-02 17:42 . 2009-10-22 04:00 760368 ----a-w- c:\windows\system32\vnetlib.dll
2009-12-02 17:41 . 2009-10-22 04:00 23216 ----a-w- c:\windows\system32\drivers\VMkbd.sys
2009-12-02 17:39 . 2009-12-02 17:39 -------- d-----w- c:\program files\Common Files\VMware
2009-12-02 17:37 . 2009-12-22 12:01 -------- d-----w- c:\programdata\VMware
2009-12-02 17:37 . 2009-12-02 17:37 -------- d-----w- c:\program files\VMware
2009-12-02 13:26 . 2009-12-02 13:28 -------- d-----w- c:\program files\Dactylo
2009-12-02 12:51 . 2009-11-30 11:27 123280 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2009-12-02 12:50 . 2009-11-30 11:27 41616 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2009-12-01 11:56 . 2009-12-01 12:26 -------- d-----w- C:\poisson10305p
2009-11-30 12:02 . 2009-11-30 12:35 -------- d-----w- C:\poisson28617p
2009-11-30 11:27 . 2009-11-30 11:27 100048 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2009-11-29 11:56 . 2009-11-29 11:56 -------- d-----w- c:\program files\WOT
2009-11-29 10:38 . 2009-11-29 11:10 -------- d-----w- C:\poisson17870p
2009-11-29 09:49 . 2009-12-20 21:00 -------- d-----w- c:\program files\Windows Live Safety Center
2009-11-28 18:36 . 2009-11-28 18:36 -------- d-----w- c:\users\Brigitte\AppData\Roaming\TeraCopy
2009-11-28 17:59 . 2009-12-21 08:56 -------- d-----w- c:\program files\uTorrent
2009-11-28 17:07 . 2009-11-28 17:35 -------- d-----w- C:\poisson
2009-11-28 08:47 . 2009-12-21 14:06 -------- d-----w- c:\program files\Orbitdownloader
2009-11-26 20:47 . 2009-11-26 20:48 -------- d-----w- c:\programdata\MessengerDiscovery 2
2009-11-26 20:47 . 2009-11-26 20:47 -------- d-----w- c:\program files\MessengerDiscovery 2
2009-11-25 18:42 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 14:22 . 2009-11-25 14:22 -------- d-----w- c:\program files\FileHippo.com
2009-11-25 13:53 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-11-25 13:53 . 2009-05-18 13:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-11-25 13:51 . 2009-11-25 13:52 -------- d-----w- c:\programdata{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-25 11:52 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 11:52 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-23 17:05 . 2009-11-23 17:07 -------- d-----w- c:\program files\7-Zip
2009-11-22 13:03 . 2009-11-22 13:04 -------- d-----w- c:\program files\ImgBurn

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-22 12:05 . 2009-09-22 16:13 -------- d-----w- c:\users\Brigitte\AppData\Roaming\uTorrent
2009-12-22 11:58 . 2009-09-06 08:24 -------- d-----w- c:\users\Brigitte\AppData\Roaming\Skype
2009-12-22 10:34 . 2009-11-02 15:19 -------- d-----w- c:\users\Brigitte\AppData\Roaming\vlc
2009-12-22 07:26 . 2009-09-12 12:24 -------- d-----w- c:\users\Brigitte\AppData\Roaming\Orbit
2009-12-21 10:16 . 2009-10-07 17:38 117760 ----a-w- c:\users\Brigitte\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-19 12:56 . 2009-10-03 18:35 -------- d-----w- c:\program files\COMODO
2009-12-19 10:29 . 2009-06-10 18:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-19 10:18 . 2009-09-01 13:57 -------- d-----w- c:\users\Brigitte\AppData\Roaming\DMCache
2009-12-18 18:37 . 2009-08-20 16:42 -------- d-----w- c:\program files\Notepad++
2009-12-14 17:23 . 2009-11-18 19:03 -------- d-----w- c:\program files\Windows Live
2009-12-13 13:59 . 2006-11-02 15:48 690090 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-13 13:59 . 2006-11-02 15:48 132934 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-11 18:07 . 2009-09-06 08:23 -------- d-----w- c:\programdata\Skype
2009-12-11 12:16 . 2009-09-06 08:27 -------- d-----w- c:\users\Brigitte\AppData\Roaming\skypePM
2009-12-09 18:46 . 2009-10-10 20:18 868352 ----a-w- c:\programdata\Skype\Plugins\Plugins\E12C95FCBD1240FEAE314D89676CA6F8\LieDetector.exe
2009-12-09 18:46 . 2009-10-10 20:18 53760 ----a-w- c:\programdata\Skype\Plugins\Plugins\E12C95FCBD1240FEAE314D89676CA6F8\zlib.dll
2009-12-09 18:46 . 2009-10-10 20:18 1712128 ----a-w- c:\programdata\Skype\Plugins\Plugins\E12C95FCBD1240FEAE314D89676CA6F8\GdiPlus.dll
2009-12-09 18:46 . 2009-10-10 20:18 640000 ----a-w- c:\programdata\Skype\Plugins\Plugins\E12C95FCBD1240FEAE314D89676CA6F8\dbghelp.dll
2009-12-09 12:26 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-09 12:06 . 2007-08-10 07:53 -------- d-----w- c:\programdata\Microsoft Help
2009-12-09 12:02 . 2009-08-11 15:01 -------- d-----w- c:\users\Brigitte\AppData\Roaming\Thunderbird
2009-12-07 12:17 . 2009-10-09 19:10 -------- d-----w- c:\program files\Trend Micro
2009-12-02 15:43 . 2009-08-20 16:42 -------- d-----w- c:\users\Brigitte\AppData\Roaming\Notepad++
2009-11-29 21:39 . 2008-07-30 09:12 -------- d-----w- c:\program files\Yahoo!
2009-11-29 09:05 . 2009-06-25 19:00 -------- d-----w- c:\users\Brigitte\AppData\Roaming\dvdcss
2009-11-27 11:50 . 2009-05-03 14:15 15370988 ----a-w- c:\windows\system32\drivers\fidbox.idx
2009-11-27 11:50 . 2009-05-03 14:15 1147482144 ----a-w- c:\windows\system32\drivers\fidbox.dat
2009-11-26 20:47 . 2009-09-16 15:39 -------- d-----w- c:\program files\Messenger Plus! Live
2009-11-26 20:41 . 2009-11-18 19:05 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-11-26 20:06 . 2008-07-30 13:02 -------- d-----w- c:\programdata\WLInstaller
2009-11-25 17:06 . 2009-05-24 16:30 -------- d-----w- c:\users\Brigitte\AppData\Roaming\Apple Computer
2009-11-23 17:12 . 2009-02-27 15:58 -------- d-----w- c:\programdata\NOS
2009-11-23 17:10 . 2009-09-21 15:40 -------- d-----w- c:\program files\AIMP2
2009-11-22 16:33 . 2009-09-21 15:40 -------- d-----w- c:\users\Brigitte\AppData\Roaming\AIMP
2009-11-21 08:43 . 2008-08-12 11:40 6648 ----a-w- c:\users\Brigitte\AppData\Local\d3d9caps.dat
2009-11-21 06:40 . 2009-12-09 12:03 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 12:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-09 12:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-09 12:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-19 19:34 . 2008-07-30 09:14 106904 ----a-w- c:\users\Brigitte\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-19 18:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2009-11-19 18:15 . 2009-11-19 18:15 -------- d-----w- c:\program files\Microsoft Synchronization Services
2009-11-19 18:10 . 2009-11-19 18:10 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-11-19 18:05 . 2009-11-19 18:05 -------- d-----w- c:\program files\Microsoft Analysis Services
2009-11-19 17:39 . 2007-08-10 07:56 -------- d-----w- c:\program files\Microsoft Works
2009-11-19 12:28 . 2009-11-18 19:27 -------- d-----w- c:\users\Brigitte\AppData\Roaming\Download Manager
2009-11-17 19:40 . 2008-12-25 09:42 -------- d-----w- c:\programdata\Media Center Programs
2009-11-17 19:20 . 2009-11-17 19:18 -------- d-----w- c:\program files\Ubisoft
2009-11-17 16:12 . 2009-11-17 16:11 -------- d-----w- c:\program files\Kptic Neonumeric
2009-11-17 16:12 . 2009-11-17 16:12 25214 ----a-r- c:\users\Brigitte\AppData\Roaming\Microsoft\Installer{4103778F-5EAF-476E-B3C1-2891EF9A4D8C}\controlPanelIcon.exe
2009-11-17 11:52 . 2009-11-17 11:52 -------- d-----w- c:\programdata\F-Secure
2009-11-16 20:41 . 2009-11-16 20:31 -------- d-----w- c:\users\Brigitte\AppData\Roaming\Kptic
2009-11-15 14:17 . 2009-11-15 14:17 -------- d-----w- c:\program files\Defraggler
2009-11-15 13:29 . 2008-12-29 10:24 -------- d-----w- c:\users\Brigitte\AppData\Roaming\Yahoo!
2009-11-15 13:27 . 2009-02-15 10:43 -------- d-----w- c:\programdata\Yahoo!
2009-11-15 10:30 . 2008-08-14 13:00 3420 ----a-w- c:\users\Brigitte\AppData\Roaming\wklnhst.dat
2009-11-13 16:34 . 2009-03-24 16:27 -------- d-----w- c:\programdata\TuneUp Software
2009-11-13 15:29 . 2009-11-13 15:29 -------- d-sh–w- c:\programdata{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-11-12 12:19 . 2009-11-12 12:19 -------- d-----w- c:\users\Brigitte\AppData\Roaming\Auslogics
2009-11-11 12:11 . 2009-11-08 13:31 -------- d-----w- c:\programdata\TechSmith
2009-11-11 10:00 . 2009-11-11 10:00 -------- d-----w- c:\program files\Microsoft Baseline Security Analyzer 2
2009-11-11 09:52 . 2009-11-11 09:52 -------- d-----w- c:\users\Brigitte\AppData\Roaming\HouseCall 6.6
2009-11-10 19:48 . 2009-09-18 17:27 -------- d-----w- c:\users\Brigitte\AppData\Roaming\MessengerDiscovery 2
2009-11-10 14:50 . 2009-11-15 13:27 607544 ----a-w- c:\programdata\Yahoo!\YUpdater\yupdater.exe
2009-11-10 11:40 . 2009-11-01 12:20 1730452 ----a-w- c:\users\Brigitte\AppData\Roaming\MessengerDiscovery 2\3558177607\Update.exe
2009-11-09 18:46 . 2009-11-08 13:31 -------- d-----w- c:\program files\TechSmith
2009-11-08 13:31 . 2009-11-08 13:31 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2009-11-08 10:45 . 2009-10-24 11:32 -------- d-----w- c:\program files\Java
2009-11-07 19:48 . 2009-11-07 19:47 -------- d-----w- c:\program files\SRWare Iron
2009-11-07 19:42 . 2009-11-06 21:32 1 ----a-w- c:\users\Brigitte\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-07 09:27 . 2009-11-07 09:27 -------- d-----w- c:\program files\Lavalys
2009-11-07 08:09 . 2007-08-10 06:31 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-11-06 21:32 . 2009-11-06 21:32 -------- d-----w- c:\users\Brigitte\AppData\Roaming\OpenOffice.org
2009-11-06 20:50 . 2009-11-06 20:48 -------- d-----w- c:\program files\PhotoFiltre
2009-11-06 17:38 . 2009-11-06 17:38 -------- d-----w- c:\users\Brigitte\AppData\Roaming\ImgBurn
2009-11-06 17:29 . 2009-11-06 17:05 -------- d-----w- c:\program files\Common Files\Nero
2009-11-06 17:28 . 2009-11-06 17:05 -------- d-----w- c:\programdata\Nero
2009-11-06 17:12 . 2009-11-06 17:12 -------- d-----w- c:\programdata\LightScribe
2009-11-06 17:12 . 2009-11-06 17:10 -------- d-----w- c:\users\Brigitte\AppData\Roaming\Nero
2009-11-06 17:00 . 2007-08-10 07:18 -------- d-----w- c:\program files\Common Files\NewTech Infosystems
2009-11-02 19:42 . 2009-09-26 09:54 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-28 15:53 . 2009-10-28 15:53 -------- d-----w- c:\program files\Windows Portable Devices
2009-10-28 15:53 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-28 15:52 . 2009-10-28 15:52 0 ------w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-24 14:14 . 2009-10-16 18:18 604488 ------w- c:\windows\system32\TUProgSt.exe
2009-10-24 13:39 . 2008-10-04 09:10 558640 ----a-w- c:\programdata\CyberLink\CLSetup\Download\MCEDS.exe
2009-10-23 20:35 . 2008-08-01 14:16 -------- d-----w- c:\program files\orange
2009-10-23 15:13 . 2009-10-22 15:57 -------- d-----w- c:\programdata\Messenger Plus!
2009-10-22 04:00 . 2009-10-22 04:00 853936 ----a-w- c:\windows\system32\drivers\vmx86.sys
2009-10-22 04:00 . 2009-10-22 04:00 70704 ----a-w- c:\windows\system32\drivers\vmci.sys
2009-10-22 02:47 . 2009-10-22 02:47 32304 ----a-w- c:\windows\system32\drivers\hcmon.sys
2009-10-22 02:22 . 2009-10-22 02:22 252464 ----a-w- c:\windows\system32\vmnc.dll
2009-10-12 13:33 . 2009-10-12 13:33 64960 ----a-w- c:\windows\system32\drivers\stcp2v30.sys
2009-10-11 03:17 . 2009-03-12 18:50 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 20:22 . 2009-10-10 20:22 364544 ----a-w- c:\programdata\Skype\Plugins\Plugins\603EE37F99AD4A1D96456E9CE0982199\IsLicense40.dll
2009-10-10 20:22 . 2009-10-10 20:22 2273280 ----a-w- c:\programdata\Skype\Plugins\Plugins\603EE37F99AD4A1D96456E9CE0982199\G-Recorder.exe
2009-10-08 21:08 . 2009-10-28 15:44 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-10-28 15:44 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-10-28 15:44 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-04 21:33 . 2009-08-22 09:46 115312 ------w- c:\windows\system32\drivers\keyscrambler.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE~\Browser Helper Objects{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2009-11-03 20:12 556432 ----a-w- c:\progra~1\MICROS~2\Office14\URLREDIR.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe” [2009-04-11 1233920]
“ehTray.exe”=“c:\windows\ehome\ehTray.exe” [2008-01-19 125952]
“MailNotifier”=“c:\program files\orange\MailNotifier\MailNotifier.exe” [2009-10-12 692224]
“uTorrent”=“c:\program files\uTorrent\uTorrent.exe” [2009-12-20 319280]
“OfficeSyncProcess”=“c:\program files\Microsoft Office\Office14\MSOSYNC.EXE” [2009-11-03 649072]
“Freeraser”=“c:\program files\Codyssey\Freeraser\Freeraser.exe” [2009-04-15 1903104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“RtHDVCpl”=“RtHDVCpl.exe” [2007-07-06 4669440]
“PLFSetL”=“c:\windows\PLFSetL.exe” [2007-07-05 94208]
“MSSE”=“c:\program files\Microsoft Security Essentials\msseces.exe” [2009-09-13 1048392]
“COMODO Internet Security”=“c:\program files\COMODO\COMODO Internet Security\cfp.exe” [2009-12-14 1800464]
“VEngine”=“c:\program files\Comodo\VEngine\VEngine.exe” [2009-12-19 855808]
“Malwarebytes’ Anti-Malware”=“c:\program files\Malwarebytes’ Anti-Malware\mbamgui.exe” [2009-12-03 429392]

[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“KeyScrambler”=“c:\program files\KeyScrambler\getting_started.html” [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“EnableLUA”= 0 (0x0)
“FilterAdministratorToken”= 1 (0x1)
“EnableUIADesktopToggle”= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
“{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}”= “c:\program files\SUPERAntiSpyware\SASSEH.DLL” [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
“AppInit_DLLs”=c:\windows\System32\guard32.dll c:\windows\System32\guard32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
“aux”=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@=“Service”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@=“Driver”

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@=“Service”

[HKLM~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logiciel Kodak EasyShare.lnk]
backup=c:\windows\pss\Logiciel Kodak EasyShare.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Orbit.lnk]
backup=c:\windows\pss\Orbit.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM~\startupfolder\C:^Users^Brigitte^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d’écran et lancement.lnk]
backup=c:\windows\pss\OneNote 2007 - Capture d’écran et lancement.lnk.Startup
backupExtension=.Startup

[HKLM~\startupfolder\C:^Users^Brigitte^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 - Capture d’écran et lancement.lnk]
path=c:\users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk
backup=c:\windows\pss\OneNote 2010 - Capture d’écran et lancement.lnk.Startup
backupExtension=.Startup

[HKLM~\startupfolder\C:^Users^Brigitte^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WkCalRem.LNK]
backup=c:\windows\pss\WkCalRem.LNK.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2009-09-26 22:32 83312 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freeraser]
2009-04-15 10:46 1903104 ----a-w- c:\program files\Codyssey\Freeraser\Freeraser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-08-20 09:54 150016 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2009-12-03 15:14 1394000 ----a-w- c:\program files\Malwarebytes’ Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-12-20 19:56 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
2009-12-01 13:55 389120 ----a-w- c:\program files\Sandboxie\SbieCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
2009-10-22 03:59 129584 ----a-w- c:\program files\VMware\VMware Workstation\vmware-tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender User Interface]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
“WindowsWelcomeCenter”=rundll32.exe oobefldr.dll,ShowWelcomeCenter

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
“HP Software Update”=c:\program files\HP\HP Software Update\HPWuSchd2.exe
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe”

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
“DisableMonitoring”=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
“VistaSp2”=hex(b):be,e2,88,b6,74,df,c9,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-759318378-497761762-3404630427-1000]
“EnableNotificationsRef”=dword:0000000d

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\System32\drivers\cmdguard.sys [14/12/2009 20:55 128376]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\System32\drivers\cmdhlp.sys [14/12/2009 20:55 29520]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [16/12/2009 16:26 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [16/12/2009 16:26 74480]
R1 SbFw;SbFw;c:\windows\System32\drivers\SbFw.sys [31/10/2008 06:09 270888]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [08/11/2008 11:21 61424]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes’ Anti-Malware\mbamservice.exe [19/12/2009 17:17 276816]
R2 vmci;VMware vmci;c:\windows\System32\drivers\vmci.sys [22/10/2009 05:00 70704]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [22/10/2009 03:47 563760]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [10/08/2007 15:41 179712]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [10/08/2007 15:41 32256]
R3 KeyScrambler;KeyScrambler;c:\windows\System32\drivers\keyscrambler.sys [22/08/2009 10:46 115312]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [19/12/2009 17:17 19160]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\System32\drivers\SbFwIm.sys [06/06/2009 12:07 65576]
R3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [01/12/2009 14:55 119296]
S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [31/07/2008 09:57 21504]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [29/10/2009 10:22 30603640]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\System32\drivers\MpNWMon.sys [18/06/2009 18:48 42480]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [26/09/2009 04:28 4639136]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [30/07/2008 11:28 28224]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/12/2009 16:27 7408]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\System32\drivers\VBoxNetAdp.sys [30/11/2009 12:27 100048]
S4 0267471241168295mcinstcleanup;0267471241168295mcinstcleanup; [x]
S4 gupdate;Google Update Service (gupdate);“c:\program files\Google\Update\GoogleUpdate.exe” /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
------- Examen supplémentaire -------
.
uStart Page = yahoo.fr…
uSearchMigratedDefaultURL = search.yahoo.com…
mStart Page = about:blank
IE: ?4da1a3bfcab942eab3ec3b465ef4d37d
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files\VMware\VMware Workstation\vsocklib.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
DPF: {4DD20514-9520-40A7-9CD6-66883643A20B} - www.boaki.com…
DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} - logicielsgratuits.orange.fr…
DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} - webtv.guidetv.orange.fr…
FF - ProfilePath - c:\users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\f7thy391.default
FF - component: c:\program files\Comodo\VEngine\VerificationEngine_ff3_5\components\VEngine.dll
FF - component: c:\program files\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll
FF - component: c:\users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\f7thy391.default\extensions\firegpg@firegpg.team\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: c:\users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\f7thy391.default\extensions\keyscrambler@qfx.software.corporation\components\KeyScramblerIE.dll
FF - component: c:\users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\f7thy391.default\extensions\lazarus@interclue.com\platform\WINNT_x86-msvc\components\WeaveCrypto.dll
FF - plugin: c:\progra~1\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

        • ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-IDMan - c:\program files\Internet Download Manager\IDMan.exe


catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-12-22 13:21
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés …

Recherche d’éléments en démarrage automatique cachés …

Recherche de fichiers cachés …

Scan terminé avec succès
Fichiers cachés: 0


[HKEY_LOCAL_MACHINE\system\ControlSet001\Services{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
“ImagePath”="??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

              • ‘winlogon.exe’(836)
                c:\windows\System32\guard32.dll

              • ‘lsass.exe’(756)
                c:\windows\System32\guard32.dll
                .
                Heure de fin: 2009-12-22 13:26:20
                ComboFix-quarantined-files.txt 2009-12-22 12:26

Avant-CF: 25 415 897 088 octets libres
Après-CF: 25 278 885 888 octets libres

    • End Of File - - 92AAC735495CF12BB62FF7E95728598D

Salut,non pour l’instant pas de problème.Je te reappelle si j’ai un problème !

Merci et Joyeux Noël !
@++