High-Tech Santé Médecine Droit-Finances

Auto-Entrepreneur

Comment faire ?

Rechercher : dans
Par :

Cheval de troie impossible a supprimer

Dernière réponse le 6 jun 2009 à 18:33:38 Medmed, le 5 jun 2009 à 23:00:52 
 Signaler ce message aux modérateurs

Bonjour,Bonjour, je ne sais pas si c'est le bon forum mais je n'ai rien trouver d'autre

Voila mon probleme :

J'ai un virus cheval de troie du nom de Generique.PUP et je ne sais pas comment le supprimer mon enti virus n'arrive pas a le supprimer et ce programme lance des petit cheval de troie que mon anti virus arrive a supprimer ou a mettre en quarantaines est ce qu'on peux m'aider a supprimer ce virus ? surtout que mon anti virus est payant et que si il expire trop tot je risque de foutre en l'air mon ordi avec ce satané virus :s merci d'avance pour vos reponse j'éspaire avoir était assez clair !


JE SUIS SOUS WINDOWS VISTA !

Configuration: Windows Vista
Safari 525.19

Meilleures réponses pour « Cheval de troie impossible a supprimer » dans :
Aucun port ouvert = pas de cheval de Troie VoirMythe Si je n'ai aucun port ouvert, je suis sûr que je n'ai pas de cheval de Troie sur mon ordinateur. Réalité FAUX. Explications Un port ouvert n'est pas nécessaire pour contrôler un ordinateur sur lequel est installé un cheval de Troie. ...
Mnmsrvc - mnmsrvc.exe Voirmnmsrvc - mnmsrvc.exe Le processus mnmsrvc.exe (mnmsrvc signifiant Microsoft NetMeeting Service) est un processus générique de Windows NT/2000/XP servant au partage de bureau windows en utilisant NetMeeting. Le processus mnmsrvc n'est en aucun cas...
Introduction aux chevaux de Troie VoirLes chevaux de Troie On appelle « Cheval de Troie » (en anglais trojan horse) un programme informatique effectuant des opérations malicieuses à l'insu de l'utilisateur. Le nom « Cheval de Troie » provient d'une légende narrée dans l'Iliade (de...
Posez votre question Répondre

1

Mehdi-k81, le 5 jun 2009 à 23:04:55

Ta plein de bonne version d'essai
Kaspersky
Norton 2009
Window live One care
c'est gratuit ca tien pas longtemps mais essaye de les téléchargés et Fait une analyse complète
Voila , jsui pas plus calé que sa ^^

   
Répondre à Mehdi-k81

2

thepunkk, le 5 jun 2009 à 23:05:46

Quel est ton antivirus, si c'est avast je peux peut-etre t'aider!

   
Répondre à thepunkk

3

Medmed, le 5 jun 2009 à 23:06:32

J'ai McAfee SecurityCenter et j'ai fait trois analyse complete :s en plus il est payant mon anti virus il doit etre performant normalement !

   
Répondre à Medmed

4

Guillaume5188, le 5 jun 2009 à 23:29:04
  • +1

Bonsoir Medmed

Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...


-> laisse faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum


( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )

Merci
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

5

Medmed, le 5 jun 2009 à 23:33:48

Oui ensuite ?

   
Répondre à Medmed

6

Guillaume5188, le 5 jun 2009 à 23:35:59

Re

Fait ce qui t'est demandé au post 4;merci On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

7

Medmed, le 5 jun 2009 à 23:36:12

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mehdi at 2009-06-05 23:32:34
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 43 GB (29%) free of 148 GB
Total RAM: 3066 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:32:45, on 05/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\regsvr32.exe
C:\Program Files\Crack Installer\groupmanager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
C:\Users\Mehdi\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.e­xe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\Acer\ACERBI~1\PdtWzd.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
c:\PROGRA~1\java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Mehdi\Documents\Downloads\RSIT.exe
C:\Users\Mehdi\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Mehdi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0908&m=aspire_6930g
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://coramail.net/r5.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O2 - BHO: TBSB05288 - {6714ADBD-C6C1-42A8-BD84-9C9339059421} - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: blueskyadagency browser enhancer - {D14D50D3-D990-C5DF-ED9A-AD1F344F60E4} - C:\Windows\system32\vtbgnivpqzwfpuw.dll
O2 - BHO: TBSB09835 - {D97FC677-694D-4A75-AC89-A5B85C2BCFED} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ECO Bar - {10000000-1000-1000-1000-100000000000} - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll
O3 - Toolbar: Bullseye Tool Bar - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MediaBarFileManager] C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [kggeczqlqm] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\vtbgnivpqzwfpuw.dll"
O4 - HKLM\..\Run: [GroupManager] C:\Program Files\Crack Installer\groupmanager.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: runit_32.lnk = C:\Program Files\runit\runit_32.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: WiFi Station pour Livebox.lnk = C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9c66f42f6f480) (gupdate1c9c66f42f6f480) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwc) (pr2agqwc) - Cyanide - C:\Windows\system32\pr2agqwc.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 16985 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-01-09 246800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2008-12-23 277648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6714ADBD-C6C1-42A8-BD84-9C9339059421}]
TBSB05288 Class - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll [2008-08-14 2484224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2009-03-25 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-14 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-28 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-28 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-28 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D14D50D3-D990-C5DF-ED9A-AD1F344F60E4}]
blueskyadagency browser enhancer - C:\Windows\system32\vtbgnivpqzwfpuw.dll [2009-04-06 396800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D97FC677-694D-4A75-AC89-A5B85C2BCFED}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-14 142896]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936]
{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-11-04 463872]
{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll [2008-12-23 277648]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-28 251504]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{10000000-1000-1000-1000-100000000000} - ECO Bar - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll [2008-08-14 2484224]
{6226BA26-C017-4007-928C-DE9715C6FA67} - Bullseye Tool Bar - C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll [2008-06-07 2404352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-07 6139904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-01-08 645328]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-14 526896]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-05-30 544768]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-06-04 817672]
"eRecoveryService"= []
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-08-01 405504]
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2008-09-05 3676160]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-07-24 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-07-24 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-07-18 167936]
"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-06 24064]
"MediaBarFileManager"=C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe [2007-06-25 30024]
"KiweeHook"=C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe [2008-12-23 56456]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"kggeczqlqm"=C:\Windows\System32\regsvr32.exe [2006-11-02 14336]
"GroupManager"=C:\Program Files\Crack Installer\groupmanager.exe [2009-04-03 32256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-06 68856]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"CurseClient"=C:\Program Files\Curse\CurseClient.exe [2008-10-10 4789760]
"VeohPlugin"=C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2008-11-04 3522296]
"Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2008-01-21 49664]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe

C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe
runit_32.lnk - C:\Program Files\runit\runit_32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2008-09-05 3197952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2008-03-25 567560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Acer Bio Protection\PwdFilter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 2 months======

2009-06-05 23:31:23 ----D---- C:\Program Files\trend micro
2009-06-05 23:31:22 ----D---- C:\rsit
2009-06-04 12:29:34 ----D---- C:\Program Files\Gameforge4D
2009-05-28 09:02:25 ----SHD---- C:\Config.Msi
2009-05-24 18:20:33 ----D---- C:\Windows\system32\AGEIA
2009-05-24 18:20:25 ----D---- C:\Program Files\AGEIA Technologies
2009-05-17 18:29:19 ----D---- C:\NVIDIA
2009-05-11 17:37:51 ----D---- C:\Program Files\EA GAMES
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvudisp.exe
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvoglv32.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcuvid.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcuvenc.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcuda.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcod146.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcod.dll
2009-04-29 17:58:44 ----D---- C:\Program Files\AbiSuite2
2009-04-26 14:59:56 ----D---- C:\Program Files\Common Files\DivX Shared
2009-04-21 17:53:20 ----D---- C:\Users\Mehdi\AppData\Roaming\Atari
2009-04-21 17:45:13 ----D---- C:\Program Files\Atari
2009-04-21 16:35:54 ----D---- C:\Windows\Crack Installer
2009-04-21 16:35:54 ----D---- C:\Program Files\Crack Installer
2009-04-21 16:35:29 ----A---- C:\Windows\Crack Installer Setup Log.txt
2009-04-21 16:35:24 ----A---- C:\Windows\hqfi71418.exe
2009-04-21 16:35:24 ----A---- C:\Windows\bqrd60258.exe
2009-04-21 16:35:19 ----A---- C:\Windows\jrqcm1023.exe
2009-04-21 16:35:14 ----A---- C:\Windows\geck7267.exe
2009-04-19 22:35:19 ----A---- C:\Windows\system32\infocardapi.dll
2009-04-19 22:35:18 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-19 22:35:16 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-04-19 22:35:16 ----A---- C:\Windows\system32\icardres.dll
2009-04-19 22:35:16 ----A---- C:\Windows\system32\icardagt.exe
2009-04-19 22:35:13 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-04-19 22:35:09 ----A---- C:\Windows\system32\PresentationHost.exe
2009-04-19 22:27:15 ----A---- C:\Windows\system32\dfshim.dll
2009-04-19 22:27:10 ----A---- C:\Windows\system32\mscoree.dll
2009-04-19 22:27:08 ----A---- C:\Windows\system32\netfxperf.dll
2009-04-19 22:26:45 ----A---- C:\Windows\system32\mscorier.dll
2009-04-19 22:26:38 ----A---- C:\Windows\system32\mscories.dll
2009-04-19 15:18:09 ----A---- C:\Windows\IsUninst.exe
2009-04-19 14:15:17 ----A---- C:\Windows\system32\5872deaa-cc78-47da-60d7-4daca51d2225.exe
2009-04-19 14:14:47 ----D---- C:\Program Files\IEToolbar
2009-04-19 14:14:42 ----A---- C:\Windows\wgfp4324.exe
2009-04-19 14:14:36 ----A---- C:\Windows\feoam2471.exe
2009-04-19 14:14:35 ----A---- C:\Windows\system32\lvhzhfywcrbhkxezz.exe
2009-04-19 14:14:33 ----D---- C:\Program Files\runit
2009-04-19 14:14:30 ----A---- C:\Windows\wnrr74340.exe
2009-04-19 14:14:28 ----A---- C:\Windows\jisf76802.exe
2009-04-19 14:14:03 ----A---- C:\Windows\lids88065.exe
2009-04-19 14:14:02 ----A---- C:\Windows\gpna8081.exe
2009-04-19 14:13:44 ----A---- C:\Windows\kdiue732.txt
2009-04-16 18:49:23 ----A---- C:\Windows\system32\winhttp.dll
2009-04-16 18:49:19 ----A---- C:\Windows\system32\xolehlp.dll
2009-04-16 18:49:19 ----A---- C:\Windows\system32\msdtcprx.dll
2009-04-16 18:49:09 ----A---- C:\Windows\system32\rpcss.dll
2009-04-16 18:49:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-04-16 18:49:08 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-04-16 18:49:07 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-16 18:49:06 ----A---- C:\Windows\system32\sdohlp.dll
2009-04-16 18:49:06 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-16 18:49:06 ----A---- C:\Windows\system32\iasrecst.dll
2009-04-16 18:49:06 ----A---- C:\Windows\system32\iasdatastore.dll
2009-04-16 18:49:05 ----A---- C:\Windows\system32\iashost.exe
2009-04-16 18:49:05 ----A---- C:\Windows\system32\iasads.dll
2009-04-16 18:48:59 ----A---- C:\Windows\system32\lsasrv.dll
2009-04-16 18:48:59 ----A---- C:\Windows\system32\kernel32.dll
2009-04-16 18:48:58 ----A---- C:\Windows\system32\secur32.dll
2009-04-16 18:48:58 ----A---- C:\Windows\system32\apilogen.dll
2009-04-16 18:48:58 ----A---- C:\Windows\system32\amxread.dll
2009-04-16 18:48:50 ----A---- C:\Windows\system32\mshtml.dll
2009-04-16 18:48:47 ----A---- C:\Windows\system32\ieframe.dll
2009-04-16 18:48:45 ----A---- C:\Windows\system32\urlmon.dll
2009-04-16 18:48:44 ----A---- C:\Windows\system32\iertutil.dll
2009-04-16 18:48:44 ----A---- C:\Windows\system32\iedkcs32.dll
2009-04-16 18:48:43 ----A---- C:\Windows\system32\wininet.dll
2009-04-16 18:48:43 ----A---- C:\Windows\system32\msfeeds.dll
2009-04-16 18:48:42 ----A---- C:\Windows\system32\occache.dll
2009-04-16 18:48:42 ----A---- C:\Windows\system32\ieaksie.dll
2009-04-16 18:48:40 ----A---- C:\Windows\system32\ieUnatt.exe
2009-04-16 18:48:37 ----A---- C:\Windows\system32\ieencode.dll
2009-04-16 18:48:34 ----A---- C:\Windows\system32\mstime.dll
2009-04-16 18:48:32 ----A---- C:\Windows\system32\jsproxy.dll
2009-04-09 14:25:17 ----D---- C:\Users\Mehdi\AppData\Roaming\PeerNetworking
2009-04-09 11:27:49 ----D---- C:\Users\Mehdi\AppData\Roaming\WinRAR
2009-04-09 11:25:28 ----D---- C:\Program Files\WinRAR
2009-04-08 22:49:42 ----D---- C:\Users\Mehdi\AppData\Roaming\Hamachi
2009-04-08 22:46:55 ----D---- C:\Program Files\Hamachi
2009-04-06 12:45:32 ----A---- C:\Windows\system32\vtbgnivpqzwfpuw.dll

======List of files/folders modified in the last 2 months======

2009-06-05 23:32:51 ----D---- C:\Users\Mehdi\AppData\Roaming\LimeWire
2009-06-05 23:32:38 ----D---- C:\Windows\Temp
2009-06-05 23:31:23 ----RD---- C:\Program Files
2009-06-05 16:37:20 ----SHD---- C:\System Volume Information
2009-06-05 10:49:51 ----D---- C:\Windows\winsxs
2009-06-04 09:57:11 ----D---- C:\Windows\system32\catroot
2009-06-03 09:32:10 ----A---- C:\Users\Mehdi\AppData\Roaming\acervcmtmp.ini
2009-06-02 15:57:18 ----D---- C:\Windows
2009-05-28 23:16:17 ----D---- C:\Windows\System32
2009-05-28 09:02:48 ----SHD---- C:\Windows\Installer
2009-05-25 18:25:38 ----D---- C:\Windows\system32\drivers
2009-05-25 12:53:41 ----D---- C:\Windows\system32\catroot2
2009-05-24 18:26:39 ----D---- C:\Windows\inf
2009-05-24 18:17:10 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-05-24 18:15:00 ----D---- C:\ProgramData\NVIDIA
2009-05-20 19:28:52 ----D---- C:\Windows\Prefetch
2009-05-14 07:17:06 ----D---- C:\ProgramData\Microsoft Help
2009-05-14 07:17:05 ----RSD---- C:\Windows\assembly
2009-05-14 07:12:38 ----D---- C:\Program Files\Windows Mail
2009-05-11 18:37:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-05-06 10:17:34 ----D---- C:\Windows\Tasks
2009-05-03 12:33:05 ----D---- C:\Program Files\Mozilla Firefox
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvd3dum.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvapi.dll
2009-04-29 17:58:48 ----RSD---- C:\Windows\Fonts
2009-04-27 20:14:32 ----D---- C:\Program Files\Microsoft Games
2009-04-27 19:04:04 ----D---- C:\Windows\system32\Tasks
2009-04-27 12:22:42 ----SD---- C:\Users\Mehdi\AppData\Roaming\Microsoft
2009-04-27 12:22:42 ----D---- C:\Users\Mehdi\AppData\Roaming\Template
2009-04-27 00:42:48 ----A---- C:\Windows\system32\NVUNINST.EXE
2009-04-26 15:04:42 ----D---- C:\Program Files\Google
2009-04-26 15:02:43 ----D---- C:\Program Files\DivX
2009-04-26 14:59:56 ----D---- C:\Program Files\Common Files
2009-04-22 18:37:17 ----D---- C:\Program Files\McAfee
2009-04-21 17:44:59 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-20 16:40:51 ----D---- C:\Windows\Microsoft.NET
2009-04-20 12:26:15 ----D---- C:\Program Files\LimeWire
2009-04-19 23:25:35 ----D---- C:\Windows\rescache
2009-04-19 22:52:39 ----D---- C:\Windows\system32\fr-FR
2009-04-19 22:52:30 ----D---- C:\Windows\system32\XPSViewer
2009-04-19 22:52:30 ----D---- C:\Windows\system32\wbem
2009-04-19 22:52:30 ----D---- C:\Windows\system32\en-US
2009-04-19 15:14:36 ----D---- C:\Program Files\Acer GameZone
2009-04-17 18:01:06 ----D---- C:\Windows\system32\WDI
2009-04-17 10:10:23 ----D---- C:\Windows\system32\manifeststore
2009-04-17 10:10:22 ----D---- C:\Windows\AppPatch
2009-04-17 10:10:21 ----D---- C:\Program Files\Internet Explorer
2009-04-09 17:17:49 ----D---- C:\Users\Mehdi\AppData\Roaming\gtk-2.0
2009-04-09 17:16:01 ----A---- C:\Windows\system32\CmdLineExt.dll
2009-04-08 22:46:07 ----D---- C:\TEMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-03-25 214024]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2008-10-23 130424]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-07-18 61424]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-14 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-14 60464]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-19 8704]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-04-08 25280]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-26 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-26 207872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-07 2134424]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-09-04 47616]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-03-25 79880]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-03-25 35272]
R3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-03-25 34216]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-03-25 40552]
R3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
R3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-05-05 3658752]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-01-22 52768]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-04-30 9850016]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-06-23 62464]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-28 50576]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-26 661504]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-05-19 912384]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 netr73;Hercules Wireless USB Dongle Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 256000]
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-21 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2008-12-23 10240]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-14 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-09-05 3602432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-03-11 210216]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-01-08 797864]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-01-09 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-01-09 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-03-25 144704]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-03-19 884360]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-01-09 26640]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-07-18 196608]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-19 386560]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
R3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-04-01 365072]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-03-24 606736]
S2 gupdate1c9c66f42f6f480;Service Google Update (gupdate1c9c66f42f6f480); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-26 133104]
S2 pr2agqwc;Loki Drivers Auto Removal (pr2agqwc); C:\Windows\system32\pr2agqwc.exe [2007-05-18 407152]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-06 24064]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-28 137200]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

   
Répondre à Medmed

10

Guillaume5188, le 5 jun 2009 à 23:47:44

Re

=> Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
http://www.commentcamarche.net/faq/sujet 8343 vista desactiver l uac
* Va dans démarrer puis panneau de configuration
* Double Clique sur l'icône "Comptes d'utilisateurs"
* Clique ensuite sur désactiver et valide.


Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
http://eric.71.mespages.googlepages.com/ToolBarSD.exe

Lors du scan coupe ta connection internet.

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1. Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

8

Mr1224, le 5 jun 2009 à 23:37:12

Quel est ton anti-virus?

   
Répondre à Mr1224

9

Medmed, le 5 jun 2009 à 23:37:14

Voila mais il y a que le fichier log qui est afficher en bloc not il n'y a pas de info.txt :s

   
Répondre à Medmed

11

Medmed, le 5 jun 2009 à 23:52:28

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : ZK2 v0.3120 3A20
USER : Mehdi ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:41 Go)
D:\ (Local Disk) - NTFS - Total:140 Go (Free:22 Go)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 05/06/2009|23:50 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\ProgramData\Kiwee Toolbar
C:\ProgramData\Kiwee Toolbar\config
C:\ProgramData\Kiwee Toolbar\images
C:\ProgramData\Kiwee Toolbar\config\content_a.xml
C:\ProgramData\Kiwee Toolbar\config\content_ie.xml
C:\ProgramData\Kiwee Toolbar\config\content_m.xml
C:\ProgramData\Kiwee Toolbar\config\content_y.xml
C:\ProgramData\Kiwee Toolbar\config\logger.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIE.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_a.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_m.xml
C:\ProgramData\Kiwee Toolbar\config\toolbarIM_y.xml
C:\ProgramData\Kiwee Toolbar\images\allow.bmp
C:\ProgramData\Kiwee Toolbar\images\block.bmp
C:\ProgramData\Kiwee Toolbar\images\dontsend.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbardropdownmenu.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsHelprolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_bg.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm1rolloverbase_dp.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarsm2rolloverbase.bmp
C:\ProgramData\Kiwee Toolbar\images\im_toolbarstextrollover.bmp
C:\ProgramData\Kiwee Toolbar\images\kiwee_iconX16.ico
C:\ProgramData\Kiwee Toolbar\images\kiwee_iconX48.ico
C:\ProgramData\Kiwee Toolbar\images\send.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_eg.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_emoticons.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_eyeglass.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_gear.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_images.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_kiwee.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_msnlogo.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_news.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_text.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_videos.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_webshots.bmp
C:\ProgramData\Kiwee Toolbar\images\toolbar_winks.bmp
C:\ProgramData\Kiwee Toolbar\images\X.bmp
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar
C:\Program Files\Kiwee Toolbar
C:\Program Files\Kiwee Toolbar\2.8.167
C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll
C:\Program Files\Kiwee Toolbar\2.8.167\AolIMToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\firefox
C:\Program Files\Kiwee Toolbar\2.8.167\FlashCOM.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIMToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.tlb
C:\Program Files\Kiwee Toolbar\2.8.167\kiweetoolbar.zip
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\Program Files\Kiwee Toolbar\2.8.167\mfc80u.dll
C:\Program Files\Kiwee Toolbar\2.8.167\Microsoft.VC80.CRT.manifest
C:\Program Files\Kiwee Toolbar\2.8.167\Microsoft.VC80.MFC.manifest
C:\Program Files\Kiwee Toolbar\2.8.167\msimg32.dll
C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll
C:\Program Files\Kiwee Toolbar\2.8.167\msvcp80.dll
C:\Program Files\Kiwee Toolbar\2.8.167\msvcr80.dll
C:\Program Files\Kiwee Toolbar\2.8.167\RemoteLib.dll
C:\Program Files\Kiwee Toolbar\2.8.167\Riched20.dll
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome.manifest
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\firefox.xpi
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\install.rdf
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\chrome\kiweetoolbar.jar
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.xpt
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\KiweeSearchHistory.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.xpt
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences\defaults.js
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\manifest.mf
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.rsa
C:\Program Files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.sf

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://coramail.net/r5.php"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0908&m=aspire_6930g"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://fr.yahoo.com"
"Default_Page_URL"="http://fr.yahoo.com"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer
C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer\ .lnk
C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer\Uninstall Crack Installer.lnk
C:\Users\Mehdi\Incomplete\EZIH7CDIJ25N7KEZRJZVQ3H7Y7GQ76OO\The Sims 2 Complete Collection (.iso)\Crack & Patches.zip


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 05/06/2009|23:51 - Option : [1]

-----------\\ Fin du rapport a 23:51:45,95

   
Répondre à Medmed

12

Guillaume5188, le 5 jun 2009 à 23:58:45

Re

Relance ToolBar SD et passe à l'option 2
Poste moi le rapport stp merci.

Ensuite repostes un RSIT
Merci On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

13

Medmed, le 6 jun 2009 à 00:03:02

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : ZK2 v0.3120 3A20
USER : Mehdi ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:41 Go)
D:\ (Local Disk) - NTFS - Total:140 Go (Free:22 Go)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 05/06/2009|23:59 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\ProgramData\Kiwee Toolbar\config
Supprime! - C:\ProgramData\Kiwee Toolbar\images
Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Kiwee Toolbar
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll
Supprime! - C:\ProgramData\Kiwee Toolbar
Echec ! - C:\Program Files\Kiwee Toolbar

-----------\\ DEUXIEME PASSAGE

Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll
Echec ! - C:\Program Files\Kiwee Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\Kiwee Toolbar
C:\Program Files\Kiwee Toolbar\2.8.167
C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll
C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://coramail.net/r5.php"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0908&m=aspire_6930g"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://fr.yahoo.com"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer
C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer\ .lnk
C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer\Uninstall Crack Installer.lnk
C:\Users\Mehdi\Incomplete\EZIH7CDIJ25N7KEZRJZVQ3H7Y7GQ76OO\The Sims 2 Complete Collection (.iso)\Crack & Patches.zip


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 05/06/2009|23:51 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/06/2009| 0:01 - Option : [2]

-----------\\ Fin du rapport a 0:01:46,33

   
Répondre à Medmed

15

Guillaume5188, le 6 jun 2009 à 00:07:08

Re

Ferme ta connexion à internet(ton navigateur IE ou Firefox) et relance ToolbarSD option 2
et poste moi le rapport merci

On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

14

Medmed, le 6 jun 2009 à 00:05:56

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mehdi at 2009-06-06 00:05:05
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 43 GB (29%) free of 148 GB
Total RAM: 3066 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:05:08, on 06/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Crack Installer\groupmanager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
C:\Users\Mehdi\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.e­xe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\Acer\ACERBI~1\PdtWzd.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
c:\PROGRA~1\java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Mehdi\Documents\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Mehdi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0908&m=aspire_6930g
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://coramail.net/r5.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: TBSB05288 - {6714ADBD-C6C1-42A8-BD84-9C9339059421} - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: blueskyadagency browser enhancer - {D14D50D3-D990-C5DF-ED9A-AD1F344F60E4} - C:\Windows\system32\vtbgnivpqzwfpuw.dll
O2 - BHO: TBSB09835 - {D97FC677-694D-4A75-AC89-A5B85C2BCFED} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ECO Bar - {10000000-1000-1000-1000-100000000000} - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll
O3 - Toolbar: Bullseye Tool Bar - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MediaBarFileManager] C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [kggeczqlqm] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\vtbgnivpqzwfpuw.dll"
O4 - HKLM\..\Run: [GroupManager] C:\Program Files\Crack Installer\groupmanager.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: runit_32.lnk = C:\Program Files\runit\runit_32.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: WiFi Station pour Livebox.lnk = C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9c66f42f6f480) (gupdate1c9c66f42f6f480) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwc) (pr2agqwc) - Cyanide - C:\Windows\system32\pr2agqwc.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 16372 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-01-09 246800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6714ADBD-C6C1-42A8-BD84-9C9339059421}]
TBSB05288 Class - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll [2008-08-14 2484224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2009-03-25 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-14 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-28 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-28 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-28 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D14D50D3-D990-C5DF-ED9A-AD1F344F60E4}]
blueskyadagency browser enhancer - C:\Windows\system32\vtbgnivpqzwfpuw.dll [2009-04-06 396800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D97FC677-694D-4A75-AC89-A5B85C2BCFED}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-14 142896]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936]
{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-11-04 463872]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{10000000-1000-1000-1000-100000000000} - ECO Bar - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll [2008-08-14 2484224]
{6226BA26-C017-4007-928C-DE9715C6FA67} - Bullseye Tool Bar - C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll [2008-06-07 2404352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-07 6139904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-01-08 645328]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-14 526896]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-05-30 544768]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-06-04 817672]
"eRecoveryService"= []
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-08-01 405504]
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2008-09-05 3676160]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-07-24 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-07-24 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-07-18 167936]
"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-06 24064]
"MediaBarFileManager"=C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe [2007-06-25 30024]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"kggeczqlqm"=C:\Windows\System32\regsvr32.exe [2006-11-02 14336]
"GroupManager"=C:\Program Files\Crack Installer\groupmanager.exe [2009-04-03 32256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-06 68856]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"CurseClient"=C:\Program Files\Curse\CurseClient.exe [2008-10-10 4789760]
"VeohPlugin"=C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2008-11-04 3522296]
"Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2008-01-21 49664]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe

C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe
runit_32.lnk - C:\Program Files\runit\runit_32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2008-09-05 3197952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2008-03-25 567560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Acer Bio Protection\PwdFilter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 2 months======

2009-06-05 23:50:28 ----A---- C:\TB.txt
2009-06-05 23:49:15 ----D---- C:\ToolBar SD
2009-06-05 23:31:23 ----D---- C:\Program Files\trend micro
2009-06-05 23:31:22 ----D---- C:\rsit
2009-06-04 12:29:34 ----D---- C:\Program Files\Gameforge4D
2009-05-28 09:02:25 ----SHD---- C:\Config.Msi
2009-05-24 18:20:33 ----D---- C:\Windows\system32\AGEIA
2009-05-24 18:20:25 ----D---- C:\Program Files\AGEIA Technologies
2009-05-17 18:29:19 ----D---- C:\NVIDIA
2009-05-11 17:37:51 ----D---- C:\Program Files\EA GAMES
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvudisp.exe
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvoglv32.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcuvid.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcuvenc.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcuda.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcod146.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcod.dll
2009-04-29 17:58:44 ----D---- C:\Program Files\AbiSuite2
2009-04-26 14:59:56 ----D---- C:\Program Files\Common Files\DivX Shared
2009-04-21 17:53:20 ----D---- C:\Users\Mehdi\AppData\Roaming\Atari
2009-04-21 17:45:13 ----D---- C:\Program Files\Atari
2009-04-21 16:35:54 ----D---- C:\Windows\Crack Installer
2009-04-21 16:35:54 ----D---- C:\Program Files\Crack Installer
2009-04-21 16:35:29 ----A---- C:\Windows\Crack Installer Setup Log.txt
2009-04-21 16:35:24 ----A---- C:\Windows\hqfi71418.exe
2009-04-21 16:35:24 ----A---- C:\Windows\bqrd60258.exe
2009-04-21 16:35:19 ----A---- C:\Windows\jrqcm1023.exe
2009-04-21 16:35:14 ----A---- C:\Windows\geck7267.exe
2009-04-19 22:35:19 ----A---- C:\Windows\system32\infocardapi.dll
2009-04-19 22:35:18 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-19 22:35:16 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-04-19 22:35:16 ----A---- C:\Windows\system32\icardres.dll
2009-04-19 22:35:16 ----A---- C:\Windows\system32\icardagt.exe
2009-04-19 22:35:13 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-04-19 22:35:09 ----A---- C:\Windows\system32\PresentationHost.exe
2009-04-19 22:27:15 ----A---- C:\Windows\system32\dfshim.dll
2009-04-19 22:27:10 ----A---- C:\Windows\system32\mscoree.dll
2009-04-19 22:27:08 ----A---- C:\Windows\system32\netfxperf.dll
2009-04-19 22:26:45 ----A---- C:\Windows\system32\mscorier.dll
2009-04-19 22:26:38 ----A---- C:\Windows\system32\mscories.dll
2009-04-19 15:18:09 ----A---- C:\Windows\IsUninst.exe
2009-04-19 14:15:17 ----A---- C:\Windows\system32\5872deaa-cc78-47da-60d7-4daca51d2225.exe
2009-04-19 14:14:47 ----D---- C:\Program Files\IEToolbar
2009-04-19 14:14:42 ----A---- C:\Windows\wgfp4324.exe
2009-04-19 14:14:36 ----A---- C:\Windows\feoam2471.exe
2009-04-19 14:14:35 ----A---- C:\Windows\system32\lvhzhfywcrbhkxezz.exe
2009-04-19 14:14:33 ----D---- C:\Program Files\runit
2009-04-19 14:14:30 ----A---- C:\Windows\wnrr74340.exe
2009-04-19 14:14:28 ----A---- C:\Windows\jisf76802.exe
2009-04-19 14:14:03 ----A---- C:\Windows\lids88065.exe
2009-04-19 14:14:02 ----A---- C:\Windows\gpna8081.exe
2009-04-19 14:13:44 ----A---- C:\Windows\kdiue732.txt
2009-04-16 18:49:23 ----A---- C:\Windows\system32\winhttp.dll
2009-04-16 18:49:19 ----A---- C:\Windows\system32\xolehlp.dll
2009-04-16 18:49:19 ----A---- C:\Windows\system32\msdtcprx.dll
2009-04-16 18:49:09 ----A---- C:\Windows\system32\rpcss.dll
2009-04-16 18:49:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-04-16 18:49:08 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-04-16 18:49:07 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-16 18:49:06 ----A---- C:\Windows\system32\sdohlp.dll
2009-04-16 18:49:06 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-16 18:49:06 ----A---- C:\Windows\system32\iasrecst.dll
2009-04-16 18:49:06 ----A---- C:\Windows\system32\iasdatastore.dll
2009-04-16 18:49:05 ----A---- C:\Windows\system32\iashost.exe
2009-04-16 18:49:05 ----A---- C:\Windows\system32\iasads.dll
2009-04-16 18:48:59 ----A---- C:\Windows\system32\lsasrv.dll
2009-04-16 18:48:59 ----A---- C:\Windows\system32\kernel32.dll
2009-04-16 18:48:58 ----A---- C:\Windows\system32\secur32.dll
2009-04-16 18:48:58 ----A---- C:\Windows\system32\apilogen.dll
2009-04-16 18:48:58 ----A---- C:\Windows\system32\amxread.dll
2009-04-16 18:48:50 ----A---- C:\Windows\system32\mshtml.dll
2009-04-16 18:48:47 ----A---- C:\Windows\system32\ieframe.dll
2009-04-16 18:48:45 ----A---- C:\Windows\system32\urlmon.dll
2009-04-16 18:48:44 ----A---- C:\Windows\system32\iertutil.dll
2009-04-16 18:48:44 ----A---- C:\Windows\system32\iedkcs32.dll
2009-04-16 18:48:43 ----A---- C:\Windows\system32\wininet.dll
2009-04-16 18:48:43 ----A---- C:\Windows\system32\msfeeds.dll
2009-04-16 18:48:42 ----A---- C:\Windows\system32\occache.dll
2009-04-16 18:48:42 ----A---- C:\Windows\system32\ieaksie.dll
2009-04-16 18:48:40 ----A---- C:\Windows\system32\ieUnatt.exe
2009-04-16 18:48:37 ----A---- C:\Windows\system32\ieencode.dll
2009-04-16 18:48:34 ----A---- C:\Windows\system32\mstime.dll
2009-04-16 18:48:32 ----A---- C:\Windows\system32\jsproxy.dll
2009-04-09 14:25:17 ----D---- C:\Users\Mehdi\AppData\Roaming\PeerNetworking
2009-04-09 11:27:49 ----D---- C:\Users\Mehdi\AppData\Roaming\WinRAR
2009-04-09 11:25:28 ----D---- C:\Program Files\WinRAR
2009-04-08 22:49:42 ----D---- C:\Users\Mehdi\AppData\Roaming\Hamachi
2009-04-08 22:46:55 ----D---- C:\Program Files\Hamachi

======List of files/folders modified in the last 2 months======

2009-06-06 00:05:08 ----D---- C:\Windows\Temp
2009-06-06 00:05:07 ----D---- C:\Users\Mehdi\AppData\Roaming\LimeWire
2009-06-06 00:00:30 ----HD---- C:\ProgramData
2009-06-05 23:31:23 ----RD---- C:\Program Files
2009-06-05 16:37:20 ----SHD---- C:\System Volume Information
2009-06-05 10:49:51 ----D---- C:\Windows\winsxs
2009-06-04 09:57:11 ----D---- C:\Windows\system32\catroot
2009-06-03 09:32:10 ----A---- C:\Users\Mehdi\AppData\Roaming\acervcmtmp.ini
2009-06-02 15:57:18 ----D---- C:\Windows
2009-05-28 23:16:17 ----D---- C:\Windows\System32
2009-05-28 09:02:48 ----SHD---- C:\Windows\Installer
2009-05-25 18:25:38 ----D---- C:\Windows\system32\drivers
2009-05-25 12:53:41 ----D---- C:\Windows\system32\catroot2
2009-05-24 18:26:39 ----D---- C:\Windows\inf
2009-05-24 18:17:10 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-05-24 18:15:00 ----D---- C:\ProgramData\NVIDIA
2009-05-20 19:28:52 ----D---- C:\Windows\Prefetch
2009-05-14 07:17:06 ----D---- C:\ProgramData\Microsoft Help
2009-05-14 07:17:05 ----RSD---- C:\Windows\assembly
2009-05-14 07:12:38 ----D---- C:\Program Files\Windows Mail
2009-05-11 18:37:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-05-06 10:17:34 ----D---- C:\Windows\Tasks
2009-05-03 12:33:05 ----D---- C:\Program Files\Mozilla Firefox
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvd3dum.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvapi.dll
2009-04-29 17:58:48 ----RSD---- C:\Windows\Fonts
2009-04-27 20:14:32 ----D---- C:\Program Files\Microsoft Games
2009-04-27 19:04:04 ----D---- C:\Windows\system32\Tasks
2009-04-27 12:22:42 ----SD---- C:\Users\Mehdi\AppData\Roaming\Microsoft
2009-04-27 12:22:42 ----D---- C:\Users\Mehdi\AppData\Roaming\Template
2009-04-27 00:42:48 ----A---- C:\Windows\system32\NVUNINST.EXE
2009-04-26 15:04:42 ----D---- C:\Program Files\Google
2009-04-26 15:02:43 ----D---- C:\Program Files\DivX
2009-04-26 14:59:56 ----D---- C:\Program Files\Common Files
2009-04-22 18:37:17 ----D---- C:\Program Files\McAfee
2009-04-21 17:44:59 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-20 16:40:51 ----D---- C:\Windows\Microsoft.NET
2009-04-20 12:26:15 ----D---- C:\Program Files\LimeWire
2009-04-19 23:25:35 ----D---- C:\Windows\rescache
2009-04-19 22:52:39 ----D---- C:\Windows\system32\fr-FR
2009-04-19 22:52:30 ----D---- C:\Windows\system32\XPSViewer
2009-04-19 22:52:30 ----D---- C:\Windows\system32\wbem
2009-04-19 22:52:30 ----D---- C:\Windows\system32\en-US
2009-04-19 15:14:36 ----D---- C:\Program Files\Acer GameZone
2009-04-17 18:01:06 ----D---- C:\Windows\system32\WDI
2009-04-17 10:10:23 ----D---- C:\Windows\system32\manifeststore
2009-04-17 10:10:22 ----D---- C:\Windows\AppPatch
2009-04-17 10:10:21 ----D---- C:\Program Files\Internet Explorer
2009-04-09 17:17:49 ----D---- C:\Users\Mehdi\AppData\Roaming\gtk-2.0
2009-04-09 17:16:01 ----A---- C:\Windows\system32\CmdLineExt.dll
2009-04-08 22:46:07 ----D---- C:\TEMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-03-25 214024]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2008-10-23 130424]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-07-18 61424]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-14 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-14 60464]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-19 8704]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-04-08 25280]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-26 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-26 207872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-07 2134424]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-09-04 47616]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-03-25 79880]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-03-25 35272]
R3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-03-25 34216]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-03-25 40552]
R3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
R3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-05-05 3658752]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-01-22 52768]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-04-30 9850016]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-06-23 62464]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-28 50576]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-26 661504]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-05-19 912384]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 netr73;Hercules Wireless USB Dongle Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 256000]
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-21 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2008-12-23 10240]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-14 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-09-05 3602432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-03-11 210216]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-01-08 797864]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-01-09 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-01-09 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-03-25 144704]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-03-19 884360]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-01-09 26640]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-07-18 196608]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-19 386560]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
R3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-04-01 365072]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-03-24 606736]
S2 gupdate1c9c66f42f6f480;Service Google Update (gupdate1c9c66f42f6f480); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-26 133104]
S2 pr2agqwc;Loki Drivers Auto Removal (pr2agqwc); C:\Windows\system32\pr2agqwc.exe [2007-05-18 407152]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-06 24064]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-28 137200]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

   
Répondre à Medmed

16

Medmed, le 6 jun 2009 à 00:12:17

Voila SANS LA CONEXION INTERNET



-----------\\ ToolBar S&D 1.2.8 XP/Vista


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://coramail.net/r5.php"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0908&m=aspire_6930g"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://fr.yahoo.com"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : ZK2 v0.3120 3A20
USER : Mehdi ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:41 Go)
D:\ (Local Disk) - NTFS - Total:140 Go (Free:22 Go)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 06/06/2009| 0:10 )

[ UAC => 1 ]
--------------------\\ Cracks & Keygens ..

C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer
C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer\ .lnk
C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer\Uninstall Crack Installer.lnk
C:\Users\Mehdi\Incomplete\EZIH7CDIJ25N7KEZRJZVQ3H7Y7GQ76OO\The Sims 2 Complete Collection (.iso)\Crack & Patches.zip


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 05/06/2009|23:51 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/06/2009| 0:01 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 06/06/2009| 0:10 - Option : [2]

-----------\\ Fin du rapport a 0:10:49,72


-----------\\ SUPPRESSION

Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll
Echec ! - C:\Program Files\Kiwee Toolbar

-----------\\ DEUXIEME PASSAGE

Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll
Echec ! - C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll
Echec ! - C:\Program Files\Kiwee Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\Kiwee Toolbar
C:\Program Files\Kiwee Toolbar\2.8.167
C:\Program Files\Kiwee Toolbar\2.8.167\AGTBCore.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll
C:\Program Files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll
C:\Program Files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://coramail.net/r5.php"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0908&m=aspire_6930g"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://fr.yahoo.com"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer
C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer\ .lnk
C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crack Installer\Uninstall Crack Installer.lnk
C:\Users\Mehdi\Incomplete\EZIH7CDIJ25N7KEZRJZVQ3H7Y7GQ76OO\The Sims 2 Complete Collection (.iso)\Crack & Patches.zip


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 05/06/2009|23:51 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/06/2009| 0:01 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 06/06/2009| 0:10 - Option : [2]
4 - "C:\ToolBar SD\TB_4.txt" - 06/06/2009| 0:11 - Option : [2]

-----------\\ Fin du rapport a 0:11:26,58

   
Répondre à Medmed

17

Guillaume5188, le 6 jun 2009 à 08:29:28

Bonjour

Télécharges OTMoveIt3 (de Old_Timer) sur ton Bureau.

http://download.bleepingcomputer.com/oldtimer/OTMoveIt3.exe

! Déconnectes toi et fermes toute tes applications en cours !

Double cliques sur "OTMoveIt3.exe" pour ouvrir le programme.
Puis copies ce qui se trouve en gras ci-dessous:


:Processes
explorer.exe

:Services

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6714ADBD-C6C1-42A8-BD84-9C9339059421}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6714ADBD-C6C1-42A8-BD84-9C9339059421}]
[-HKEY_CLASSES_ROOT\CLSID\{10000000-1000-1000-1000-100000000000}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10000000-1000-1000-1000-100000000000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{10000000-1000-1000-1000-100000000000}"=-
[-HKEY_CLASSES_ROOT\CLSID\{6226BA26-C017-4007-928C-DE9715C6FA67}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6226BA26-C017-4007-928C-DE9715C6FA67}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6226BA26-C017-4007-928C-DE9715C6FA67}"=-



:files
c:\program files\agi
c:\program files\ietoolbar
c:\program files\runit\runit_32.exe


:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

et colles le dans le cadre de gauche de OTMoveIt3 :
Paste Instructions for Items to be Moved.
(ne touche à rien d'autre !)

-> cliques sur MoveIt! pour lancer la suppression.
-> laisses travailler l'outil ...

(Note : ton bureau va disparaître puis réapparaître, c'est normal.)

-> Une fois finis, un petite fenêtre s'ouvre : cliques sur " Yes " .

Ton PC va redémarrer de lui même ...

-->Postes le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

18

Medmed, le 6 jun 2009 à 09:13:56

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{0BC6E3FA-78EF-4886-842C-5A1258C445­5A} not found.
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BC6E3FA-78EF-488­6-842C-5A1258C4455A}\ .
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6714ADBD-C6C1-42A­8-BD84-9C9339059421}\\ .
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion­\Explorer\Browser Helper Objects\{6714ADBD-C6C1-42A8-BD84-9C9339059421}\\ .
Unable to delete registry key HKEY_CLASSES_ROOT\CLSID\{10000000-1000-1000-1000-10000000000­0}\\ .
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10000000-1000-100­0-1000-100000000000}\\ .
Unable to delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{10000000-1000-1000-1000-100000000000} .
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10000000-1000-100­0-1000-100000000000}\ .
Unable to delete registry key HKEY_CLASSES_ROOT\CLSID\{6226BA26-C017-4007-928C-DE9715C6FA6­7}\\ .
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6226BA26-C017-400­7-928C-DE9715C6FA67}\\ .
Unable to delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{6226BA26-C017-4007-928C-DE9715C6FA67} .
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6226BA26-C017-400­7-928C-DE9715C6FA67}\ .
========== FILES ==========
Folder move failed. c:\program files\AGI\tmp scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\xml\sax scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\xml\parsers scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\xml\etree scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\xml\dom scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\xml scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\logging scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\hotshot scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\encodings scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\email\mime scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\email scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\ctypes scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib\compiler scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\Lib scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25\DLLs scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\Python25 scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32comext\shell scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32comext\axcontrol scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32comext\authorization scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32comext\adsi scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32comext scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32com\server scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32com\client scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32com scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32\scripts scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32\lib scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\win32 scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore\search\provider scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore\search\algorithm scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore\search scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore\protection scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore\process scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore\lilw scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore\install\installers scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore\install\dependency scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore\install scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore\config scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\pyagcore scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\dateutil\zoneinfo scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\dateutil scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\comtypes\tools scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\comtypes\server scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\comtypes\gen scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\comtypes\client scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common\comtypes scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI\common scheduled to be moved on reboot.
Folder move failed. c:\program files\AGI scheduled to be moved on reboot.
Folder move failed. c:\program files\IEToolbar\ECO Bar scheduled to be moved on reboot.
Folder move failed. c:\program files\IEToolbar\Bullseye Tool Bar scheduled to be moved on reboot.
Folder move failed. c:\program files\IEToolbar scheduled to be moved on reboot.
File move failed. c:\program files\runit\runit_32.exe scheduled to be moved on reboot.
========== COMMANDS ==========
File delete failed. C:\Users\Mehdi\AppData\Local\Temp\hsperfdata_Mehdi\4452 scheduled to be deleted on reboot.
File delete failed. C:\Users\Mehdi\AppData\Local\Temp\RtkBtMnt.exe scheduled to be deleted on reboot.
File delete failed. C:\Users\Mehdi\AppData\Local\Temp\~DFADB2.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Mehdi\AppData\Local\Temp\~DFDD95.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 06062009_085844

   
Répondre à Medmed

19

Guillaume5188, le 6 jun 2009 à 09:24:57

Re

Ton PC a t-il redémarré?
Reposte un hijackthis stp merci On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

20

Medmed, le 6 jun 2009 à 09:26:15

Oui mon pc a redemarrer que ce que un hijackthis ? tu veux que je recommence la manipulation ?

   
Répondre à Medmed

21

Guillaume5188, le 6 jun 2009 à 09:32:51

Re

Non poste l'hijackthis merci On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

22

Medmed, le 6 jun 2009 à 09:36:06

Mais qu'e ce que c'est ? hijackthis ? :s je peux pas te posterquelques choses que je connais pas :s désoler je suis pas super calé en informatique :(

   
Répondre à Medmed

23

Guillaume5188, le 6 jun 2009 à 09:39:46

Re

Autant pour moi c'est un RSIT ;-) On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

24

Medmed, le 6 jun 2009 à 09:42:12

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mehdi at 2009-06-06 09:41:17
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 44 GB (30%) free of 148 GB
Total RAM: 3066 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:41:31, on 06/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Users\Mehdi\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\regsvr32.exe
C:\Program Files\Crack Installer\groupmanager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
C:\Program Files\Hamachi\hamachi.exe
C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Mehdi\Documents\Downloads\RSIT (2).exe
C:\Program Files\trend micro\Mehdi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=0908&m=aspire_6930g
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://coramail.net/r5.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: TBSB05288 - {6714ADBD-C6C1-42A8-BD84-9C9339059421} - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: blueskyadagency browser enhancer - {D14D50D3-D990-C5DF-ED9A-AD1F344F60E4} - C:\Windows\system32\vtbgnivpqzwfpuw.dll
O2 - BHO: TBSB09835 - {D97FC677-694D-4A75-AC89-A5B85C2BCFED} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ECO Bar - {10000000-1000-1000-1000-100000000000} - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll
O3 - Toolbar: Bullseye Tool Bar - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MediaBarFileManager] C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [kggeczqlqm] C:\Windows\System32\regsvr32.exe /s "C:\Windows\system32\vtbgnivpqzwfpuw.dll"
O4 - HKLM\..\Run: [GroupManager] C:\Program Files\Crack Installer\groupmanager.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: runit_32.lnk = C:\Program Files\runit\runit_32.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: WiFi Station pour Livebox.lnk = C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9c66f42f6f480) (gupdate1c9c66f42f6f480) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwc) (pr2agqwc) - Cyanide - C:\Windows\system32\pr2agqwc.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 16123 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-01-09 246800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6714ADBD-C6C1-42A8-BD84-9C9339059421}]
TBSB05288 Class - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll [2008-08-14 2484224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2009-03-25 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-14 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-28 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-28 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-28 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D14D50D3-D990-C5DF-ED9A-AD1F344F60E4}]
blueskyadagency browser enhancer - C:\Windows\system32\vtbgnivpqzwfpuw.dll [2009-04-06 396800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D97FC677-694D-4A75-AC89-A5B85C2BCFED}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-14 142896]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-05-15 817936]
{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-11-04 463872]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{10000000-1000-1000-1000-100000000000} - ECO Bar - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll [2008-08-14 2484224]
{6226BA26-C017-4007-928C-DE9715C6FA67} - Bullseye Tool Bar - C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll [2008-06-07 2404352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-07 6139904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-01-08 645328]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-14 526896]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-05-30 544768]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-06-04 817672]
"eRecoveryService"= []
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-08-01 405504]
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2008-09-05 3676160]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-07-24 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-07-24 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-07-18 167936]
"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-06 24064]
"MediaBarFileManager"=C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe [2007-06-25 30024]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"kggeczqlqm"=C:\Windows\System32\regsvr32.exe [2006-11-02 14336]
"GroupManager"=C:\Program Files\Crack Installer\groupmanager.exe [2009-04-03 32256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-06 68856]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"CurseClient"=C:\Program Files\Curse\CurseClient.exe [2008-10-10 4789760]
"VeohPlugin"=C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2008-11-04 3522296]
"Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2008-01-21 49664]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiLB.exe

C:\Users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe
runit_32.lnk - C:\Program Files\runit\runit_32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2008-09-05 3197952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2008-03-25 567560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Acer Bio Protection\PwdFilter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 2 months======

2009-06-06 09:03:04 ----D---- C:\ProgramData\Kiwee Toolbar
2009-06-06 08:58:44 ----D---- C:\_OTMoveIt
2009-06-05 23:50:28 ----A---- C:\TB.txt
2009-06-05 23:49:15 ----D---- C:\ToolBar SD
2009-06-05 23:31:23 ----D---- C:\Program Files\trend micro
2009-06-05 23:31:22 ----D---- C:\rsit
2009-06-04 12:29:34 ----D---- C:\Program Files\Gameforge4D
2009-05-28 09:02:25 ----SHD---- C:\Config.Msi
2009-05-24 18:20:33 ----D---- C:\Windows\system32\AGEIA
2009-05-24 18:20:25 ----D---- C:\Program Files\AGEIA Technologies
2009-05-17 18:29:19 ----D---- C:\NVIDIA
2009-05-11 17:37:51 ----D---- C:\Program Files\EA GAMES
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvudisp.exe
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvoglv32.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcuvid.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcuvenc.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcuda.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcod146.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvcod.dll
2009-04-29 17:58:44 ----D---- C:\Program Files\AbiSuite2
2009-04-26 14:59:56 ----D---- C:\Program Files\Common Files\DivX Shared
2009-04-21 17:53:20 ----D---- C:\Users\Mehdi\AppData\Roaming\Atari
2009-04-21 17:45:13 ----D---- C:\Program Files\Atari
2009-04-21 16:35:54 ----D---- C:\Windows\Crack Installer
2009-04-21 16:35:54 ----D---- C:\Program Files\Crack Installer
2009-04-21 16:35:29 ----A---- C:\Windows\Crack Installer Setup Log.txt
2009-04-21 16:35:24 ----A---- C:\Windows\hqfi71418.exe
2009-04-21 16:35:24 ----A---- C:\Windows\bqrd60258.exe
2009-04-21 16:35:19 ----A---- C:\Windows\jrqcm1023.exe
2009-04-21 16:35:14 ----A---- C:\Windows\geck7267.exe
2009-04-19 22:35:19 ----A---- C:\Windows\system32\infocardapi.dll
2009-04-19 22:35:18 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-19 22:35:16 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-04-19 22:35:16 ----A---- C:\Windows\system32\icardres.dll
2009-04-19 22:35:16 ----A---- C:\Windows\system32\icardagt.exe
2009-04-19 22:35:13 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-04-19 22:35:09 ----A---- C:\Windows\system32\PresentationHost.exe
2009-04-19 22:27:15 ----A---- C:\Windows\system32\dfshim.dll
2009-04-19 22:27:10 ----A---- C:\Windows\system32\mscoree.dll
2009-04-19 22:27:08 ----A---- C:\Windows\system32\netfxperf.dll
2009-04-19 22:26:45 ----A---- C:\Windows\system32\mscorier.dll
2009-04-19 22:26:38 ----A---- C:\Windows\system32\mscories.dll
2009-04-19 15:18:09 ----A---- C:\Windows\IsUninst.exe
2009-04-19 14:15:17 ----A---- C:\Windows\system32\5872deaa-cc78-47da-60d7-4daca51d2225.exe
2009-04-19 14:14:47 ----D---- C:\Program Files\IEToolbar
2009-04-19 14:14:42 ----A---- C:\Windows\wgfp4324.exe
2009-04-19 14:14:36 ----A---- C:\Windows\feoam2471.exe
2009-04-19 14:14:35 ----A---- C:\Windows\system32\lvhzhfywcrbhkxezz.exe
2009-04-19 14:14:33 ----D---- C:\Program Files\runit
2009-04-19 14:14:30 ----A---- C:\Windows\wnrr74340.exe
2009-04-19 14:14:28 ----A---- C:\Windows\jisf76802.exe
2009-04-19 14:14:03 ----A---- C:\Windows\lids88065.exe
2009-04-19 14:14:02 ----A---- C:\Windows\gpna8081.exe
2009-04-19 14:13:44 ----A---- C:\Windows\kdiue732.txt
2009-04-16 18:49:23 ----A---- C:\Windows\system32\winhttp.dll
2009-04-16 18:49:19 ----A---- C:\Windows\system32\xolehlp.dll
2009-04-16 18:49:19 ----A---- C:\Windows\system32\msdtcprx.dll
2009-04-16 18:49:09 ----A---- C:\Windows\system32\rpcss.dll
2009-04-16 18:49:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-04-16 18:49:08 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-04-16 18:49:07 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-04-16 18:49:06 ----A---- C:\Windows\system32\sdohlp.dll
2009-04-16 18:49:06 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-04-16 18:49:06 ----A---- C:\Windows\system32\iasrecst.dll
2009-04-16 18:49:06 ----A---- C:\Windows\system32\iasdatastore.dll
2009-04-16 18:49:05 ----A---- C:\Windows\system32\iashost.exe
2009-04-16 18:49:05 ----A---- C:\Windows\system32\iasads.dll
2009-04-16 18:48:59 ----A---- C:\Windows\system32\lsasrv.dll
2009-04-16 18:48:59 ----A---- C:\Windows\system32\kernel32.dll
2009-04-16 18:48:58 ----A---- C:\Windows\system32\secur32.dll
2009-04-16 18:48:58 ----A---- C:\Windows\system32\apilogen.dll
2009-04-16 18:48:58 ----A---- C:\Windows\system32\amxread.dll
2009-04-16 18:48:50 ----A---- C:\Windows\system32\mshtml.dll
2009-04-16 18:48:47 ----A---- C:\Windows\system32\ieframe.dll
2009-04-16 18:48:45 ----A---- C:\Windows\system32\urlmon.dll
2009-04-16 18:48:44 ----A---- C:\Windows\system32\iertutil.dll
2009-04-16 18:48:44 ----A---- C:\Windows\system32\iedkcs32.dll
2009-04-16 18:48:43 ----A---- C:\Windows\system32\wininet.dll
2009-04-16 18:48:43 ----A---- C:\Windows\system32\msfeeds.dll
2009-04-16 18:48:42 ----A---- C:\Windows\system32\occache.dll
2009-04-16 18:48:42 ----A---- C:\Windows\system32\ieaksie.dll
2009-04-16 18:48:40 ----A---- C:\Windows\system32\ieUnatt.exe
2009-04-16 18:48:37 ----A---- C:\Windows\system32\ieencode.dll
2009-04-16 18:48:34 ----A---- C:\Windows\system32\mstime.dll
2009-04-16 18:48:32 ----A---- C:\Windows\system32\jsproxy.dll
2009-04-09 14:25:17 ----D---- C:\Users\Mehdi\AppData\Roaming\PeerNetworking
2009-04-09 11:27:49 ----D---- C:\Users\Mehdi\AppData\Roaming\WinRAR
2009-04-09 11:25:28 ----D---- C:\Program Files\WinRAR
2009-04-08 22:49:42 ----D---- C:\Users\Mehdi\AppData\Roaming\Hamachi
2009-04-08 22:46:55 ----D---- C:\Program Files\Hamachi

======List of files/folders modified in the last 2 months======

2009-06-06 09:41:19 ----D---- C:\Windows\Temp
2009-06-06 09:10:08 ----D---- C:\Users\Mehdi\AppData\Roaming\LimeWire
2009-06-06 09:09:55 ----A---- C:\Users\Mehdi\AppData\Roaming\acervcmtmp.ini
2009-06-06 09:03:04 ----HD---- C:\ProgramData
2009-06-06 09:02:12 ----SHD---- C:\System Volume Information
2009-06-05 23:31:23 ----RD---- C:\Program Files
2009-06-05 10:49:51 ----D---- C:\Windows\winsxs
2009-06-04 09:57:11 ----D---- C:\Windows\system32\catroot
2009-06-02 15:57:18 ----D---- C:\Windows
2009-05-28 23:16:17 ----D---- C:\Windows\System32
2009-05-28 09:02:48 ----SHD---- C:\Windows\Installer
2009-05-25 18:25:38 ----D---- C:\Windows\system32\drivers
2009-05-25 12:53:41 ----D---- C:\Windows\system32\catroot2
2009-05-24 18:26:39 ----D---- C:\Windows\inf
2009-05-24 18:17:10 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-05-24 18:15:00 ----D---- C:\ProgramData\NVIDIA
2009-05-20 19:28:52 ----D---- C:\Windows\Prefetch
2009-05-14 07:17:06 ----D---- C:\ProgramData\Microsoft Help
2009-05-14 07:17:05 ----RSD---- C:\Windows\assembly
2009-05-14 07:12:38 ----D---- C:\Program Files\Windows Mail
2009-05-11 18:37:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-05-06 10:17:34 ----D---- C:\Windows\Tasks
2009-05-03 12:33:05 ----D---- C:\Program Files\Mozilla Firefox
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvd3dum.dll
2009-04-30 22:02:00 ----A---- C:\Windows\system32\nvapi.dll
2009-04-29 17:58:48 ----RSD---- C:\Windows\Fonts
2009-04-27 20:14:32 ----D---- C:\Program Files\Microsoft Games
2009-04-27 19:04:04 ----D---- C:\Windows\system32\Tasks
2009-04-27 12:22:42 ----SD---- C:\Users\Mehdi\AppData\Roaming\Microsoft
2009-04-27 12:22:42 ----D---- C:\Users\Mehdi\AppData\Roaming\Template
2009-04-27 00:42:48 ----A---- C:\Windows\system32\NVUNINST.EXE
2009-04-26 15:04:42 ----D---- C:\Program Files\Google
2009-04-26 15:02:43 ----D---- C:\Program Files\DivX
2009-04-26 14:59:56 ----D---- C:\Program Files\Common Files
2009-04-22 18:37:17 ----D---- C:\Program Files\McAfee
2009-04-21 17:44:59 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-20 16:40:51 ----D---- C:\Windows\Microsoft.NET
2009-04-20 12:26:15 ----D---- C:\Program Files\LimeWire
2009-04-19 23:25:35 ----D---- C:\Windows\rescache
2009-04-19 22:52:39 ----D---- C:\Windows\system32\fr-FR
2009-04-19 22:52:30 ----D---- C:\Windows\system32\XPSViewer
2009-04-19 22:52:30 ----D---- C:\Windows\system32\wbem
2009-04-19 22:52:30 ----D---- C:\Windows\system32\en-US
2009-04-19 15:14:36 ----D---- C:\Program Files\Acer GameZone
2009-04-17 18:01:06 ----D---- C:\Windows\system32\WDI
2009-04-17 10:10:23 ----D---- C:\Windows\system32\manifeststore
2009-04-17 10:10:22 ----D---- C:\Windows\AppPatch
2009-04-17 10:10:21 ----D---- C:\Program Files\Internet Explorer
2009-04-09 17:17:49 ----D---- C:\Users\Mehdi\AppData\Roaming\gtk-2.0
2009-04-09 17:16:01 ----A---- C:\Windows\system32\CmdLineExt.dll
2009-04-08 22:46:07 ----D---- C:\TEMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-03-25 214024]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2008-10-23 130424]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-07-18 61424]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-14 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-14 60464]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-19 8704]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-04-08 25280]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-26 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-26 207872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-07 2134424]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-09-04 47616]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-03-25 79880]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-03-25 35272]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-03-25 40552]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-05-05 3658752]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-01-22 52768]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-04-30 9850016]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-06-23 62464]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-28 50576]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-26 661504]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-05-19 912384]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-03-25 34216]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 netr73;Hercules Wireless USB Dongle Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2007-01-31 256000]
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-21 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2008-12-23 10240]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-14 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-09-05 3602432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-03-11 210216]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-01-08 797864]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-01-09 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-01-09 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-03-25 144704]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-03-19 884360]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-01-09 26640]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-07-18 196608]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-19 386560]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-03-24 606736]
S2 gupdate1c9c66f42f6f480;Service Google Update (gupdate1c9c66f42f6f480); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-26 133104]
S2 pr2agqwc;Loki Drivers Auto Removal (pr2agqwc); C:\Windows\system32\pr2agqwc.exe [2007-05-18 407152]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-06 24064]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-28 137200]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-04-01 365072]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

   
Répondre à Medmed

25

Guillaume5188, le 6 jun 2009 à 09:50:49

Re

1)Télécharge Malwarebytes anti malware ici
http://www.malwarebytes.org/mbam.php

* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : http://www.malekal.com/download/comctl32.ocx

* Potasse le tuto pour te familiariser avec le prg :

http://forum.pcastuces.com/sujet.asp?f=31&s=3

(cela dis, il est très simple d’utilisation).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's .

Fais un examen dit "Complet" .

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

2)Fait un scan complet avec ton antivirus
et poste moi le rapport à l'issu

@+
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

26

Medmed, le 6 jun 2009 à 09:58:35

Erf je doit l'acheter forcement ? :s

   
Répondre à Medmed

27

Guillaume5188, le 6 jun 2009 à 10:02:14

Re

Non ,tu as un onglet "Download free version" ;tu cliques dessus.

@+ On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188

28

Medmed, le 6 jun 2009 à 10:22:47

Merci

   
Répondre à Medmed

29

Medmed, le 6 jun 2009 à 11:55:35

Heu depuis que j'ai fait les manipulation que tu ma dit j'ai plus msn un message d'erreur apparait en spam toutes les 10 seconde


A Kiwee Heads Up: There was an error with Yahoo Messenger and your Kiwee Toolbar needs to go bye-bye for now.

Would you like to send this error message in order to help us improve the toolbar?


comment je fait ? c'est trés genant :s

   
Répondre à Medmed

30

Guillaume5188, le 6 jun 2009 à 12:06:27

Re

As tu fait malwaresbytes?
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.

   
Répondre à Guillaume5188
38 réponses 12 Suivant
Posez votre question Répondre
Ils ont besoin de votre aide