Aller au contenu

kareem77

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    8

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par kareem77

  1. kareem77
    Bonsoir Falkra, Voici la nature du problème que j'ai trouvé dans le centre de sécurité de Windows, il y a un grand nombre de post de ce type sur le net mais je n'ai trouvé aucun sujet apportant de solutions précises. J'espère que vous en avez une !!!!!! Signature du problème Nom d’événement du problème : APPCRASH Nom de l’application: OUTLOOK.EXE Version de l’application: 12.0.6316.5000 Horodatage de l'application: 4833a470 Nom du module par défaut: ntdll.dll Version du module par défaut: 6.0.6001.18000 Horodateur du module par défaut: 4791a7a6 Code de l’exception: c0000005 Décalage de l’exception: 000599cb Version du système: 6.0.6001.2.1.0.768.3 Identificateur de paramètres régionaux: 1036 Information supplémentaire n° 1: 33e8 Information supplémentaire n° 2: c4f2c7d8f46049ef79785646a8970ae4 Information supplémentaire n° 3: 0b24 Information supplémentaire n° 4: ae721e7da83a54ebc5c4c0f9d0549293
  2. kareem77
    Voici le taport TB.txt Supprime! - C:\Program Files\AskTBar\bar Supprime! - C:\Program Files\AskTBar -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\Windows\\system32\\blank.htm" "Search Page"="http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com"'>http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com" "Start Page"="http://www.google.fr/"'>http://www.google.fr/" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720"'>http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/"'>http://www.msn.com/" "Default_Page_URL"="http://fr.fr.acer.yahoo.com"'>http://fr.fr.acer.yahoo.com" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [ UAC => 1 ] 1 - "C:\ToolBar SD\TB_1.txt" - 08/09/2008|17:51 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 08/09/2008|18:45 - Option : [2] -----------\\ Fin du rapport a 18:45:02,06 Et voila le rapport Hijack Supprime! - C:\Program Files\AskTBar\bar Supprime! - C:\Program Files\AskTBar -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\Windows\\system32\\blank.htm" "Search Page"="http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com" "Start Page"="http://www.google.fr/" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Default_Page_URL"="http://fr.fr.acer.yahoo.com" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [ UAC => 1 ] 1 - "C:\ToolBar SD\TB_1.txt" - 08/09/2008|17:51 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 08/09/2008|18:45 - Option : [2] -----------\\ Fin du rapport a 18:45:02,06 Pardon voici le dernier rapport Hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:46:06, on 08/09/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Windows\System32\rundll32.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Windows\RtHDVCpl.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\ehome\ehtray.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Windows\System32\rundll32.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Registry Mechanic\regmech.exe C:\Users\Karim\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Windows\system32\cmd.exe C:\Windows\system32\conime.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\WinZip\WINZIP32.EXE C:\Users\Karim\Documents\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\rmtray.exe /H O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU) O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - AppInit_DLLs: eNetHook.dll O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 8574 bytes
  3. kareem77
    Bonjour, Voici le rapport que j'obtiens -----------\\ ToolBar S&D 1.1.8 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : Intel® Core2 Duo CPU T5450 @ 1.66GHz ) BIOS : ZD1 v0.3508 3E08 USER : Karim ( Administrator ) BOOT : Normal boot Antivirus : Bitdefender Antivirus 8.0 (Activated) Firewall : Bitdefender Firewall 8.0 (Activated) "C:\ToolBar SD" ( MAJ : 07-09-2008|12:20 ) Option : [1] ( 08/09/2008|17:50 ) [ UAC => 0 ] -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskTBar C:\Program Files\AskTBar\bar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\Windows\\system32\\blank.htm" "Search Page"="http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com" "Start Page"="http://www.google.fr/" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://fr.fr.acer.yahoo.com"'>http://fr.fr.acer.yahoo.com" "Default_Page_URL"="http://fr.fr.acer.yahoo.com" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [ UAC => 1 ] 1 - "C:\ToolBar SD\TB_1.txt" - 08/09/2008|17:51 - Option : [1] -----------\\ Fin du rapport a 17:51:27,22 Merci pour votre aide
  4. kareem77
    Bonsoir, J'essaie d'executer RSIT, mais il bloque sur performing registry dump, la barre ne progresse pas. Je précise quand même que je n'ai plus le code erreur du début (0x80000003), néanmoins lorsque j'ouvre Outlook, une fenêtre m'indique que le programme va s'arreter, mais en fermant cette fenêtre, Outlook s'ouvre quand même; je reçois bien mes emails, mais je ne peux faire aucun paramétrage, changer le papier à lettre, les polices, etc..... Je post donc mon nouveau rapport Hijackthis, en esperant que vous puissiez m'aidez. Merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:27:00, on 07/09/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Windows\System32\rundll32.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Windows\System32\rundll32.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Windows\RtHDVCpl.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\ehome\ehtray.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Users\Karim\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Users\Karim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGIRMBHP\WLinstaller[1].exe C:\Program Files\Windows Live\installer\Dashboard.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Karim\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\rmtray.exe /H O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - AppInit_DLLs: eNetHook.dll O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 8864 bytes
  5. kareem77
    Bonjour, Maintenant, je fais quoi, j'ai toujours le problème. Merci de bien vouloir m'aider svp
  6. kareem77
    Bonsoir Falkra, Merci pour le tuyau, voici ce que j'obtiens, espérons que les dieux de l'informatique me seront favorable, c'est frustrant de ne pouvoir utiliser un logiciel acheter + de 500 € MSNFix 1.736 C:\Users\Karim\Desktop\MSNFix\MSNFix Fix exécuté le 31/07/2008 - 20:01:27,29 By Karim mode normal ************************ Recherche les fichiers présents Aucun Fichier trouvé ************************ Recherche les dossiers présents Aucun dossier trouvé ************************ Fichiers suspects /!\ ces fichiers nécessitent un avis expérimenté avant toute intervention [C:\junction.exe] B25B81716AACA69EECD0EEDBF7891AD1 ==> SVP merci d'envoyer le fichier C:\Users\Karim\Desktop\Upload_Me.zip sur http://upload.changelog.fr ************************ HKLM\...\Winlogon\Userinit Userinit = C:\Windows\system32\userinit.exe, ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END ---------------------------------------------
  7. kareem77
  8. kareem77
    Bonjour à tous, Je viens de scanner mon PC avec Hijack et voila ce que j'obtiens, quelqu'un peut-il venir à mon secours. Deckard's System Scanner v20071014.68 Run by Karim on 2008-07-29 18:07:20 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 17: 2008-07-18 20:29:11 UTC - RP94 - Installed Windows Live 16: 2008-07-18 20:28:17 UTC - RP93 - Installé Windows Live installer 15: 2008-07-18 20:23:20 UTC - RP92 - Installed Adobe Reader 9 - Français. 14: 2008-07-18 19:18:04 UTC - RP91 - Configured Microsoft Office Professional Plus 2007 13: 2008-07-18 19:00:30 UTC - RP89 - Windows Update -- First Restore Point -- 1: 2008-07-17 20:04:08 UTC - RP69 - Windows Update Backed up registry hives. Performed disk cleanup. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-07-29 18:09:26 Platform: Windows Vista Service Pack 1 (6.00.6001) MSIE: Internet Explorer (7.00.6000.16386) Boot mode: Normal Running processes: C:\Windows\System32\taskeng.exe C:\Windows\System32\dwm.exe C:\Windows\explorer.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Windows\System32\rundll32.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Acer\Empowering Technology\eNet\eNMTray.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe C:\Users\Karim\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe C:\Windows\System32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Karim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SH8G7V62\dss[1].exe C:\Windows\System32\conime.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: eNetHook.dll O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 6508 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 BDSelfPr - \??\c:\program files\bitdefender\bitdefender 2008\bdselfpr.sys S0 OemBiosDevice (Royalty OEM Bios Extension) - c:\windows\system32\drivers\royal.sys <Not Verified; PARADOX; SLP Kernel-Mode Driver> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 eLockService (eLock Service) - c:\acer\empowering technology\elock\service\elockserv.exe <Not Verified; Acer Inc.; Acer eLock Management> R2 eNet Service - c:\acer\empowering technology\enet\enet service.exe <Not Verified; Acer Inc.; Acer eNet Management> R2 eSettingsService (eSettings Service) - c:\acer\empowering technology\esettings\service\capuserv.exe <Not Verified; ; Service> R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module> R2 WMIService (ePower Service) - c:\acer\empowering technology\epower\epowersvc.exe <Not Verified; acer; Acer ePower Management> S2 MobilityService - c:\acer\mobility center\mobilityservice.exe -p -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Broadcom NetLink Gigabit Ethernet Device ID: PCI\VEN_14E4&DEV_1693&SUBSYS_01211025&REV_02\4&FED8DA8&0&00E5 Manufacturer: Broadcom Name: Broadcom NetLink Gigabit Ethernet PNP Device ID: PCI\VEN_14E4&DEV_1693&SUBSYS_01211025&REV_02\4&FED8DA8&0&00E5 Service: b57nd60x -- Scheduled Tasks ------------------------------------------------------------- 2008-07-29 17:54:04 270 --a------ C:\Windows\Tasks\Uniblue SpeedUpMyPC Nag.job 2008-07-17 21:31:49 392 --a------ C:\Windows\Tasks\Uniblue SpeedUpMyPC.job -- Files created between 2008-06-29 and 2008-07-29 ----------------------------- 2008-07-18 22:28:35 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller 2008-07-18 22:28:29 0 d-------- C:\Program Files\Windows Live 2008-07-18 22:28:14 0 d-------- C:\Users\All Users\WLInstaller 2008-07-18 22:27:18 0 d-------- C:\Program Files\VideoLAN 2008-07-18 22:26:21 0 d-------- C:\Program Files\CCleaner 2008-07-18 22:24:22 0 d-------- C:\Users\All Users\Adobe 2008-07-18 22:23:59 0 d-------- C:\Program Files\Common Files\Adobe 2008-07-18 21:25:58 0 --a------ C:\Windows\nsreg.dat 2008-07-18 21:25:28 0 d-------- C:\Program Files\Mozilla Thunderbird 2008-07-18 20:43:02 0 d-------- C:\Program Files\Microsoft Works 2008-07-18 20:41:42 0 d-------- C:\Windows\PCHEALTH 2008-07-18 20:41:42 0 d-------- C:\Program Files\Microsoft.NET 2008-07-18 20:36:06 0 dr-h----- C:\MSOCache 2008-07-18 19:30:01 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-07-18 19:18:20 0 d-------- C:\Windows\system32\RTCOM 2008-07-18 19:17:19 0 d-------- C:\Program Files\Realtek 2008-07-18 19:17:07 520192 --a------ C:\Windows\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library> 2008-07-18 19:17:07 315392 --a------ C:\Windows\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program> 2008-07-18 18:22:55 245810 --a------ C:\Windows\system32\RTFHTML.DLL <Not Verified; Microsoft Corporation; Microsoft Outlook> 2008-07-17 21:25:07 0 d-------- C:\Program Files\MSXML 4.0 2008-07-17 06:17:37 0 d-------- C:\Windows\Options 2008-07-16 21:43:15 83554304 --a------ C:\Windows\system32\acer.scr 2008-07-16 21:43:02 71965468 --a------ C:\Windows\system32\acer.exe <Not Verified; Macromedia, Inc.; Shockwave Flash> 2008-07-16 21:42:58 0 d-------- C:\Program Files\Acer Inc 2008-07-16 21:42:54 0 d-------- C:\Windows\ACER 2008-07-16 21:41:18 0 d-------- C:\Windows\system32\i386 2008-07-16 21:38:48 0 d-------- C:\Users\All Users\CyberLink 2008-07-16 21:38:01 82432 --a------ C:\Windows\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1> 2008-07-16 21:38:01 44544 --a------ C:\Windows\system32\msxml4a.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1> 2008-07-16 21:36:30 0 d-------- C:\Program Files\CyberLink 2008-07-16 21:34:55 0 d-------- C:\Program Files\Acer Arcade Deluxe 2008-07-16 21:32:40 6080 --a------ C:\Windows\system32\drivers\zntport.sys <Not Verified; Zeal SoftStudio; NTPort Library> 2008-07-16 21:32:40 8704 --a------ C:\Windows\system32\drivers\TVicPort64.sys <Not Verified; EnTech Taiwan; TVicPort Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64> 2008-07-16 21:32:40 14544 --a------ C:\Windows\system32\drivers\TVicPort.sys <Not Verified; EnTech Taiwan; TVicPort Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64> 2008-07-16 21:28:43 0 d-------- C:\Program Files\Acer Assist 2008-07-16 20:10:44 0 d-------- C:\Users\All Users\Microsoft Help 2008-07-16 19:52:42 0 d-------- C:\Users\All Users\NVIDIA 2008-07-15 21:19:31 0 d-------- C:\Program Files\Microsoft Silverlight 2008-07-15 20:32:24 152576 --a------ C:\Windows\system32\SPWizUI.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®> 2008-07-15 20:08:03 0 d-------- C:\Windows\system32\Macromed 2008-07-14 21:22:52 81984 --a------ C:\Windows\system32\bdod.bin 2008-07-14 21:17:40 0 d-------- C:\Program Files\MSECache 2008-07-14 20:46:11 0 d-------- C:\Users\All Users\BitDefender 2008-07-14 20:46:11 0 d-------- C:\Program Files\BitDefender 2008-07-14 20:41:50 0 d-------- C:\Program Files\Common Files\BitDefender 2008-07-14 20:14:50 240128 --a------ C:\Windows\system32\drivers\royal.sys <Not Verified; PARADOX; SLP Kernel-Mode Driver> 2008-07-14 20:02:59 65536 --a------ C:\Windows\system32\NATTraversal.dll 2008-07-14 13:09:56 0 d-------- C:\Windows\Panther 2008-07-14 13:09:09 0 d-------- C:\Windows\Debug 2008-07-14 13:09:08 57344 --a------ C:\Windows\system32\acpimof.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-07-14 13:09:01 90112 --a------ C:\Windows\system32\eNetHook.dll <Not Verified; acer; acer eNetManagement> 2008-07-14 13:07:25 331776 --a------ C:\Windows\system32\ScrollBarLib.dll 2008-07-14 12:41:47 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-07-14 12:41:24 0 d-------- C:\Program Files\Common Files\InstallShield 2008-07-14 12:33:59 0 d--hs---- C:\Users\Default\Voisinage réseau 2008-07-14 12:33:59 0 d--hs---- C:\Users\Default\Voisinage d'impression 2008-07-14 12:33:59 0 d--hs---- C:\Users\Default\Modèles 2008-07-14 12:33:59 0 d--hs---- C:\Users\Default\Mes documents 2008-07-14 12:33:59 0 d--hs---- C:\Users\Default\Menu Démarrer 2008-07-14 12:33:59 0 d--hs---- C:\Users\All Users\Modèles 2008-07-14 12:33:59 0 d--hs---- C:\Users\All Users\Menu Démarrer 2008-07-14 12:33:59 0 d--hs---- C:\Users\All Users\Favoris 2008-07-14 12:33:59 0 d--hs---- C:\Users\All Users\Bureau 2008-07-14 12:33:59 0 d--hs---- C:\Program Files\Fichiers communs 2008-07-14 12:27:38 21668 --a------ C:\Windows\system32\emptyregdb.dat 2008-07-14 12:22:36 0 d-------- C:\Users\Default\video 2008-07-14 12:18:38 0 d--hs---- C:\Users\Karim\Voisinage réseau 2008-07-14 12:18:38 0 d--hs---- C:\Users\Karim\Voisinage d'impression 2008-07-14 12:18:38 0 dr------- C:\Users\Karim\Videos 2008-07-14 12:18:38 0 d--hs---- C:\Users\Karim\SendTo 2008-07-14 12:18:38 0 dr------- C:\Users\Karim\Saved Games 2008-07-14 12:18:38 0 d--hs---- C:\Users\Karim\Recent 2008-07-14 12:18:38 0 dr------- C:\Users\Karim\Pictures 2008-07-14 12:18:38 1572864 --ahs---- C:\Users\Karim\NTUSER.DAT 2008-07-14 12:18:38 0 dr------- C:\Users\Karim\Music 2008-07-14 12:18:38 0 d--hs---- C:\Users\Karim\Modèles 2008-07-14 12:18:38 0 d--hs---- C:\Users\Karim\Mes documents 2008-07-14 12:18:38 0 d--hs---- C:\Users\Karim\Menu Démarrer 2008-07-14 12:18:38 0 d--hs---- C:\Users\Karim\Local Settings 2008-07-14 12:18:38 0 dr------- C:\Users\Karim\Links 2008-07-14 12:18:38 0 dr------- C:\Users\Karim\Favorites 2008-07-14 12:18:38 0 dr------- C:\Users\Karim\Downloads 2008-07-14 12:18:38 0 dr------- C:\Users\Karim\Documents 2008-07-14 12:18:38 0 dr------- C:\Users\Karim\Desktop 2008-07-14 12:18:38 0 d--hs---- C:\Users\Karim\Cookies 2008-07-14 12:18:38 0 d--hs---- C:\Users\Karim\Application Data 2008-07-14 12:18:38 0 d--h----- C:\Users\Karim\AppData 2008-07-14 12:15:24 0 d-------- C:\Windows\system32\catroot2 2008-07-14 12:11:30 0 d-------- C:\Windows\Prefetch 2008-07-14 11:07:38 0 d--hs---- C:\Windows\Installer 2008-07-14 10:22:09 0 dr------- C:\Users\Karim\Searches 2008-07-14 10:21:55 0 dr------- C:\Users\Karim\Contacts 2008-07-14 10:03:10 0 d-------- C:\Windows\SoftwareDistribution 2008-07-08 05:46:40 0 -rahs--c- C:\MSDOS.SYS 2008-07-08 05:46:40 0 -rahs--c- C:\IO.SYS -- Find3M Report --------------------------------------------------------------- 2008-07-29 18:01:11 672334 --a------ C:\Windows\system32\perfh00C.dat 2008-07-29 18:01:11 124434 --a------ C:\Windows\system32\perfc00C.dat 2008-07-18 22:28:35 0 d-------- C:\Program Files\Common Files 2008-07-18 22:19:09 0 d-------- C:\Users\Karim\AppData\Roaming\Uniblue 2008-07-18 21:26:14 0 d-------- C:\Users\Karim\AppData\Roaming\Talkback 2008-07-18 21:25:58 0 d-------- C:\Users\Karim\AppData\Roaming\Mozilla 2008-07-18 21:25:51 0 d-------- C:\Users\Karim\AppData\Roaming\Thunderbird 2008-07-18 20:01:50 0 d-------- C:\Program Files\MSBuild 2008-07-17 21:56:49 0 d-------- C:\Users\Karim\AppData\Roaming\CyberLink 2008-07-17 06:16:11 0 d-------- C:\Users\Karim\AppData\Roaming\InstallShield 2008-07-16 21:54:33 0 d-------- C:\Users\Karim\AppData\Roaming\Acer 2008-07-16 21:54:30 0 d-------- C:\Users\Karim\AppData\Roaming\Leadertech 2008-07-15 21:08:15 174 --ahs---- C:\Program Files\desktop.ini 2008-07-15 20:59:15 0 d-------- C:\Program Files\Windows Calendar 2008-07-15 20:59:14 0 d-------- C:\Program Files\Windows Sidebar 2008-07-15 20:59:14 0 d-------- C:\Program Files\Movie Maker 2008-07-15 20:59:12 0 d-------- C:\Program Files\Windows Mail 2008-07-15 20:59:09 0 d-------- C:\Program Files\Windows Collaboration 2008-07-15 20:59:08 0 d-------- C:\Program Files\Windows Journal 2008-07-15 20:59:07 0 d-------- C:\Program Files\Windows Photo Gallery 2008-07-15 20:58:53 0 d-------- C:\Program Files\Windows Defender 2008-07-15 20:19:10 0 d-------- C:\Users\Karim\AppData\Roaming\Identities 2008-07-15 20:08:05 0 d-------- C:\Users\Karim\AppData\Roaming\Macromedia 2008-07-15 20:08:05 0 d-------- C:\Users\Karim\AppData\Roaming\Adobe 2008-07-14 20:52:28 0 d-------- C:\Users\Karim\AppData\Roaming\Bitdefender 2008-07-14 12:45:09 0 d-------- C:\Users\Karim\AppData\Roaming\ClonySoft 2008-07-14 12:33:59 0 d-------- C:\Program Files\Windows NT -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] 11/06/2008 22:33 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [18/01/2008 23:38] "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [09/10/2007 16:46] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [23/05/2008 19:16] "NvSvc"="C:\Windows\system32\nvsvc.dll" [11/01/2008 17:37] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [11/01/2008 17:20] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [11/01/2008 17:36] "eAudio"="C:\Acer\Empowering Technology\eAudio\eAudio.exe" [09/05/2007 10:36] "Acer Assist Launcher"="C:\Program Files\Acer Assist\launcher.exe" [02/02/2007 20:05] "PlayMovie"="C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [03/05/2007 11:16] "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [25/04/2007 16:33] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12/06/2008 02:38] "RtHDVCpl"="RtHDVCpl.exe" [10/05/2007 11:10 C:\Windows\RtHDVCpl.exe] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [15/02/2007 18:39] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [11/05/2007 03:56:35] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableLUA"=0 (0x0) "EnableUIADesktopToggle"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=eNetHook.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bdx scan [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-07-29 18:12:16 ------------
×
×
  • Créer...