lekev62

Avant et après je ne l'ai pas vu, il a peut-être un autre nom en francais sur vista, non ?

Je ne l'ai pas dans les services celui là comment je peux le trouver ??

Bonjour, Après tout ça, mon PC ne semble d'après vous plus infecté !! Mais même avec un peu d'attente la fermeture se fait toujours en 5 minutes ! Et dès que le PC se déconnecte du WIFI, et malgré que ce dernier soit activé, impossible d'apercevoir un réseau WIFI disponible !! C'est très étrange... Auriez-vous une solution miracle ou dois-je formater ?? Merci d'avance pour votre aide.

Bon voilà j'ai fait ce que vous avez dit par contre je n'ai pas compris ce que j'ai mis en citation ? Je vous tiens au courant si cela a amélioré la vitesse de fermeture lente du PC. Merci beaucoup de m'avoir aidé.

========== PROCESSES ========== Process explorer.exe killed successfully. ========== SERVICES/DRIVERS ========== Service CLTNetCnService stopped successfully. Service CLTNetCnService deleted successfully. ========== FILES ========== C:\Windows\system32\tmpF4CB.tmp moved successfully. C:\Windows\system32\tmpF45D.tmp moved successfully. File/Folder C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe not found. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8ab65e-92d1-11dd-8222-aecaea302d69}\\ deleted successfully. ========== COMMANDS ========== File delete failed. C:\Users\KVIN~1\AppData\Local\Temp\etilqs_0uRgyAVYGDrjKq4NKx77 scheduled to be deleted on reboot. File delete failed. C:\Users\KVIN~1\AppData\Local\Temp\RtkBtMnt.exe scheduled to be deleted on reboot. File delete failed. C:\Users\KVIN~1\AppData\Local\Temp\~DF18EE.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\KVIN~1\AppData\Local\Temp\~DF1902.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\KVIN~1\AppData\Local\Temp\~DFF433.tmp scheduled to be deleted on reboot. File delete failed. C:\Users\KVIN~1\AppData\Local\Temp\~DFF49D.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. File delete failed. C:\Windows\temp\TMP000000851C4AF9DB7927AA0C scheduled to be deleted on reboot. Windows Temp folder emptied. File delete failed. C:\Users\Kévin\AppData\Local\Mozilla\Firefox\Profiles\m3rzjwcj.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Users\Kévin\AppData\Local\Mozilla\Firefox\Profiles\m3rzjwcj.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Users\Kévin\AppData\Local\Mozilla\Firefox\Profiles\m3rzjwcj.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Users\Kévin\AppData\Local\Mozilla\Firefox\Profiles\m3rzjwcj.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Users\Kévin\AppData\Local\Mozilla\Firefox\Profiles\m3rzjwcj.default\urlclassifier3.sqlite scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12212008_104258 Files moved on Reboot... File C:\Users\KVIN~1\AppData\Local\Temp\etilqs_0uRgyAVYGDrjKq4NKx77 not found! C:\Users\KVIN~1\AppData\Local\Temp\RtkBtMnt.exe moved successfully. C:\Users\KVIN~1\AppData\Local\Temp\~DF18EE.tmp moved successfully. C:\Users\KVIN~1\AppData\Local\Temp\~DF1902.tmp moved successfully. C:\Users\KVIN~1\AppData\Local\Temp\~DFF433.tmp moved successfully. C:\Users\KVIN~1\AppData\Local\Temp\~DFF49D.tmp moved successfully. File C:\Windows\temp\TMP000000851C4AF9DB7927AA0C not found! C:\Users\Kévin\AppData\Local\Mozilla\Firefox\Profiles\m3rzjwcj.default\Cache\_CACHE_001_ moved successfully. C:\Users\Kévin\AppData\Local\Mozilla\Firefox\Profiles\m3rzjwcj.default\Cache\_CACHE_002_ moved successfully. C:\Users\Kévin\AppData\Local\Mozilla\Firefox\Profiles\m3rzjwcj.default\Cache\_CACHE_003_ moved successfully. C:\Users\Kévin\AppData\Local\Mozilla\Firefox\Profiles\m3rzjwcj.default\Cache\_CACHE_MAP_ moved successfully. C:\Users\Kévin\AppData\Local\Mozilla\Firefox\Profiles\m3rzjwcj.default\urlclassifier3.sqlite moved successfully.

Voici le RAPPORT fichier log : Logfile of random's system information tool 1.05 (written by random/random) Run by Kévin at 2008-12-20 16:47:31 Microsoft® Windows Vista™ Édition Familiale Premium System drive C: has 12 GB (17%) free of 71 GB Total RAM: 2046 MB (53% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:47:43, on 20/12/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Launch Manager\QtZgAcer.EXE D:\Matériels\Imprimante\Sophie\HP Software Update\hpwuSchd2.exe C:\Users\KVIN~1\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Java\jre6\bin\jusched.exe D:\Internet\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\DNA\btdna.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe D:\Internet\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Users\Kévin\Downloads\RSIT.exe C:\Program Files\HijackThis\Kévin.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\MATRIE~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [iaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [HP Software Update] D:\Matériels\Imprimante\Sophie\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Matériels\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [CloneCDTray] "D:\Matériels\Clone DVD-CD\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "D:\Internet\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-4009350913-2126091967-105754436-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres') O4 - HKUS\S-1-5-21-4009350913-2126091967-105754436-1002\..\RunOnce: [AcerScrSav] C:\Windows\Acer\run_NB.exe (User 'postgres') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Global Startup: Acer Empowering Technology.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\BUREAU~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Internet\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Internet\Poker\Titan Poker\casino.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\BUREAU~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\MATRIE~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\MATRIE~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Internet\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Internet\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - D:\Internet\Maconfig\maconfservice.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - D:\Internet\Poker\PostgreSQL\bin\pg_ctl.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9326 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Maintenance en 1 clic.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - D:\MATRIE~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-08-14 1006264] "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-06-26 86016] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-06-26 8433664] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-06-26 81920] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-05-09 865840] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216] "eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-06-11 1286144] "Acer Tour"= [] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-10 4468736] "PLFSet"=C:\Windows\PLFSet.dll [2007-04-25 45056] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-09-12 182808] "IaNvSrv"=C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [2007-03-13 33048] "SetPanel"=C:\Acer\APanel\APanel.cmd [] "LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2007-07-31 707080] "eRecoveryService"= [] "HP Software Update"=D:\Matériels\Imprimante\Sophie\HP Software Update\HPWuSchd2.exe [2006-12-10 49152] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] "QuickTime Task"=D:\Matériels\QuickTime\QTTask.exe [2008-09-06 413696] "CloneCDTray"=D:\Matériels\Clone DVD-CD\CloneCD\CloneCDTray.exe [2006-09-28 57344] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600] "avgnt"=D:\Internet\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe [2007-05-22 151552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie] C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2007-05-24 206952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk] C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2007-04-27 1208320] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk] C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2007-04-14 535336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] D:\MATRIE~1\IMPRIM~1\Sophie\DIGITA~1\bin\hpqtra08.exe [2007-01-02 210520] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "D:\Matériels\BiTorrent\bittorrent.exe"="D:\Matériels\BiTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu" "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption" "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8ab65e-92d1-11dd-8222-aecaea302d69}] shell\Auto\command - cmd /C launch.bat shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat ======List of files/folders created in the last 2 months====== 2008-12-20 16:47:31 ----D---- C:\rsit 2008-12-19 16:56:37 ----D---- C:\Users\Kévin\AppData\Roaming\Malwarebytes 2008-12-19 16:56:30 ----D---- C:\ProgramData\Malwarebytes 2008-12-19 16:56:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-12-19 15:53:25 ----A---- C:\cleannavi.txt 2008-12-19 15:44:23 ----A---- C:\fixnavi.txt 2008-12-17 23:42:33 ----D---- C:\ProgramData\Avira 2008-12-17 23:36:52 ----D---- C:\Program Files\HijackThis 2008-12-17 22:22:21 ----A---- C:\Windows\ntbtlog.txt 2008-12-17 19:04:20 ----D---- C:\ProgramData\Spybot - Search & Destroy 2008-12-17 17:44:52 ----D---- C:\Users\Kévin\AppData\Roaming\Intel 2008-12-17 17:44:52 ----D---- C:\ProgramData\Roaming 2008-12-17 17:43:37 ----D---- C:\Program Files\Cisco 2008-12-17 17:43:33 ----D---- C:\Program Files\Common Files\Intel 2008-12-17 17:43:32 ----D---- C:\ProgramData\Intel 2008-12-17 17:32:27 ----D---- C:\ProgramData\ma-config.com 2008-12-13 12:31:55 ----D---- C:\Users\Kévin\AppData\Roaming\TuneUp Software 2008-12-11 13:32:38 ----D---- C:\Users\Kévin\AppData\Roaming\ImgBurn 2008-12-06 15:39:04 ----D---- C:\Windows\Minidump 2008-12-03 12:48:25 ----A---- C:\Windows\system32\javaws.exe 2008-12-03 12:48:25 ----A---- C:\Windows\system32\javaw.exe 2008-12-03 12:48:25 ----A---- C:\Windows\system32\java.exe 2008-11-22 19:16:08 ----D---- C:\Program Files\Common Files\Apple 2008-11-22 19:16:02 ----D---- C:\ProgramData\Apple Computer 2008-11-22 19:15:27 ----D---- C:\ProgramData\Apple 2008-11-22 19:15:27 ----D---- C:\Program Files\Apple Software Update 2008-11-22 16:05:48 ----D---- C:\Program Files\Adobe 2008-11-18 17:40:11 ----D---- C:\ProgramData\Codemasters 2008-11-18 13:45:49 ----RA---- C:\Windows\system32\tmpF4CB.tmp 2008-11-18 13:45:49 ----RA---- C:\Windows\system32\tmpF45D.tmp 2008-11-18 13:45:49 ----D---- C:\Program Files\OpenAL 2008-11-18 13:45:49 ----A---- C:\Windows\system32\wrap_oal.dll 2008-11-18 13:45:49 ----A---- C:\Windows\system32\OpenAL32.dll 2008-11-15 12:48:41 ----D---- C:\Users\Kévin\AppData\Roaming\FileZilla 2008-11-15 12:36:41 ----A---- C:\Windows\system32\vsutil_loc040c.dll 2008-11-15 12:36:35 ----A---- C:\Windows\system32\vsregexp.dll 2008-11-15 12:36:34 ----A---- C:\Windows\system32\zlcommdb.dll 2008-11-15 12:36:34 ----A---- C:\Windows\system32\zlcomm.dll 2008-11-15 12:36:29 ----A---- C:\Windows\system32\vswmi.dll 2008-11-15 12:36:28 ----A---- C:\Windows\system32\zpeng24.dll 2008-11-15 12:36:28 ----A---- C:\Windows\system32\vsxml.dll 2008-11-15 12:36:27 ----A---- C:\Windows\system32\vspubapi.dll 2008-11-15 12:36:27 ----A---- C:\Windows\system32\vsmonapi.dll 2008-11-15 12:36:26 ----D---- C:\ProgramData\CheckPoint 2008-11-15 12:36:26 ----A---- C:\Windows\system32\vsdata.dll 2008-11-15 12:36:00 ----A---- C:\Windows\system32\tcpipcfg.dll 2008-11-15 12:36:00 ----A---- C:\Windows\system32\netiougc.exe 2008-11-15 12:35:17 ----D---- C:\Windows\system32\ZoneLabs 2008-11-15 12:34:29 ----D---- C:\Windows\Internet Logs 2008-11-15 12:34:29 ----A---- C:\Windows\system32\vsutil.dll 2008-11-15 12:34:29 ----A---- C:\Windows\system32\vsinit.dll 2008-11-11 20:34:40 ----D---- C:\Users\Kévin\AppData\Roaming\CyberLink 2008-11-04 19:26:28 ----A---- C:\Windows\game.ini 2008-11-04 00:45:15 ----D---- C:\Users\Kévin\AppData\Roaming\temp 2008-11-03 16:52:37 ----A---- C:\Windows\system32\Usbpadff.dll 2008-11-03 16:52:36 ----D---- C:\Program Files\EMS USB2 2008-11-03 16:52:36 ----A---- C:\Windows\system32\UsbPadCP.dll 2008-11-02 14:09:21 ----A---- C:\Windows\system32\XAudio2_2.dll 2008-11-02 14:09:21 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2008-11-02 14:09:20 ----A---- C:\Windows\system32\xactengine3_2.dll 2008-11-02 14:09:19 ----A---- C:\Windows\system32\d3dx10_39.dll 2008-11-02 14:09:19 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2008-11-02 14:09:17 ----A---- C:\Windows\system32\D3DX9_39.dll 2008-11-02 14:08:30 ----HD---- C:\Windows\msdownld.tmp 2008-11-02 14:08:27 ----D---- C:\Windows\system32\directx 2008-11-02 13:37:01 ----HD---- C:\Program Files\Zero G Registry 2008-11-02 10:36:44 ----D---- C:\Users\Kévin\AppData\Roaming\BitTorrent 2008-11-02 10:36:37 ----D---- C:\Users\Kévin\AppData\Roaming\DNA 2008-11-02 10:36:37 ----D---- C:\Program Files\DNA 2008-11-02 01:01:26 ----D---- C:\Users\Kévin\AppData\Roaming\Sports Interactive 2008-11-02 01:01:22 ----D---- C:\ProgramData\Sports Interactive 2008-11-02 01:01:17 ----A---- C:\Windows\system32\XAudio2_1.dll 2008-11-02 01:01:17 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2008-11-02 01:01:16 ----A---- C:\Windows\system32\xactengine3_1.dll 2008-11-02 01:01:16 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2008-11-02 01:01:15 ----A---- C:\Windows\system32\d3dx10_38.dll 2008-11-02 01:01:15 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2008-11-02 01:01:12 ----A---- C:\Windows\system32\XAudio2_0.dll 2008-11-02 01:01:12 ----A---- C:\Windows\system32\D3DX9_38.dll 2008-11-02 01:01:11 ----A---- C:\Windows\system32\xactengine3_0.dll 2008-11-02 01:01:10 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2008-11-02 01:01:10 ----A---- C:\Windows\system32\d3dx10_37.dll 2008-11-02 01:01:10 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2008-11-02 01:01:07 ----A---- C:\Windows\system32\xactengine2_10.dll 2008-11-02 01:01:05 ----A---- C:\Windows\system32\d3dx10_36.dll 2008-11-02 01:01:05 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2008-11-02 01:01:03 ----A---- C:\Windows\system32\d3dx9_36.dll 2008-11-02 01:01:02 ----A---- C:\Windows\system32\xactengine2_9.dll 2008-11-02 01:01:01 ----A---- C:\Windows\system32\d3dx10_35.dll 2008-11-02 01:01:01 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2008-11-02 01:00:57 ----A---- C:\Windows\system32\xactengine2_8.dll 2008-11-02 01:00:57 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2008-11-02 01:00:55 ----A---- C:\Windows\system32\d3dx10_34.dll 2008-11-02 01:00:55 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2008-11-02 01:00:50 ----A---- C:\Windows\system32\xactengine2_7.dll 2008-11-02 01:00:48 ----A---- C:\Windows\system32\d3dx10_33.dll 2008-11-02 01:00:48 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2008-11-02 01:00:46 ----A---- C:\Windows\system32\xactengine2_6.dll 2008-11-02 01:00:43 ----A---- C:\Windows\system32\x3daudio1_1.dll 2008-11-01 23:08:54 ----D---- C:\Program Files\Common Files\Steam 2008-10-31 18:58:01 ----D---- C:\Users\Kévin\AppData\Roaming\Leadertech 2008-10-31 18:46:32 ----A---- C:\Windows\system32\D3DX9_37.dll 2008-10-31 18:46:31 ----A---- C:\Windows\system32\d3dx9_35.dll 2008-10-31 18:46:30 ----A---- C:\Windows\system32\xinput1_3.dll 2008-10-31 18:46:30 ----A---- C:\Windows\system32\d3dx9_34.dll 2008-10-31 18:46:29 ----A---- C:\Windows\system32\d3dx9_33.dll 2008-10-30 12:57:49 ----A---- C:\Windows\system32\libusbd-nt.exe 2008-10-30 12:57:49 ----A---- C:\Windows\system32\libusbd-9x.exe 2008-10-30 12:57:49 ----A---- C:\Windows\system32\libusb0.dll 2008-10-29 17:01:35 ----D---- C:\ProgramData\KONAMI 2008-10-29 16:52:56 ----A---- C:\Windows\system32\xactengine2_5.dll 2008-10-29 16:52:55 ----A---- C:\Windows\system32\d3dx10.dll 2008-10-29 16:52:52 ----A---- C:\Windows\system32\d3dx9_32.dll 2008-10-29 16:52:45 ----A---- C:\Windows\system32\xactengine2_4.dll 2008-10-29 16:52:40 ----A---- C:\Windows\system32\d3dx9_31.dll 2008-10-29 16:52:37 ----A---- C:\Windows\system32\xactengine2_3.dll 2008-10-29 16:52:36 ----A---- C:\Windows\system32\xinput1_2.dll 2008-10-29 16:52:33 ----A---- C:\Windows\system32\xactengine2_2.dll 2008-10-29 16:52:32 ----A---- C:\Windows\system32\xinput1_1.dll 2008-10-29 16:52:31 ----A---- C:\Windows\system32\xactengine2_1.dll 2008-10-29 16:51:47 ----A---- C:\Windows\system32\d3dx9_30.dll 2008-10-29 16:51:44 ----A---- C:\Windows\system32\xactengine2_0.dll 2008-10-29 16:51:44 ----A---- C:\Windows\system32\x3daudio1_0.dll 2008-10-29 16:51:42 ----A---- C:\Windows\system32\d3dx9_29.dll 2008-10-29 16:51:41 ----A---- C:\Windows\system32\d3dx9_28.dll 2008-10-29 16:51:36 ----A---- C:\Windows\system32\d3dx9_27.dll 2008-10-29 16:51:33 ----A---- C:\Windows\system32\d3dx9_26.dll 2008-10-29 16:51:31 ----A---- C:\Windows\system32\d3dx9_25.dll 2008-10-29 16:51:26 ----A---- C:\Windows\system32\d3dx9_24.dll 2008-10-25 10:36:15 ----A---- C:\Windows\system32\deploytk.dll 2008-10-25 10:35:48 ----D---- C:\Program Files\Java 2008-10-23 17:41:20 ----D---- C:\Program Files\Common Files\PC SOFT 2008-10-23 17:41:00 ----A---- C:\Windows\system32\WDShell.dll 2008-10-23 17:34:03 ----D---- C:\WinDev 12 Express - Installation 2008-10-21 10:39:16 ----D---- C:\Program Files\Microsoft Silverlight 2008-10-21 10:35:59 ----D---- C:\Program Files\Microsoft SQL Server 2008-10-21 10:35:21 ----D---- C:\Program Files\Microsoft Synchronization Services 2008-10-21 10:35:21 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition ======List of files/folders modified in the last 2 months====== 2008-12-20 16:47:42 ----D---- C:\Windows\Prefetch 2008-12-20 16:47:33 ----D---- C:\Windows\Temp 2008-12-20 14:39:30 ----SHD---- C:\System Volume Information 2008-12-20 12:37:04 ----D---- C:\Windows\System32 2008-12-20 12:37:04 ----D---- C:\Windows\inf 2008-12-20 12:37:04 ----A---- C:\Windows\system32\PerfStringBackup.INI 2008-12-19 16:56:34 ----D---- C:\Windows\system32\drivers 2008-12-19 16:56:30 ----RD---- C:\Program Files 2008-12-19 16:56:30 ----D---- C:\ProgramData 2008-12-17 22:38:08 ----D---- C:\Windows\system32\catroot2 2008-12-17 22:22:21 ----D---- C:\Windows 2008-12-17 18:04:45 ----D---- C:\Windows\system32\LogFiles 2008-12-17 17:44:58 ----SHD---- C:\Windows\Installer 2008-12-17 17:44:14 ----D---- C:\Windows\system32\catroot 2008-12-17 17:43:33 ----D---- C:\Program Files\Common Files 2008-12-17 17:43:32 ----D---- C:\Program Files\Intel 2008-12-17 17:43:30 ----HD---- C:\Config.Msi 2008-12-17 17:40:29 ----HD---- C:\Program Files\InstallShield Installation Information 2008-12-14 10:12:55 ----D---- C:\Windows\system32\WDI 2008-12-13 13:07:45 ----D---- C:\Users\Kévin\AppData\Roaming\Image Zone Express 2008-12-13 12:32:11 ----D---- C:\Windows\Tasks 2008-12-13 12:32:11 ----D---- C:\Windows\system32\Tasks 2008-12-12 10:03:17 ----A---- C:\Windows\win.ini 2008-12-12 10:01:50 ----D---- C:\Windows\twain_32 2008-12-09 18:39:46 ----SD---- C:\Users\Kévin\AppData\Roaming\Microsoft 2008-12-06 00:30:06 ----A---- C:\ProgramData\playercachelines.tmp 2008-12-02 19:46:51 ----HD---- C:\Windows\system32\GroupPolicy 2008-12-01 12:54:59 ----SD---- C:\ProgramData\Microsoft 2008-11-30 18:03:12 ----D---- C:\Windows\Debug 2008-11-22 19:16:31 ----D---- C:\Program Files\Internet Explorer 2008-11-22 16:06:00 ----D---- C:\Program Files\Common Files\Adobe 2008-11-22 16:05:56 ----D---- C:\ProgramData\Adobe 2008-11-18 13:44:54 ----RSD---- C:\Windows\assembly 2008-11-15 12:58:07 ----D---- C:\Windows\system32\migration 2008-11-15 12:36:10 ----D---- C:\Windows\winsxs 2008-11-10 15:10:25 ----D---- C:\Windows\LiveKernelReports 2008-11-02 00:59:40 ----D---- C:\Windows\Logs 2008-10-29 16:51:52 ----D---- C:\Windows\Microsoft.NET 2008-10-27 11:10:29 ----D---- C:\Program Files\PokerStrategy 2008-10-21 10:37:11 ----D---- C:\Program Files\Common Files\microsoft shared 2008-10-21 10:36:59 ----D---- C:\Program Files\Microsoft.NET 2008-10-21 10:36:24 ----D---- C:\Windows\Registration 2008-10-21 10:35:07 ----D---- C:\ProgramData\Microsoft Help 2008-10-21 08:42:19 ----D---- C:\Windows\rescache ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\D:\Internet\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-03-03 279440] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 13560] R2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2006-12-26 15440] R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-06-26 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-06-26 8704] R3 avgntflt;avgntflt; \??\D:\Internet\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2006-11-02 14208] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2007-07-31 21264] R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-26 984064] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-26 208384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712] R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys [2005-03-09 33792] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-09-25 3666432] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-08-14 6144] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-06-26 7120768] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-08-14 82432] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-06-12 1729152] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-05-09 185392] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-26 660480] R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-04-19 43008] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2006-11-02 11264] S3 abib1hmc;abib1hmc; C:\Windows\system32\drivers\abib1hmc.sys [] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712] S3 catchme;catchme; \??\C:\Users\KVIN~1\AppData\Local\Temp\catchme.sys [] S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584] S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864] S3 driverhardwarev2;driverhardwarev2; \??\D:\Internet\Maconfig\Drivers\driverhardwarev2.sys [2008-12-16 14336] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632] S3 EMSUSB2;EMS USB Joypad2; C:\Windows\system32\DRIVERS\EMSUSB2.sys [2007-01-03 9728] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016] S3 NETw4v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-02-24 2216448] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560] S3 XPADFL02;XPAD Filter Service 02; C:\Windows\system32\DRIVERS\xpadfl02.sys [2006-12-24 27904] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; D:\Internet\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; D:\Internet\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512] R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-04-23 24576] R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 135168] R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248] R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 24576] R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-09-12 354840] R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\Windows\system32\libusbd-nt.exe [2005-03-09 18944] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008] R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016] R2 pgsql-8.3;PostgreSQL Database Server 8.3; D:\Internet\Poker\PostgreSQL\bin\pg_ctl.exe [2008-03-17 77824] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-02 466944] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-23 266343] R2 SQLWriter;Enregistreur VSS SQL Server; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-06-13 167936] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-06-26 386560] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S3 maconfservice;Ma-Config Service; D:\Internet\Maconfig\maconfservice.exe [2008-12-16 195752] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-11-01 87288] S3 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-03-03 79400] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544] -----------------EOF----------------- Voici le RAPPORT fichier info : info.txt logfile of random's system information tool 1.05 2008-12-20 16:47:47 ======Uninstall list====== -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\Setup.exe" -uninst -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\setup.exe" -uninstall -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\setup.exe" -uninstall -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall 32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} Acer Arcade Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x040c -removeonly -u Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe -runfromtemp -l0x0009 -removeonly Acer eAudio Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.EXE" -uninstall Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x40c -removeonly Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -l0x40c -removeonly Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003} adsl TV-->D:\Internet\ADSL TV\Uninstal.exe Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Avira AntiVir Personal - Free Antivirus-->D:\Internet\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Big Kahuna Reef 2-->"C:\Program Files\Acer GameZone\Big Kahuna Reef 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Big Kahuna Reef 2\install.log" Bricks of Egypt-->"C:\Program Files\Acer GameZone\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Acer GameZone\Bricks of Egypt\install.log" Call of Duty® - World at War-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x040c CloneCD-->"D:\Matériels\Clone DVD-CD\CloneCD\ccd-uninst.exe" /D="D:\Matériels\Clone DVD-CD\CloneCD" DivX Codec-->D:\Matériels\DivX Player\DivXCodecUninstall.exe /CODEC DivX Player-->D:\Matériels\DivX Player\DivXPlayerUninstall.exe /PLAYER DivX Web Player-->D:\Matériels\DivX Player\DivX\DivXWebPlayerUninstall.exe /PLUGIN Dynasty-->"C:\Program Files\Acer GameZone\Dynasty\Uninstall.exe" "C:\Program Files\Acer GameZone\Dynasty\install.log" EMS USB Joypad2-->C:\PROGRA~1\EMSUSB~1\UNWISE.EXE C:\PROGRA~1\EMSUSB~1\INSTALL.LOG Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62} Football Manager 2009-->"D:\Jeux\Football Manager 2009\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe" Full Tilt Poker-->"C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -runfromtemp -l0x040c -removeonly Galapago-->"C:\Program Files\Acer GameZone\Galapago\Uninstall.exe" "C:\Program Files\Acer GameZone\Galapago\install.log" HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -IAcrZUn32z.inf HijackThis 2.0.2-->"C:\Program Files\HijackThis\HijackThis.exe" /uninstall Holdem Manager-->MsiExec.exe /I{42DE940E-8037-4266-9FBF-5A3AEDA39E96} HP Imaging Device Functions 8.0-->D:\Matériels\Imprimante\Sophie\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP OCR Software 8.0-->D:\Matériels\Imprimante\Sophie\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70} HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->D:\Matériels\Imprimante\Sophie\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot HP Solution Center 8.0-->D:\Matériels\Imprimante\Sophie\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134} HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3} ICM Trainer Light-->MsiExec.exe /I{2F8BE683-EF69-4D18-9974-DB0C1832A516} ImgBurn 2.3.2.0 Fr-->"D:\Matériels\ImgBurn\unins000.exe" Intel PROSet Wireless-->Intel PROSet Wireless Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Jewel Quest Solitaire-->"C:\Program Files\Acer GameZone\Jewel Quest Solitaire\Uninstall.exe" "C:\Program Files\Acer GameZone\Jewel Quest Solitaire\install.log" Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI LibUSB-Win32-0.1.10.1-->"D:\Jeux\SIXAXIS PS3\unins000.exe" Luxor 2-->"C:\Program Files\Acer GameZone\Luxor 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Luxor 2\install.log" Ma-Config.com-->MsiExec.exe /X{F9C3C475-5723-41F5-939A-436B6159F489} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Medieval CUE Splitter-->MsiExec.exe /I{B96D2269-568B-4CBF-9332-12FAE8B158F7} Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC} Microsoft .NET Framework 3.5-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791} Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{3F59A7E0-BC01-4435-9E93-C7D7015C21DA} Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove Microsoft SQL Server Compact 3.5 Design Tools FRA-->MsiExec.exe /X{043ECF7B-4724-4F7B-8A9D-BC22719E95F7} Microsoft SQL Server Compact 3.5 FRA-->MsiExec.exe /I{BE361597-42AC-4513-9BA6-FFAB310038FB} Microsoft SQL Server Native Client-->MsiExec.exe /I{9C7E944F-4502-40B8-A0AB-66B2FA9EE829} Microsoft SQL Server VSS Writer-->MsiExec.exe /I{75FF1600-6330-43FA-9022-E0835BF20778} Microsoft Visual Basic 2008 Express - Français-->D:\Bureautiques\Visual Basic 2008\Microsoft Visual Basic 2008 Express Edition - FRA\setup.exe Microsoft Visual Basic 2008 Express Edition - FRA-->MsiExec.exe /X{ACC61C04-48C5-3F6F-977B-AD33E94E5F40} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C} Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06} Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C} Module linguistique Microsoft .NET Framework 3.5 - fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe Mozilla Firefox (3.0.4)-->D:\Internet\Mozilla Firefox\uninstall\helper.exe Mystery Case Files - Prime Suspects-->"C:\Program Files\Acer GameZone\Mystery Case Files - Prime Suspects\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Case Files - Prime Suspects\install.log" Mystery Case Files Ravenhearst-->"C:\Program Files\Acer GameZone\Mystery Case Files Ravenhearst\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Case Files Ravenhearst\install.log" NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7 OpenAL-->"C:\Program Files\OpenAL\OalinstGridRelease.exe" /U Orion-->MsiExec.exe /X{666EC086-3794-4E3D-BD9E-600A5FF82A5E} Partouche-->D:\Internet\Poker\Partouche Poker\uninst.exe PokerStrategy Elephant-->MsiExec.exe /I{54AAAF29-28E2-479C-BE6D-DE9054E7F670} PostgreSQL 8.3-->MsiExec.exe /I{B823632F-3B72-4514-8861-B961CE263224} PowerProducer 3.72-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31} QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x40c -removeonly RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\Setup.exe" -l0x40c anything SecureW2 EAP Suite 1.1.1 for Windows-->C:\Program Files\SecureW2\Uninstall.exe SixaxisDriver 0.91-->"D:\Jeux\SIXAXIS PS3\SixaxisDriver\unins000.exe" Spybot - Search & Destroy-->"D:\Matériels\Spybot - Search & Destroy\unins000.exe" Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Titan Poker-->"D:\Internet\Poker\Titan Poker\_SetupPoker(2).exe" /uninstall Treasures of the Deep-->"C:\Program Files\Acer GameZone\Treasures of the Deep\Uninstall.exe" "C:\Program Files\Acer GameZone\Treasures of the Deep\install.log" VC Runtimes MSI-->MsiExec.exe /X{FF29527A-44CD-3422-945E-981A13584000} Winamax Poker (remove only)-->"D:\Internet\Poker\Winamax\uninst.exe" Winbond CIR Drivers-->MsiExec.exe /X{427967BF-09F8-46D5-9275-37001CCBBA5D} Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinRAR archiver-->D:\Matériels\WinRar\uninstall.exe ZoneAlarm-->D:\Matériels\ZoneAlarm\zauninst.exe Zuma Deluxe-->"C:\Program Files\Acer GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Zuma Deluxe\install.log" ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: Avira AntiVir PersonalEdition Classic FW: ZoneAlarm Firewall (disabled) AS: Windows Defender (outdated) System event log Computer Name: PC-de-Kevin Event Code: 8033 Message: L'explorateur a forcé une élection sur le réseau \Device\NetBT_Tcpip_{AF17AABA-3916-4596-AE5B-AA120B70F1BE} car un maître explorateur a été arrêté. Record Number: 63326 Source Name: BROWSER Time Written: 20081220153433.000000-000 Event Type: Information User: Computer Name: PC-de-Kevin Event Code: 1103 Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs. Record Number: 63327 Source Name: Microsoft-Windows-Dhcp-Client Time Written: 20081220153440.000000-000 Event Type: Information User: Computer Name: PC-de-Kevin Event Code: 102 Message: Le service a momentanément arrêté la publication à cause d’un événement d’alimentation. Record Number: 63328 Source Name: Microsoft-Windows-ResourcePublication Time Written: 20081220153438.988401-000 Event Type: Information User: AUTORITE NT\SERVICE LOCAL Computer Name: PC-de-Kevin Event Code: 4201 Message: Le système a détecté que la carte réseau Connexion réseau sans fil était connectée au réseau, et a lancé une opération normale. Record Number: 63329 Source Name: Tcpip Time Written: 20081220153440.055401-000 Event Type: Information User: Computer Name: PC-de-Kevin Event Code: 104 Message: Le service effectue la publication sur le réseau. Record Number: 63330 Source Name: Microsoft-Windows-ResourcePublication Time Written: 20081220153443.685401-000 Event Type: Information User: AUTORITE NT\SERVICE LOCAL Application event log Computer Name: PC-de-Kevin Event Code: 17896 Message: Le compteur de temps du processeur sur l'ID du planificateur 1 Il n'est pas synchronisé avec d'autres processeurs. Record Number: 15269 Source Name: MSSQL$SQLEXPRESS Time Written: 20081220143942.000000-000 Event Type: Information User: Computer Name: PC-de-Kevin Event Code: 4113 Message: AntiVir a détecté dans le fichier C:\Program Files\Acer GameZone\Bricks of Egypt\Bricks of Egypt.exe un code suspect avec la désignation 'PCK/Armadillo'! Record Number: 15270 Source Name: Avira AntiVir Time Written: 20081220152822.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Kevin Event Code: 4113 Message: AntiVir a détecté dans le fichier C:\Program Files\Acer GameZone\Bricks of Egypt\Bricks of Egypt.exe un code suspect avec la désignation 'PCK/Armadillo'! Record Number: 15271 Source Name: Avira AntiVir Time Written: 20081220152942.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Kevin Event Code: 17896 Message: Le compteur de temps du processeur sur l'ID du planificateur 1 Il n'est pas synchronisé avec d'autres processeurs. Record Number: 15272 Source Name: MSSQL$SQLEXPRESS Time Written: 20081220153942.000000-000 Event Type: Information User: Computer Name: PC-de-Kevin Event Code: 5 Message: Unsupported service control request (see data below) Record Number: 15273 Source Name: LightScribeService Time Written: 20081220154745.000000-000 Event Type: Information User: Security event log Computer Name: PC-de-Kevin Event Code: 4672 Message: Privilèges spéciaux attribués à la nouvelle ouverture de session. Sujet : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 Privilèges : SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 11492 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20081220114551.609401-000 Event Type: Succès de l'audit User: Computer Name: PC-de-Kevin Event Code: 4904 Message: Une tentative d’inscription de la source d’un événement de sécurité a été effectuée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-KEVIN$ Domaine du compte : RESEAU AMOUREUX ID d’ouverture de session : 0x3e7 Processus : ID du processus : 0x15e8 Nom du processus : C:\Windows\System32\VSSVC.exe Source de l’événement : Nom de la source : VSSAudit ID de la source de l’événement : 0x3766e9 Record Number: 11493 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20081220121332.833401-000 Event Type: Succès de l'audit User: Computer Name: PC-de-Kevin Event Code: 4905 Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-KEVIN$ Domaine du compte : RESEAU AMOUREUX ID d’ouverture de session : 0x3e7 Processus : ID du processus : 0x15e8 Nom du processus : C:\Windows\System32\VSSVC.exe Source de l’événement : Nom de la source : VSSAudit ID de la source de l’événement : 0x3766e9 Record Number: 11494 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20081220121332.833401-000 Event Type: Succès de l'audit User: Computer Name: PC-de-Kevin Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 11495 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20081220150224.528401-000 Event Type: Échec de l'audit User: Computer Name: PC-de-Kevin Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 11496 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20081220153443.588401-000 Event Type: Échec de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;D:\Matériels\QuickTime\QTSystem\;C:\Program Files\Intel\WiFi\bin\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=0f0a "NUMBER_OF_PROCESSORS"=2 "tvdumpflags"=8 "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------

Ok, mais le PC a mis encore 5 minutes pour s'arrêter alors qu'il a même pas un an et qu'il était très rapide avant deux semaines ?! Bizarre non ??

Voici le nouveau RAPPORT : Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1520 Windows 6.0.6000 19/12/2008 18:40:48 mbam-log-2008-12-19 (18-40-48).txt Type de recherche: Examen complet (C:\|D:\|F:\|) Eléments examinés: 169692 Temps écoulé: 1 hour(s), 19 minute(s), 30 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Voici le RAPPORT 1 : Search Navipromo version 3.7.0 commencé le 19/12/2008 à 15:44:23,75 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 ) X86-based PC ( Multiprocessor Free : Intel® Core2 Duo CPU T7300 @ 2.00GHz ) BIOS : ZD1 v1.3708 3G08 USER : Kévin ( Not Administrator ! ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated) Firewall : ZoneAlarm Firewall 7.1.254.000 (Not Activated) C:\ (Local Disk) - NTFS - Total:69 Go (Free:13 Go) D:\ (Local Disk) - NTFS - Total:66 Go (Free:17 Go) E:\ (CD or DVD) Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\Windows" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" *** *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" *** *** Recherche dossiers dans "C:\ProgramData" *** *** Recherche dossiers dans "c:\users\kvin~1\appdata\roaming\micros~1\windows\startm~1\programs" *** *** Recherche dossiers dans "C:\Users\K‚vin\AppData\Local\virtualstore\Program Files" *** *** Recherche dossiers dans "C:\Users\K‚vin\AppData\Roaming" *** *** Recherche dossiers dans "C:\Users\elephant\appdata\roaming" *** *** Recherche dossiers dans "C:\Users\postgres\appdata\roaming" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\Windows\system32" * * Recherche dans "C:\Users\K‚vin\AppData\Local\Microsoft" * * Recherche dans "C:\Users\K‚vin\AppData\Local" * * Recherche dans "C:\Users\elephant\AppData\Local" * * Recherche dans "C:\Users\postgres\AppData\Local" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !! [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "kgrok"="\"c:\\users\\k‚vin\\appdata\\local\\kgrok.exe\" kgrok" *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\Windows\system32" : * Dans "C:\Users\K‚vin\AppData\Local\Microsoft" : * Dans "C:\Users\K‚vin\AppData\Local" : kgrok.dat trouvé ! kgrok_nav.dat trouvé ! kgrok_navps.dat trouvé ! * Dans "C:\Users\elephant\AppData\Local" : * Dans "C:\Users\postgres\AppData\Local" : 3)Recherche Certificats : Certificat Egroup absent ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche autres dossiers et fichiers connus : *** Analyse terminée le 19/12/2008 à 15:49:51,35 *** Voici le RAPPORT 2 : Clean Navipromo version 3.7.0 commencé le 19/12/2008 à 15:53:25,05 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 ) X86-based PC ( Multiprocessor Free : Intel® Core2 Duo CPU T7300 @ 2.00GHz ) BIOS : ZD1 v1.3708 3G08 USER : Kévin ( Not Administrator ! ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated) Firewall : ZoneAlarm Firewall 7.1.254.000 (Not Activated) C:\ (Local Disk) - NTFS - Total:69 Go (Free:13 Go) D:\ (Local Disk) - NTFS - Total:66 Go (Free:17 Go) E:\ (CD or DVD) Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\Windows\System32" * * Suppression dans "C:\Users\K‚vin\AppData\Local\Microsoft" * * Suppression dans "C:\Users\K‚vin\AppData\Local" * * Suppression dans "C:\Users\elephant\AppData\Local" * * Suppression dans "C:\Users\postgres\AppData\Local" * *** Suppression dossiers dans "C:\Windows" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" *** *** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" *** *** Suppression dossiers dans "C:\ProgramData" *** *** Suppression dossiers dans c:\users\kvin~1\appdata\roaming\micros~1\windows\startm~1\programs *** *** Suppression dossiers dans "C:\Users\elephant\appdata\roaming\micros~1\windows\startm~1\programs" *** *** Suppression dossiers dans "C:\Users\postgres\appdata\roaming\micros~1\windows\startm~1\programs" *** *** Suppression dossiers dans "C:\Users\K‚vin\AppData\Local\virtualstore\Program Files" *** *** Suppression dossiers dans "C:\Users\K‚vin\AppData\Roaming" *** *** Suppression dossiers dans "C:\Users\elephant\appdata\roaming" *** *** Suppression dossiers dans "C:\Users\postgres\appdata\roaming" *** *** Suppression fichiers *** *** Suppression fichiers temporaires *** Nettoyage contenu C:\Windows\Temp effectué ! Nettoyage contenu C:\Users\KVIN~1\AppData\Local\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\Windows\system32" * * Dans "C:\Users\K‚vin\AppData\Local\Microsoft" * * Dans "C:\Users\K‚vin\AppData\Local" * kgrok.dat trouvé ! Copie kgrok.dat réalisée avec succès ! kgrok.dat supprimé ! kgrok_nav.dat trouvé ! Copie kgrok_nav.dat réalisée avec succès ! kgrok_nav.dat supprimé ! kgrok_navps.dat trouvé ! Copie kgrok_navps.dat réalisée avec succès ! kgrok_navps.dat supprimé ! kgrok.bat trouvé ! Copie kgrok.bat réalisée avec succès ! kgrok.bat supprimé ! * Dans "C:\Users\elephant\AppData\Local" * * Dans "C:\Users\postgres\AppData\Local" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup absent ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Recherche autres dossiers et fichiers connus *** *** Nettoyage terminé le 19/12/2008 à 16:04:33,72 ***

UP Personne pour m'aider ?!

Bonjour à tous, Voilà depusi quelques temps (environ 2 à 3 semaines) mon PC a quelques dysfonctionnement. En quelques mots voilà les choses inhabituelles depuis ces quelques semaines : * Quand il démarre le WIFI fonctionne très bien mais pour peu qu'il soit déconnecter, alors le voyant WIFI continu de fonctionné comme quoi il est bien actif mais dans la recherche Réseau RIEN et je dois redémarrer pour espérer me re-connecter ; alors que si je tente manuellement lorsqu'il est en fonctionnement "correct" d'éteindre le WIFI par le bouton puis de le rallumer là il se re-connecte !! * Quelques BlueScreen !! Il peut en avoir deux dans la même journée puis plus rien pendant quelques jours et le revoila !! * Le PC met 2 à 5 minutes pour s'éteindre alors qu'avant cela il allait très vite !! * Des pubs apparaissent maintenant avec Firefox malgré l'option anti-pop up activée !! * J'ai passé un coup de Spybot qui m'a trouvé quelque chose du nom de : kgrok.exe (et d'ailleurs il y avait peut-être quelques jours de ça ce même processus avait subi une erreur lors d'un démarrage du PC!!) !! Mon PC : * J'avais Avast jusqu'à ce que je découvre votre forum avec ZoneAlarme (que j'ai arrêté il y a deux jours car j'ai vu qu'il existait quelques incompatibilités avec Avast !!) !! Bon maintenant j'ai mis Antivir seul on verra bien !! J'ai réalisé l'étape "Pré-Nettoyage d'un PC infecté" et j'ai eu ceci avec HijackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:40:00, on 17/12/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Launch Manager\QtZgAcer.EXE D:\Matériels\Imprimante\Sophie\HP Software Update\hpwuSchd2.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Users\Kévin\Program Files\DNA\btdna.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe C:\Windows\ehome\ehmsas.exe C:\Users\KVIN~1\AppData\Local\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\MATRIE~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [iaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [HP Software Update] D:\Matériels\Imprimante\Sophie\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Matériels\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [CloneCDTray] "D:\Matériels\Clone DVD-CD\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Kévin\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [kgrok] "c:\users\kévin\appdata\local\kgrok.exe" kgrok O4 - HKCU\..\Run: [spybotSD TeaTimer] D:\Matériels\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-4009350913-2126091967-105754436-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'postgres') O4 - HKUS\S-1-5-21-4009350913-2126091967-105754436-1002\..\RunOnce: [AcerScrSav] C:\Windows\Acer\run_NB.exe (User 'postgres') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Global Startup: Acer Empowering Technology.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\BUREAU~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Internet\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Internet\Poker\Titan Poker\casino.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\BUREAU~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\MATRIE~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\MATRIE~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - D:\Internet\Maconfig\maconfservice.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - D:\Internet\Poker\PostgreSQL\bin\pg_ctl.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9014 bytes J'espère vraiment que vous allez pouvoir m'aider et me guider pour que tout redevienne clean sans que j'ai à tout rebooter !! Merci d'avance et n'hésitez pas pour des informations supplémentaires, je serais disponible ! Kévin.