Votre question

(resolu) Rootkit agent :oerdjly.sys

Tags :
  • Rootkit
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Avril 2010 09:08:55

Bonjour,
J'ai un petit problème avec un Rootkit (C:\Windows\System32\drivers\oerdjly.sys)
J'aimerai savoir comment le virer de mon ordi
Ps: Je suis sous vista

Voici les rapports:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:58:55, on 01/04/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Etienne\Desktop\Scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 6248 bytes

Autres pages sur : resolu rootkit agent oerdjly sys

a c 295 8 Sécurité
1 Avril 2010 09:16:28

Bonjour,

  • Désactive l'UAC le temps de la désinfection.

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Clique droit sur ComboFix.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    1 Avril 2010 10:15:38

    Bonjour Destrio5 et merci
    Voici le rapport

    ComboFix 10-03-29.04 - Etienne 01/04/2010 9:57.2.2 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3070.1981 [GMT 2:00]
    Lancé depuis: c:\users\Etienne\Desktop\ComboFix.exe
    AV: avast! antivirus 4.8.1368 [VPS 100130-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    SP: avast! antivirus 4.8.1368 [VPS 100130-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\users\Etienne\AppData\Roaming\inst.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-01 au 2010-04-01 ))))))))))))))))))))))))))))))))))))
    .

    2010-04-01 08:06 . 2010-04-01 08:07 -------- d-----w- c:\users\Etienne\AppData\Local\temp
    2010-04-01 08:06 . 2010-04-01 08:06 -------- d-----w- c:\users\Default\AppData\Local\temp
    2010-03-31 20:19 . 2010-03-31 20:37 -------- d-----w- c:\program files\trend micro
    2010-03-31 09:37 . 2010-03-31 09:37 5918776 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
    2010-03-31 09:37 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-03-31 09:37 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-03-31 09:37 . 2010-03-31 09:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-03-31 09:31 . 2010-03-31 09:31 -------- d-----w- c:\users\Etienne\AppData\Roaming\vlc
    2010-03-31 09:30 . 2010-03-31 09:30 -------- d-----w- c:\program files\VideoLAN
    2010-03-30 17:06 . 2010-03-30 17:10 -------- d-----w- c:\programdata\PC Tools
    2010-03-30 17:06 . 2010-03-30 17:10 -------- d-----w- c:\program files\Common Files\PC Tools
    2010-03-30 17:06 . 2010-03-30 17:06 -------- d-----w- c:\users\Etienne\AppData\Roaming\PC Tools
    2010-03-30 14:06 . 2010-03-30 14:06 -------- d-----w- C:\NVIDIA
    2010-03-26 21:44 . 2010-03-26 21:48 -------- d-----w- c:\users\Etienne\AppData\Roaming\Tomato
    2010-03-26 21:44 . 2010-03-26 21:44 -------- d-----w- c:\program files\Common Files\Tomato
    2010-03-24 10:51 . 2010-03-24 10:51 -------- d-----w- c:\program files\Lavalys
    2010-03-24 05:29 . 2010-03-24 05:29 -------- d-----w- c:\windows\Sun
    2010-03-17 12:43 . 2010-03-17 12:43 -------- d-----w- c:\programdata\MGS
    2010-03-16 19:37 . 2010-03-16 19:37 -------- d-----w- c:\users\Etienne\AppData\Roaming\AVS4YOU
    2010-03-16 19:34 . 2010-03-16 19:41 -------- d-----w- c:\program files\Common Files\AVSMedia
    2010-03-16 19:34 . 2008-08-13 09:22 974848 ----a-w- c:\windows\system32\mfc70.dll
    2010-03-16 19:34 . 2010-03-16 19:37 -------- d-----w- c:\programdata\AVS4YOU
    2010-03-16 19:34 . 2008-08-13 09:22 487424 ----a-w- c:\windows\system32\msvcp70.dll
    2010-03-16 19:34 . 2008-08-13 09:22 344064 ----a-w- c:\windows\system32\msvcr70.dll
    2010-03-16 19:05 . 2010-03-16 19:16 -------- d-----w- c:\program files\QuickMediaConverter
    2010-03-14 11:06 . 2010-03-14 11:08 -------- d-----w- c:\users\Etienne\AppData\Local\ACD Systems
    2010-03-14 11:06 . 2010-03-14 11:06 -------- d-----w- c:\users\Etienne\AppData\Roaming\ACD Systems
    2010-03-14 11:05 . 2010-03-15 13:37 -------- d-----w- c:\program files\Common Files\ACD Systems
    2010-03-14 11:03 . 2010-03-14 11:03 -------- d-----w- c:\users\Etienne\AppData\Local\Downloaded Installations
    2010-03-09 21:46 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2010-03-09 21:46 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
    2010-03-09 21:46 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
    2010-03-05 14:44 . 2010-03-05 14:44 -------- d-----w- c:\users\Etienne\AppData\Local\Shalsoft

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-04-01 08:02 . 2006-11-02 15:48 669328 ----a-w- c:\windows\system32\perfh00C.dat
    2010-04-01 08:02 . 2006-11-02 15:48 123350 ----a-w- c:\windows\system32\perfc00C.dat
    2010-04-01 07:41 . 2010-03-31 09:27 35085 ----a-w- c:\programdata\nvModes.dat
    2010-03-31 20:54 . 2010-01-30 11:32 -------- d-----w- c:\users\Etienne\AppData\Roaming\uTorrent
    2010-03-31 09:27 . 2010-01-28 17:57 -------- d-----w- c:\programdata\NVIDIA
    2010-03-31 09:23 . 2010-02-10 15:03 -------- d-----w- c:\program files\NVIDIA Corporation
    2010-03-31 09:21 . 2010-01-28 16:28 1356 ----a-w- c:\users\Etienne\AppData\Local\d3d9caps.dat
    2010-03-24 05:30 . 2010-03-24 05:30 12 ----a-w- c:\users\Etienne\AppData\Roaming\jasltw.dat
    2010-03-19 15:34 . 2010-03-19 15:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    2010-03-10 02:16 . 2010-01-30 11:33 -------- d-----w- c:\program files\uTorrent
    2010-03-10 02:15 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
    2010-03-09 21:51 . 2010-01-29 18:10 -------- d-----w- c:\programdata\Microsoft Help
    2010-03-03 17:54 . 2010-02-04 17:16 -------- d-----w- c:\program files\Common Files\Anvsoft
    2010-02-27 08:45 . 2010-01-28 18:04 -------- d-----w- c:\program files\CCleaner
    2010-02-26 19:23 . 2010-02-26 19:23 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
    2010-02-24 09:16 . 2010-01-28 21:34 181632 ------w- c:\windows\system32\MpSigStub.exe
    2010-02-24 07:56 . 2006-12-13 09:03 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-02-24 02:20 . 2010-01-28 16:29 100040 ----a-w- c:\users\Etienne\AppData\Local\GDIPFONTCACHEV1.DAT
    2010-02-23 07:48 . 2010-02-20 19:35 -------- d-----w- c:\program files\Tomtomax Maxi-Box
    2010-02-23 06:39 . 2010-03-30 23:03 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-02-23 06:33 . 2010-03-30 23:03 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-02-23 06:33 . 2010-03-30 23:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-02-23 04:55 . 2010-03-30 23:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2010-02-20 19:21 . 2010-02-20 19:21 -------- d-----w- c:\programdata\TomTom
    2010-02-20 19:20 . 2010-02-20 19:20 -------- d-----w- c:\users\Etienne\AppData\Roaming\TomTom
    2010-02-20 19:20 . 2010-02-20 19:20 -------- d-----w- c:\program files\TomTom International B.V
    2010-02-20 19:20 . 2010-02-20 19:20 -------- d-----w- c:\program files\TomTom HOME 2
    2010-02-20 19:12 . 2010-02-20 19:12 -------- d-----w- c:\program files\TomTom DesktopSuite
    2010-02-16 11:05 . 2010-02-16 11:04 -------- d-----w- c:\users\Etienne\AppData\Roaming\FreeVideoConverter
    2010-02-12 10:32 . 2010-02-25 10:02 293376 ----a-w- c:\windows\system32\browserchoice.exe
    2010-02-12 08:36 . 2010-02-12 08:36 411368 ----a-w- c:\windows\system32\deploytk.dll
    2010-02-12 08:36 . 2010-02-12 08:36 -------- d-----w- c:\program files\Java
    2010-02-11 15:39 . 2010-02-11 15:38 -------- d-----w- c:\program files\Ballance
    2010-02-11 15:37 . 2006-12-13 09:02 -------- d-----w- c:\program files\Common Files\InstallShield
    2010-02-10 15:18 . 2010-02-10 15:17 -------- d-----w- c:\program files\Windows Live
    2010-02-10 15:18 . 2010-02-10 15:18 -------- d-----w- c:\program files\Microsoft Sync Framework
    2010-02-10 15:17 . 2010-02-10 15:01 -------- d-----w- c:\program files\Microsoft
    2010-02-10 15:17 . 2010-02-10 15:17 -------- d-----w- c:\program files\Windows Live SkyDrive
    2010-02-10 15:17 . 2010-02-10 15:17 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
    2010-02-10 15:08 . 2010-02-10 15:08 -------- d-----w- c:\program files\Common Files\Windows Live
    2010-02-10 15:00 . 2010-02-10 15:00 -------- d-----w- c:\program files\Microsoft Silverlight
    2010-02-04 20:48 . 2010-02-04 20:48 -------- d-----w- c:\users\Etienne\AppData\Roaming\EPSON
    2010-02-04 18:31 . 2010-02-01 18:29 -------- d-----w- c:\program files\Photo DVD Slideshow Professional
    2010-02-04 17:13 . 2010-02-01 18:29 -------- d-----w- c:\users\Etienne\AppData\Roaming\Photo DVD Slideshow
    2010-02-04 13:17 . 2010-02-04 13:15 -------- d-----w- c:\program files\Emperors Mahjong
    2010-02-04 13:16 . 2010-02-04 13:15 -------- d-----w- c:\program files\ReflexiveArcade
    2010-02-04 12:38 . 2010-02-04 12:38 -------- d-----w- c:\program files\Game On
    2010-02-03 16:45 . 2010-02-03 16:45 -------- d-----w- c:\program files\Common Files\SWF Studio
    2010-02-03 12:56 . 2010-01-29 18:28 -------- d-----w- c:\users\Etienne\AppData\Roaming\DAEMON Tools Lite
    2010-02-02 02:18 . 2010-02-02 02:18 -------- d-----w- c:\program files\Windows Portable Devices
    2010-02-02 02:18 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
    2010-02-02 02:18 . 2010-02-02 02:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
    2010-02-01 18:29 . 2010-02-01 18:29 -------- d-----w- c:\programdata\Anvsoft
    2010-02-01 17:57 . 2010-02-01 17:25 -------- d-----w- c:\users\Etienne\AppData\Roaming\Nero
    2010-02-01 17:57 . 2006-12-13 09:36 -------- d-----w- c:\program files\Common Files\LightScribe
    2010-02-01 17:55 . 2010-02-01 17:50 -------- d-----w- c:\program files\Common Files\Nero
    2010-02-01 17:55 . 2010-02-01 17:16 -------- d-----w- c:\program files\Nero
    2010-02-01 17:52 . 2010-02-01 17:50 -------- d-----w- c:\programdata\Nero
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
    2010-01-30 19:19 . 2010-01-30 19:19 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
    2010-01-30 19:19 . 2010-01-30 19:19 47360 ----a-w- c:\users\Etienne\AppData\Roaming\pcouffin.sys
    2010-01-30 19:19 . 2010-01-30 19:19 47360 ----a-w- c:\users\Etienne\AppData\Roaming\pcouffin.sys
    2010-01-30 18:37 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
    2010-01-30 18:37 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
    2010-01-29 20:49 . 2010-01-29 20:49 499712 ----a-w- c:\windows\system32\kerberos.dll
    2010-01-29 20:49 . 2010-01-29 20:49 270848 ----a-w- c:\windows\system32\schannel.dll
    2010-01-29 18:29 . 2010-01-29 18:29 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
    2010-01-28 21:38 . 2010-01-28 21:38 72704 ----a-w- c:\windows\system32\fontsub.dll
    2010-01-28 21:38 . 2010-01-28 21:38 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-01-28 21:38 . 2010-01-28 21:38 289792 ----a-w- c:\windows\system32\atmfd.dll
    2010-01-28 21:38 . 2010-01-28 21:38 23552 ----a-w- c:\windows\system32\lpk.dll
    2010-01-28 21:38 . 2010-01-28 21:38 156672 ----a-w- c:\windows\system32\t2embed.dll
    2010-01-28 21:38 . 2010-01-28 21:38 10240 ----a-w- c:\windows\system32\dciman32.dll
    2010-01-28 21:33 . 2010-01-28 21:33 61440 ----a-w- c:\windows\system32\winipsec.dll
    2010-01-28 21:33 . 2010-01-28 21:33 272896 ----a-w- c:\windows\system32\polstore.dll
    2010-01-28 21:27 . 2010-01-28 21:27 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 19968 ----a-w- c:\windows\system32\ARP.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 17920 ----a-w- c:\windows\system32\ROUTE.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 17920 ----a-w- c:\windows\system32\netevent.dll
    2010-01-28 21:27 . 2010-01-28 21:27 11264 ----a-w- c:\windows\system32\MRINFO.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 105984 ----a-w- c:\windows\system32\netiohlp.dll
    2010-01-28 21:27 . 2010-01-28 21:27 10240 ----a-w- c:\windows\system32\finger.exe
    2010-01-28 21:23 . 2010-01-28 21:23 127488 ----a-w- c:\windows\system32\L2SecHC.dll
    2010-01-28 21:23 . 2010-01-28 21:23 68096 ----a-w- c:\windows\system32\wlanhlp.dll
    2010-01-28 21:23 . 2010-01-28 21:23 65024 ----a-w- c:\windows\system32\wlanapi.dll
    2010-01-28 21:23 . 2010-01-28 21:23 513536 ----a-w- c:\windows\system32\wlansvc.dll
    2010-01-28 21:23 . 2010-01-28 21:23 302592 ----a-w- c:\windows\system32\wlansec.dll
    2010-01-28 21:23 . 2010-01-28 21:23 293376 ----a-w- c:\windows\system32\wlanmsm.dll
    2010-01-28 21:23 . 2010-01-28 21:23 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
    2010-01-28 21:21 . 2010-01-28 21:21 1248768 ----a-w- c:\windows\system32\msxml3.dll
    2010-01-28 21:21 . 2010-01-28 21:21 1401856 ----a-w- c:\windows\system32\msxml6.dll
    2010-01-28 21:21 . 2010-01-28 21:21 2048 ----a-w- c:\windows\system32\msxml3r.dll
    2010-01-28 21:21 . 2010-01-28 21:21 2048 ----a-w- c:\windows\system32\msxml6r.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "????r"="" [?]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-28 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
    "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
    backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
    backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\?????????]
    ??????????????e [?]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
    2006-11-23 14:24 319488 ----a-w- c:\windows\System32\SysMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
    2005-02-08 03:00 98304 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIACE.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
    2006-11-09 02:57 3784704 ----a-w- c:\windows\RtHDVCpl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2010-01-28 18:07 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
    2006-11-05 20:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):b7,53,56,18,12,a3,ca,01

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3413677813-2335388438-2224299998-1000]
    "EnableNotificationsRef"=dword:00000001

    R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-29 691696]
    R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 135664]
    S1 aswSP;avast! Self Protection; [x]
    S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
    S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]


    --- Autres Services/Pilotes en mémoire ---

    *Deregistered* - oerdjly

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contenu du dossier 'Tâches planifiées'

    2010-02-26 c:\windows\Tasks\CreateChoiceProcessTask.job
    - c:\windows\System32\browserchoice.exe [2010-02-25 10:32]

    2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 18:07]

    2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 18:07]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.aliceadsl.fr/
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mStart Page = hxxp://fr.fr.acer.yahoo.com
    uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKLM-Run-eRecoveryService - (no file)
    MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
    MSConfigStartUp-eDataSecurity Loader - c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
    MSConfigStartUp-IS CfgWiz - c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe
    MSConfigStartUp-osCheck - c:\program files\Norton Internet Security\osCheck.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-04-01 10:07
    Windows 6.0.6002 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\oerdjly]

    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.032"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.abr"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ani"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.apd"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.arw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.bay"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.bmp"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.bw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.cr2"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.crw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.cs1"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.cur"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.dcr"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.dcx"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.dib"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.djv"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.djvu"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.dng"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.emf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.eps"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.erf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.fff"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.fpx"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.gif"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.hdr"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.icl"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.icn"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ico"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.iff"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ilbm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.int"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.inta"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.iw4"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.j2c"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.j2k"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jbr"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jfif"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jif"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jp2"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jpc"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jpe"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jpeg"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
    @Denied: (2) (LocalSystem)
    @Denied: (2) (S-1-5-21-3413677813-2335388438-2224299998-1000)
    "Progid"="ACDSee Pro 3.jpg"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jpk"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jpx"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.kdc"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.lbm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.mef"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.mos"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.mrw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.nef"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.nrw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.orf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pbm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pbr"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pcd"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pct"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pcx"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pef"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pgm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pic"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pict"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pix"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.png"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ppm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.psd"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.psp"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pspbrush"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pspimage"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.raf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ras"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.raw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rgb"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rgba"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rle"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rsb"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rw2"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rwl"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.sgi"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.sr2"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.srf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.tga"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.thm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.tif"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.tiff"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ttc"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ttf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.wbm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.wbmp"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.wmf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.xbm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.xif"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.xpm"
    .
    Heure de fin: 2010-04-01 10:11:26
    ComboFix-quarantined-files.txt 2010-04-01 08:11

    Avant-CF: 70 709 260 288 octets libres
    Après-CF: 70 484 168 704 octets libres

    Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
    - - End Of File - - F50B7B27C8AA70AFCE6B711C63CD86AE
    Contenus similaires
    a c 295 8 Sécurité
    1 Avril 2010 10:22:19

    /!\ Seul ouzouer peut suivre cette procédure /!\

    Désactive toute protection résidente (Antivirus...) !

    ---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :

    KillAll::

    File::
    c:\users\Etienne\AppData\Roaming\jasltw.dat
    C:\Windows\System32\drivers\oerdjly.sys

    Registry::
    [-HKEY_LOCAL_MACHINE\system\ControlSet001\Services\oerdjly]

    ---> Ouvre le Bloc-notes : Démarrer > Tous les programmes > Accessoires > Bloc-notes.

    - Colle (CTRL+V) le texte dans le Bloc-notes.
    - Enregistre ce fichier dans : Bureau
    - Nom du fichier : CFScript
    - Type du fichier : tous les fichiers !!
    - Clique sur Enregistrer.
    - Quitte le Bloc-notes.

    ---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



  • Cela va relancer Combofix : au message qui apparaît, accepte.
  • Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !
  • Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.
  • Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

    ;) 
    1 Avril 2010 10:57:21

    Voila et encore merci

    ComboFix 10-03-29.04 - Etienne 01/04/2010 10:39:34.3.2 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3070.1945 [GMT 2:00]
    Lancé depuis: c:\users\Etienne\Desktop\ComboFix.exe
    Commutateurs utilisés :: c:\users\Etienne\Desktop\CFScript.txt
    AV: avast! antivirus 4.8.1368 [VPS 100130-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    SP: avast! antivirus 4.8.1368 [VPS 100130-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    FILE ::
    "c:\users\Etienne\AppData\Roaming\jasltw.dat"
    "c:\windows\System32\drivers\oerdjly.sys"
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\users\Etienne\AppData\Roaming\jasltw.dat
    c:\windows\System32\drivers\oerdjly.sys

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_oerdjly
    -------\Service_oerdjly


    ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-01 au 2010-04-01 ))))))))))))))))))))))))))))))))))))
    .

    2010-04-01 08:47 . 2010-04-01 08:49 -------- d-----w- c:\users\Etienne\AppData\Local\temp
    2010-04-01 08:47 . 2010-04-01 08:47 -------- d-----w- c:\users\Public\AppData\Local\temp
    2010-03-31 20:19 . 2010-03-31 20:37 -------- d-----w- c:\program files\trend micro
    2010-03-31 09:37 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-03-31 09:37 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-03-31 09:37 . 2010-03-31 09:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-03-31 09:31 . 2010-03-31 09:31 -------- d-----w- c:\users\Etienne\AppData\Roaming\vlc
    2010-03-31 09:30 . 2010-03-31 09:30 -------- d-----w- c:\program files\VideoLAN
    2010-03-30 17:06 . 2010-03-30 17:10 -------- d-----w- c:\programdata\PC Tools
    2010-03-30 17:06 . 2010-03-30 17:10 -------- d-----w- c:\program files\Common Files\PC Tools
    2010-03-30 17:06 . 2010-03-30 17:06 -------- d-----w- c:\users\Etienne\AppData\Roaming\PC Tools
    2010-03-30 14:06 . 2010-03-30 14:06 -------- d-----w- C:\NVIDIA
    2010-03-26 21:44 . 2010-03-26 21:48 -------- d-----w- c:\users\Etienne\AppData\Roaming\Tomato
    2010-03-26 21:44 . 2010-03-26 21:44 -------- d-----w- c:\program files\Common Files\Tomato
    2010-03-24 10:51 . 2010-03-24 10:51 -------- d-----w- c:\program files\Lavalys
    2010-03-24 05:29 . 2010-03-24 05:29 -------- d-----w- c:\windows\Sun
    2010-03-17 12:43 . 2010-03-17 12:43 -------- d-----w- c:\programdata\MGS
    2010-03-16 19:37 . 2010-03-16 19:37 -------- d-----w- c:\users\Etienne\AppData\Roaming\AVS4YOU
    2010-03-16 19:34 . 2010-03-16 19:41 -------- d-----w- c:\program files\Common Files\AVSMedia
    2010-03-16 19:34 . 2008-08-13 09:22 974848 ----a-w- c:\windows\system32\mfc70.dll
    2010-03-16 19:34 . 2010-03-16 19:37 -------- d-----w- c:\programdata\AVS4YOU
    2010-03-16 19:34 . 2008-08-13 09:22 487424 ----a-w- c:\windows\system32\msvcp70.dll
    2010-03-16 19:34 . 2008-08-13 09:22 344064 ----a-w- c:\windows\system32\msvcr70.dll
    2010-03-16 19:05 . 2010-03-16 19:16 -------- d-----w- c:\program files\QuickMediaConverter
    2010-03-14 11:06 . 2010-03-14 11:08 -------- d-----w- c:\users\Etienne\AppData\Local\ACD Systems
    2010-03-14 11:06 . 2010-03-14 11:06 -------- d-----w- c:\users\Etienne\AppData\Roaming\ACD Systems
    2010-03-14 11:05 . 2010-03-15 13:37 -------- d-----w- c:\program files\Common Files\ACD Systems
    2010-03-14 11:03 . 2010-03-14 11:03 -------- d-----w- c:\users\Etienne\AppData\Local\Downloaded Installations
    2010-03-09 21:46 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2010-03-09 21:46 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
    2010-03-09 21:46 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
    2010-03-05 14:44 . 2010-03-05 14:44 -------- d-----w- c:\users\Etienne\AppData\Local\Shalsoft

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-04-01 08:49 . 2010-03-31 09:27 35085 ----a-w- c:\programdata\nvModes.dat
    2010-04-01 08:42 . 2006-11-02 15:48 669328 ----a-w- c:\windows\system32\perfh00C.dat
    2010-04-01 08:42 . 2006-11-02 15:48 123350 ----a-w- c:\windows\system32\perfc00C.dat
    2010-04-01 08:22 . 2010-01-28 18:06 -------- d-----w- c:\program files\Alwil Software
    2010-03-31 20:54 . 2010-01-30 11:32 -------- d-----w- c:\users\Etienne\AppData\Roaming\uTorrent
    2010-03-31 09:37 . 2010-03-31 09:37 5918776 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
    2010-03-31 09:27 . 2010-01-28 17:57 -------- d-----w- c:\programdata\NVIDIA
    2010-03-31 09:23 . 2010-02-10 15:03 -------- d-----w- c:\program files\NVIDIA Corporation
    2010-03-31 09:21 . 2010-01-28 16:28 1356 ----a-w- c:\users\Etienne\AppData\Local\d3d9caps.dat
    2010-03-19 15:34 . 2010-03-19 15:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    2010-03-10 02:16 . 2010-01-30 11:33 -------- d-----w- c:\program files\uTorrent
    2010-03-10 02:15 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
    2010-03-09 21:51 . 2010-01-29 18:10 -------- d-----w- c:\programdata\Microsoft Help
    2010-03-03 17:54 . 2010-02-04 17:16 -------- d-----w- c:\program files\Common Files\Anvsoft
    2010-02-27 08:45 . 2010-01-28 18:04 -------- d-----w- c:\program files\CCleaner
    2010-02-26 19:23 . 2010-02-26 19:23 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
    2010-02-24 09:16 . 2010-01-28 21:34 181632 ------w- c:\windows\system32\MpSigStub.exe
    2010-02-24 07:56 . 2006-12-13 09:03 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-02-24 02:20 . 2010-01-28 16:29 100040 ----a-w- c:\users\Etienne\AppData\Local\GDIPFONTCACHEV1.DAT
    2010-02-23 07:48 . 2010-02-20 19:35 -------- d-----w- c:\program files\Tomtomax Maxi-Box
    2010-02-23 06:39 . 2010-03-30 23:03 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-02-23 06:33 . 2010-03-30 23:03 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-02-23 06:33 . 2010-03-30 23:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-02-23 04:55 . 2010-03-30 23:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2010-02-20 19:21 . 2010-02-20 19:21 -------- d-----w- c:\programdata\TomTom
    2010-02-20 19:20 . 2010-02-20 19:20 -------- d-----w- c:\users\Etienne\AppData\Roaming\TomTom
    2010-02-20 19:20 . 2010-02-20 19:20 -------- d-----w- c:\program files\TomTom International B.V
    2010-02-20 19:20 . 2010-02-20 19:20 -------- d-----w- c:\program files\TomTom HOME 2
    2010-02-20 19:12 . 2010-02-20 19:12 -------- d-----w- c:\program files\TomTom DesktopSuite
    2010-02-16 11:05 . 2010-02-16 11:04 -------- d-----w- c:\users\Etienne\AppData\Roaming\FreeVideoConverter
    2010-02-12 10:32 . 2010-02-25 10:02 293376 ----a-w- c:\windows\system32\browserchoice.exe
    2010-02-12 08:36 . 2010-02-12 08:36 411368 ----a-w- c:\windows\system32\deploytk.dll
    2010-02-12 08:36 . 2010-02-12 08:36 -------- d-----w- c:\program files\Java
    2010-02-11 15:39 . 2010-02-11 15:38 -------- d-----w- c:\program files\Ballance
    2010-02-11 15:37 . 2006-12-13 09:02 -------- d-----w- c:\program files\Common Files\InstallShield
    2010-02-10 15:18 . 2010-02-10 15:17 -------- d-----w- c:\program files\Windows Live
    2010-02-10 15:18 . 2010-02-10 15:18 -------- d-----w- c:\program files\Microsoft Sync Framework
    2010-02-10 15:17 . 2010-02-10 15:01 -------- d-----w- c:\program files\Microsoft
    2010-02-10 15:17 . 2010-02-10 15:17 -------- d-----w- c:\program files\Windows Live SkyDrive
    2010-02-10 15:17 . 2010-02-10 15:17 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
    2010-02-10 15:08 . 2010-02-10 15:08 -------- d-----w- c:\program files\Common Files\Windows Live
    2010-02-10 15:00 . 2010-02-10 15:00 -------- d-----w- c:\program files\Microsoft Silverlight
    2010-02-04 20:48 . 2010-02-04 20:48 -------- d-----w- c:\users\Etienne\AppData\Roaming\EPSON
    2010-02-04 18:31 . 2010-02-01 18:29 -------- d-----w- c:\program files\Photo DVD Slideshow Professional
    2010-02-04 17:13 . 2010-02-01 18:29 -------- d-----w- c:\users\Etienne\AppData\Roaming\Photo DVD Slideshow
    2010-02-04 13:17 . 2010-02-04 13:15 -------- d-----w- c:\program files\Emperors Mahjong
    2010-02-04 13:16 . 2010-02-04 13:15 -------- d-----w- c:\program files\ReflexiveArcade
    2010-02-04 12:38 . 2010-02-04 12:38 -------- d-----w- c:\program files\Game On
    2010-02-03 16:45 . 2010-02-03 16:45 -------- d-----w- c:\program files\Common Files\SWF Studio
    2010-02-03 12:56 . 2010-01-29 18:28 -------- d-----w- c:\users\Etienne\AppData\Roaming\DAEMON Tools Lite
    2010-02-02 02:18 . 2010-02-02 02:18 -------- d-----w- c:\program files\Windows Portable Devices
    2010-02-02 02:18 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
    2010-02-02 02:18 . 2010-02-02 02:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
    2010-02-01 18:29 . 2010-02-01 18:29 -------- d-----w- c:\programdata\Anvsoft
    2010-02-01 17:57 . 2010-02-01 17:25 -------- d-----w- c:\users\Etienne\AppData\Roaming\Nero
    2010-02-01 17:57 . 2006-12-13 09:36 -------- d-----w- c:\program files\Common Files\LightScribe
    2010-02-01 17:55 . 2010-02-01 17:50 -------- d-----w- c:\program files\Common Files\Nero
    2010-02-01 17:55 . 2010-02-01 17:16 -------- d-----w- c:\program files\Nero
    2010-02-01 17:52 . 2010-02-01 17:50 -------- d-----w- c:\programdata\Nero
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
    2010-02-01 07:37 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
    2010-01-30 19:19 . 2010-01-30 19:19 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
    2010-01-30 19:19 . 2010-01-30 19:19 47360 ----a-w- c:\users\Etienne\AppData\Roaming\pcouffin.sys
    2010-01-30 19:19 . 2010-01-30 19:19 47360 ----a-w- c:\users\Etienne\AppData\Roaming\pcouffin.sys
    2010-01-30 18:37 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
    2010-01-30 18:37 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
    2010-01-29 20:49 . 2010-01-29 20:49 499712 ----a-w- c:\windows\system32\kerberos.dll
    2010-01-29 20:49 . 2010-01-29 20:49 270848 ----a-w- c:\windows\system32\schannel.dll
    2010-01-29 18:29 . 2010-01-29 18:29 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
    2010-01-28 21:38 . 2010-01-28 21:38 72704 ----a-w- c:\windows\system32\fontsub.dll
    2010-01-28 21:38 . 2010-01-28 21:38 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-01-28 21:38 . 2010-01-28 21:38 289792 ----a-w- c:\windows\system32\atmfd.dll
    2010-01-28 21:38 . 2010-01-28 21:38 23552 ----a-w- c:\windows\system32\lpk.dll
    2010-01-28 21:38 . 2010-01-28 21:38 156672 ----a-w- c:\windows\system32\t2embed.dll
    2010-01-28 21:38 . 2010-01-28 21:38 10240 ----a-w- c:\windows\system32\dciman32.dll
    2010-01-28 21:33 . 2010-01-28 21:33 61440 ----a-w- c:\windows\system32\winipsec.dll
    2010-01-28 21:33 . 2010-01-28 21:33 272896 ----a-w- c:\windows\system32\polstore.dll
    2010-01-28 21:27 . 2010-01-28 21:27 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 19968 ----a-w- c:\windows\system32\ARP.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 17920 ----a-w- c:\windows\system32\ROUTE.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 17920 ----a-w- c:\windows\system32\netevent.dll
    2010-01-28 21:27 . 2010-01-28 21:27 11264 ----a-w- c:\windows\system32\MRINFO.EXE
    2010-01-28 21:27 . 2010-01-28 21:27 105984 ----a-w- c:\windows\system32\netiohlp.dll
    2010-01-28 21:27 . 2010-01-28 21:27 10240 ----a-w- c:\windows\system32\finger.exe
    2010-01-28 21:23 . 2010-01-28 21:23 127488 ----a-w- c:\windows\system32\L2SecHC.dll
    2010-01-28 21:23 . 2010-01-28 21:23 68096 ----a-w- c:\windows\system32\wlanhlp.dll
    2010-01-28 21:23 . 2010-01-28 21:23 65024 ----a-w- c:\windows\system32\wlanapi.dll
    2010-01-28 21:23 . 2010-01-28 21:23 513536 ----a-w- c:\windows\system32\wlansvc.dll
    2010-01-28 21:23 . 2010-01-28 21:23 302592 ----a-w- c:\windows\system32\wlansec.dll
    2010-01-28 21:23 . 2010-01-28 21:23 293376 ----a-w- c:\windows\system32\wlanmsm.dll
    2010-01-28 21:23 . 2010-01-28 21:23 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
    2010-01-28 21:21 . 2010-01-28 21:21 1248768 ----a-w- c:\windows\system32\msxml3.dll
    2010-01-28 21:21 . 2010-01-28 21:21 1401856 ----a-w- c:\windows\system32\msxml6.dll
    2010-01-28 21:21 . 2010-01-28 21:21 2048 ----a-w- c:\windows\system32\msxml3r.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "????r"="" [?]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-28 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
    "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
    backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
    backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\?????????]
    ??????????????e [?]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
    2006-11-23 14:24 319488 ----a-w- c:\windows\System32\SysMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
    2005-02-08 03:00 98304 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIACE.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
    2006-11-09 02:57 3784704 ----a-w- c:\windows\RtHDVCpl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    2010-01-28 18:07 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
    2006-11-05 20:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):b7,53,56,18,12,a3,ca,01

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3413677813-2335388438-2224299998-1000]
    "EnableNotificationsRef"=dword:00000001

    R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 135664]
    S1 aswSP;avast! Self Protection; [x]
    S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]


    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contenu du dossier 'Tâches planifiées'

    2010-02-26 c:\windows\Tasks\CreateChoiceProcessTask.job
    - c:\windows\System32\browserchoice.exe [2010-02-25 10:32]

    2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 18:07]

    2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 18:07]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.aliceadsl.fr/
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mStart Page = hxxp://fr.fr.acer.yahoo.com
    uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-04-01 10:49
    Windows 6.0.6002 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x855211F8]<<
    kernel: MBR read successfully
    detected MBR rootkit hooks:
    \Driver\Disk -> CLASSPNP.SYS @ 0x8a9a9d24
    \Driver\ACPI -> acpi.sys @ 0x807b9d68
    \Driver\atapi -> 0x855211f8
    IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
    user & kernel MBR OK

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.032"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.abr"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ani"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.apd"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.arw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.bay"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.bmp"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.bw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.cr2"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.crw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.cs1"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.cur"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.dcr"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.dcx"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.dib"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.djv"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.djvu"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.dng"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.emf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.eps"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.erf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.fff"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.fpx"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.gif"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.hdr"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.icl"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.icn"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ico"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.iff"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ilbm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.int"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.inta"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.iw4"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.j2c"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.j2k"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jbr"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jfif"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jif"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jp2"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jpc"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jpe"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jpeg"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
    @Denied: (2) (LocalSystem)
    @Denied: (2) (S-1-5-21-3413677813-2335388438-2224299998-1000)
    "Progid"="ACDSee Pro 3.jpg"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jpk"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.jpx"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.kdc"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.lbm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.mef"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.mos"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.mrw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.nef"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.nrw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.orf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pbm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pbr"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pcd"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pct"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pcx"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pef"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pgm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pic"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pict"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pix"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.png"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ppm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.psd"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.psp"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pspbrush"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.pspimage"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.raf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ras"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.raw"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rgb"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rgba"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rle"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rsb"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rw2"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.rwl"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.sgi"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.sr2"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.srf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.tga"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.thm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.tif"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.tiff"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ttc"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.ttf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.wbm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.wbmp"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.wmf"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.xbm"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.xif"

    [HKEY_USERS\S-1-5-21-3413677813-2335388438-2224299998-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ACDSee Pro 3.xpm"
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\system32\nvvsvc.exe
    c:\windows\system32\Ati2evxx.exe
    c:\windows\system32\nvvsvc.exe
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\program files\Alwil Software\Avast4\ashDisp.exe
    c:\windows\system32\conime.exe
    c:\program files\Common Files\LightScribe\LSSrvc.exe
    c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\TomTom HOME 2\TomTomHOMEService.exe
    c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\system32\WUDFHost.exe
    c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
    .
    **************************************************************************
    .
    Heure de fin: 2010-04-01 10:55:35 - La machine a redémarré
    ComboFix-quarantined-files.txt 2010-04-01 08:55
    ComboFix2.txt 2010-04-01 08:11

    Avant-CF: 70 637 268 992 octets libres
    Après-CF: 70 426 587 136 octets libres

    - - End Of File - - F63CE65B4E3BBD1B3E77EAD14EFDA771
    a c 295 8 Sécurité
    1 Avril 2010 11:14:32

    Apparemment, c'est OK.

  • Appuie sur les touches Windows + R pour afficher la fenêtre Exécuter.

  • Tape ComboFix /uninstall et valide.

  • Installe la nouvelle version d'Avast : Lien

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    1 Avril 2010 12:09:24

    Encore merci Destrio5 il n'y a plus rien ???

    Malwarebytes' Anti-Malware 1.45
    www.malwarebytes.org

    Version de la base de données: 3940

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18904

    01/04/2010 12:07:08
    mbam-log-2010-04-01 (12-07-08).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 103141
    Temps écoulé: 5 minute(s), 7 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a c 295 8 Sécurité
    1 Avril 2010 12:25:58

    Plus de souci ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS