Aller au contenu

jeannot27

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    9

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    francais

jeannot27's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. jeannot27
    Bonjour, Voici le rapport GMER 1.0.15.14972 - http://www.gmer.net Rootkit scan 2009-05-11 08:37:53 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.15 ---- Code \??\C:\DOCUME~1\seb\LOCALS~1\Temp\catchme.sys pIofCallDriver ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \FileSystem\Ntfs \Ntfs psdfilter.sys (PSD Filter Driver/HiTRUST) AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \FileSystem\Fastfat \Fat psdfilter.sys (PSD Filter Driver/HiTRUST) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) ---- EOF - GMER 1.0.15 ----
  2. jeannot27
    Re, Aucune amélioration malheureusement, c'est toujours aussi lent....
  3. jeannot27
    voila le rapport merci ComboFix 09-05-09.05 - seb 10/05/2009 18:20.4 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.570 [GMT 2:00] Lancé depuis: c:\documents and settings\seb\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\seb\Bureau\CFScript.txt AV: avast! antivirus 4.8.1296 [VPS 090509-0] *On-access scanning disabled* (Updated) . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_mailKmd ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-10 au 2009-05-10 )))))))))))))))))))))))))))))))))))) . 2009-05-09 17:42 . 2009-05-09 17:42 -------- d-sh--w C:\FOUND.000 2009-05-09 10:16 . 2009-05-09 10:16 -------- d-----w c:\documents and settings\seb\Application Data\Malwarebytes 2009-05-09 10:16 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-05-09 10:16 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-09 10:16 . 2009-05-09 10:16 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2009-05-09 10:16 . 2009-05-09 10:16 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-05-09 07:43 . 2009-05-09 07:43 -------- d-----w C:\rsit 2009-05-08 22:23 . 2009-05-08 22:23 -------- d-----w c:\windows\BDOSCAN8 2009-05-08 19:41 . 2009-05-08 19:41 -------- d-----w c:\program files\Zeb-Utility 2009-05-08 19:25 . 2009-05-08 19:25 -------- d-----w c:\program files\RegCleaner 2009-05-08 18:41 . 2009-05-08 18:41 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-05-08 18:41 . 2009-05-08 18:41 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-05-08 18:24 . 2009-05-08 18:24 -------- d-----w c:\program files\ToniArts 2009-05-08 17:02 . 2009-05-08 17:02 -------- d-----w c:\windows\Google Toolbar 2009-04-14 19:49 . 2009-04-14 19:49 -------- d-----w c:\documents and settings\seb\Local Settings\Application Data\Google 2009-04-14 19:49 . 2009-04-14 19:49 -------- d-----w c:\program files\Google 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-----w c:\program files\Western Digital 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-----w c:\documents and settings\seb\Local Settings\Application Data\{E00349D7-2D4A-40AB-AD07-7E81E8674BDA} 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-s---w c:\documents and settings\seb\Local Settings\Application Data\Memeo 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-s---w c:\documents and settings\All Users\Application Data\Memeo 2009-04-14 19:47 . 2009-04-14 19:47 -------- d-----w c:\documents and settings\seb\Local Settings\Application Data\{9E5C7B4F-5A46-458E-9BAE-0001A6640C4A} 2009-04-14 19:47 . 2009-04-14 19:47 -------- d-----w c:\program files\Western Digital Technologies 2009-04-11 10:46 . 2009-04-11 10:46 -------- d--h--w c:\windows\PIF . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-10 10:12 . 2009-02-23 13:18 12 ----a-w c:\windows\bthservsdp.dat 2009-04-20 17:48 . 2006-06-09 18:06 76574 ----a-w c:\windows\system32\perfc00C.dat 2009-04-20 17:48 . 2006-06-09 18:06 470278 ----a-w c:\windows\system32\perfh00C.dat 2009-03-25 19:34 . 2006-06-09 13:45 40224 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-25 19:26 . 2009-03-25 19:26 -------- d-----w c:\program files\Bonjour 2009-03-25 19:15 . 2009-03-25 19:15 -------- d-----w c:\program files\Fichiers communs\Macrovision Shared 2009-03-06 14:00 . 2004-08-10 03:00 286720 ----a-w c:\windows\system32\pdh.dll 2009-02-20 08:15 . 2006-01-09 18:02 672256 ----a-w c:\windows\system32\wininet.dll 2009-02-20 08:15 . 2004-08-10 03:00 81920 ----a-w c:\windows\system32\ieencode.dll 2009-02-16 16:27 . 2009-02-16 16:27 6656 ----a-w c:\windows\system32\haspvdd.dll 2009-02-16 16:27 . 2009-02-16 16:27 47616 ----a-w c:\windows\system32\drivers\Haspnt.sys 2009-02-16 16:27 . 2009-02-16 16:27 383 ----a-w c:\windows\system32\haspdos.sys . ((((((((((((((((((((((((((((( SnapShot@2009-05-09_09.04.32 ))))))))))))))))))))))))))))))))))))))))) . + 2009-05-10 13:18 . 2009-05-10 13:18 16384 c:\windows\Temp\Perflib_Perfdata_b04.dat + 2009-05-10 13:13 . 2009-05-10 13:13 16384 c:\windows\Temp\Perflib_Perfdata_994.dat + 2009-05-10 13:12 . 2009-05-10 13:12 16384 c:\windows\Temp\Perflib_Perfdata_740.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-25 39408] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "preload"="c:\windows\RUNXMLPL.exe" [2005-05-19 32768] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 761945] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248] "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-18 7397376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-01-18 86016] "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768] "LManager"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-04-19 69632] "CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480] "LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2005-07-25 241664] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-04-20 86016] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088] "ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 421888] "Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584] "Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-04-28 401408] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280] "LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 331776] "LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 13:55 73728] "LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-01-11 15961088] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-12-12 88204] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2008-9-12 45056] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [12/09/2008 23:17 111184] R1 Hotkey;Hotkey;c:\windows\system32\drivers\HOTKEY.sys [12/09/2008 22:52 9867] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/09/2008 23:17 20560] R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [12/09/2008 22:56 4096] R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [12/09/2008 22:56 78208] R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [12/09/2008 22:35 1097728] S1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys --> c:\windows\system32\drivers\Wbutton.sys [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0914ed14-ba65-11dd-8c89-001302e344b8}] \Shell\AutoRun\command - F:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cf33b6-c96a-11dd-8c9e-001302e344b8}] \Shell\AutoRun\command - F:\InstallTomTomHOME.exe . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.yahoo.fr/ uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll FF - ProfilePath - c:\documents and settings\seb\Application Data\Mozilla\Firefox\Profiles\qrhtseez.default\ FF - prefs.js: browser.startup.homepage - hxxp://fr.yahoo.com/ FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-10 18:22 Windows 5.1.2600 Service Pack 2 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(5772) c:\windows\system32\MSNCHATHOOK.DLL c:\windows\system32\sysenv.dll c:\windows\system32\CryptoAPI.dll c:\windows\system32\MFC71U.DLL c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Heure de fin: 2009-05-10 18:24 ComboFix-quarantined-files.txt 2009-05-10 16:24 ComboFix2.txt 2009-05-09 10:08 ComboFix3.txt 2009-05-09 09:16 Avant-CF: 25 822 330 880 octets libres Après-CF: 25 896 484 864 octets libres 173 --- E O F --- 2009-04-16 05:34
  4. jeannot27
    Le lien ne fonctionne pas.... Mon PC marche tjs aussi mal même les sons windows vibrent (je ne sais pas comment dire c'est inodible), ça rame ça rame.... En fait quand je suis le lein pour CFScript.txt j'ai une page blanche avec marqué : "Driver:: mailKmd "
  5. jeannot27
    Je comprends pas je t'ai déja mis le rapport dans ma réponse précédente....
  6. jeannot27
    Voila les rapports... merci ComboFix 09-05-08.03 - seb 09/05/2009 12:03.2 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.638 [GMT 2:00] Lancé depuis: c:\documents and settings\seb\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\seb\Bureau\CFScript.txt AV: avast! antivirus 4.8.1296 [VPS 090508-0] *On-access scanning disabled* (Updated) FILE :: c:\windows\system32\enhco.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-09 au 2009-05-09 )))))))))))))))))))))))))))))))))))) . 2009-05-09 07:43 . 2009-05-09 07:43 -------- d-----w C:\rsit 2009-05-08 22:23 . 2009-05-08 22:23 -------- d-----w c:\windows\BDOSCAN8 2009-05-08 19:41 . 2009-05-08 19:41 -------- d-----w c:\program files\Zeb-Utility 2009-05-08 19:25 . 2009-05-08 19:25 -------- d-----w c:\program files\RegCleaner 2009-05-08 18:41 . 2009-05-08 18:41 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-05-08 18:41 . 2009-05-08 18:41 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-05-08 18:24 . 2009-05-08 18:24 -------- d-----w c:\program files\ToniArts 2009-05-08 17:02 . 2009-05-08 17:02 -------- d-----w c:\windows\Google Toolbar 2009-04-14 19:49 . 2009-04-14 19:49 -------- d-----w c:\documents and settings\seb\Local Settings\Application Data\Google 2009-04-14 19:49 . 2009-04-14 19:49 -------- d-----w c:\program files\Google 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-----w c:\program files\Western Digital 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-----w c:\documents and settings\seb\Local Settings\Application Data\{E00349D7-2D4A-40AB-AD07-7E81E8674BDA} 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-s---w c:\documents and settings\seb\Local Settings\Application Data\Memeo 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-s---w c:\documents and settings\All Users\Application Data\Memeo 2009-04-14 19:47 . 2009-04-14 19:47 -------- d-----w c:\documents and settings\seb\Local Settings\Application Data\{9E5C7B4F-5A46-458E-9BAE-0001A6640C4A} 2009-04-14 19:47 . 2009-04-14 19:47 -------- d-----w c:\program files\Western Digital Technologies 2009-04-11 10:46 . 2009-04-11 10:46 -------- d--h--w c:\windows\PIF . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-09 08:55 . 2009-02-23 13:18 12 ----a-w c:\windows\bthservsdp.dat 2009-04-20 17:48 . 2006-06-09 18:06 76574 ----a-w c:\windows\system32\perfc00C.dat 2009-04-20 17:48 . 2006-06-09 18:06 470278 ----a-w c:\windows\system32\perfh00C.dat 2009-03-25 19:34 . 2006-06-09 13:45 40224 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-25 19:26 . 2009-03-25 19:26 -------- d-----w c:\program files\Bonjour 2009-03-25 19:15 . 2009-03-25 19:15 -------- d-----w c:\program files\Fichiers communs\Macrovision Shared 2009-03-06 14:00 . 2004-08-10 03:00 286720 ----a-w c:\windows\system32\pdh.dll 2009-02-20 08:15 . 2006-01-09 18:02 672256 ----a-w c:\windows\system32\wininet.dll 2009-02-20 08:15 . 2004-08-10 03:00 81920 ----a-w c:\windows\system32\ieencode.dll 2009-02-16 16:27 . 2009-02-16 16:27 6656 ----a-w c:\windows\system32\haspvdd.dll 2009-02-16 16:27 . 2009-02-16 16:27 47616 ----a-w c:\windows\system32\drivers\Haspnt.sys 2009-02-16 16:27 . 2009-02-16 16:27 383 ----a-w c:\windows\system32\haspdos.sys 2009-02-09 13:17 . 2004-08-10 03:00 1846400 ----a-w c:\windows\system32\win32k.sys 2009-02-09 11:42 . 2005-09-29 18:28 2022912 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-02-09 11:42 . 2005-09-29 18:28 2144768 ----a-w c:\windows\system32\ntoskrnl.exe 2009-02-09 10:03 . 2004-08-10 03:00 740352 ----a-w c:\windows\system32\ntdll.dll 2009-02-09 10:03 . 2004-08-10 03:00 735232 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 10:03 . 2004-08-10 03:00 686080 ----a-w c:\windows\system32\advapi32.dll 2009-02-09 10:03 . 2004-08-10 03:00 401408 ----a-w c:\windows\system32\rpcss.dll 2009-02-09 09:53 . 2004-08-10 03:00 111104 ----a-w c:\windows\system32\services.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-25 39408] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "preload"="c:\windows\RUNXMLPL.exe" [2005-05-19 32768] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 761945] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248] "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-18 7397376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-01-18 86016] "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768] "LManager"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-04-19 69632] "CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480] "LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2005-07-25 241664] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-04-20 86016] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088] "ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 421888] "Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584] "Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-04-28 401408] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280] "LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 331776] "LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 13:55 73728] "LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-01-11 15961088] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-12-12 88204] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2008-9-12 45056] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [12/09/2008 23:17 111184] R1 Hotkey;Hotkey;c:\windows\system32\drivers\HOTKEY.sys [12/09/2008 22:52 9867] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/09/2008 23:17 20560] R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [12/09/2008 22:56 4096] R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [12/09/2008 22:56 78208] R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [12/09/2008 22:35 1097728] S1 mailKmd;mailKmd; [x] S1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys --> c:\windows\system32\drivers\Wbutton.sys [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0914ed14-ba65-11dd-8c89-001302e344b8}] \Shell\AutoRun\command - F:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cf33b6-c96a-11dd-8c9e-001302e344b8}] \Shell\AutoRun\command - F:\InstallTomTomHOME.exe . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.yahoo.fr/ uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll FF - ProfilePath - c:\documents and settings\seb\Application Data\Mozilla\Firefox\Profiles\qrhtseez.default\ FF - prefs.js: browser.startup.homepage - hxxp://fr.yahoo.com/ FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-09 12:05 Windows 5.1.2600 Service Pack 2 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(6836) c:\windows\system32\MSNCHATHOOK.DLL c:\windows\system32\sysenv.dll c:\windows\system32\CryptoAPI.dll c:\windows\system32\MFC71U.DLL c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\acer\Empowering Technology\ePower\SysHook.dll . Heure de fin: 2009-05-09 12:08 ComboFix-quarantined-files.txt 2009-05-09 10:08 ComboFix2.txt 2009-05-09 09:16 Avant-CF: 15 256 158 208 octets libres Après-CF: 15 256 748 032 octets libres 166 --- E O F --- 2009-04-16 05:34 Malwarebytes' Anti-Malware 1.36 Version de la base de données: 2098 Windows 5.1.2600 Service Pack 2 09/05/2009 15:06:59 mbam-log-2009-05-09 (15-06-59).txt Type de recherche: Examen complet (C:\|D:\|F:\|) Eléments examinés: 209066 Temps écoulé: 2 hour(s), 27 minute(s), 12 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Merci
  7. jeannot27
    Voici le rapport encore merci! ComboFix 09-05-08.03 - seb 09/05/2009 10:49.1 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.591 [GMT 2:00] Lancé depuis: c:\documents and settings\seb\Bureau\ComboFix.exe AV: avast! antivirus 4.8.1296 [VPS 090508-0] *On-access scanning enabled* (Updated) . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\npf.sys c:\windows\system32\Packet.dll c:\windows\system32\pthreadVC.dll c:\windows\system32\WanPacket.dll c:\windows\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NPF -------\Service_NPF ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-09 au 2009-05-09 )))))))))))))))))))))))))))))))))))) . 2009-05-09 07:43 . 2009-05-09 07:43 -------- d-----w C:\rsit 2009-05-08 22:23 . 2009-05-08 22:23 -------- d-----w c:\windows\BDOSCAN8 2009-05-08 19:41 . 2009-05-08 19:41 -------- d-----w c:\program files\Zeb-Utility 2009-05-08 19:25 . 2009-05-08 19:25 -------- d-----w c:\program files\RegCleaner 2009-05-08 18:41 . 2009-05-08 18:41 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-05-08 18:41 . 2009-05-08 18:41 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-05-08 18:24 . 2009-05-08 18:24 -------- d-----w c:\program files\ToniArts 2009-05-08 17:02 . 2009-05-08 17:02 -------- d-----w c:\windows\Google Toolbar 2009-04-14 19:49 . 2009-04-14 19:49 -------- d-----w c:\documents and settings\seb\Local Settings\Application Data\Google 2009-04-14 19:49 . 2009-04-14 19:49 -------- d-----w c:\program files\Google 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-----w c:\program files\Western Digital 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-----w c:\documents and settings\seb\Local Settings\Application Data\{E00349D7-2D4A-40AB-AD07-7E81E8674BDA} 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-s---w c:\documents and settings\seb\Local Settings\Application Data\Memeo 2009-04-14 19:48 . 2009-04-14 19:48 -------- d-s---w c:\documents and settings\All Users\Application Data\Memeo 2009-04-14 19:47 . 2009-04-14 19:47 -------- d-----w c:\documents and settings\seb\Local Settings\Application Data\{9E5C7B4F-5A46-458E-9BAE-0001A6640C4A} 2009-04-14 19:47 . 2009-04-14 19:47 -------- d-----w c:\program files\Western Digital Technologies 2009-04-11 10:46 . 2009-04-11 10:46 -------- d--h--w c:\windows\PIF . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-09 08:55 . 2009-02-23 13:18 12 ----a-w c:\windows\bthservsdp.dat 2009-04-20 17:48 . 2006-06-09 18:06 76574 ----a-w c:\windows\system32\perfc00C.dat 2009-04-20 17:48 . 2006-06-09 18:06 470278 ----a-w c:\windows\system32\perfh00C.dat 2009-03-25 19:34 . 2006-06-09 13:45 40224 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-25 19:26 . 2009-03-25 19:26 -------- d-----w c:\program files\Bonjour 2009-03-25 19:15 . 2009-03-25 19:15 -------- d-----w c:\program files\Fichiers communs\Macrovision Shared 2009-03-06 14:00 . 2004-08-10 03:00 286720 ----a-w c:\windows\system32\pdh.dll 2009-02-20 08:15 . 2006-01-09 18:02 672256 ----a-w c:\windows\system32\wininet.dll 2009-02-20 08:15 . 2004-08-10 03:00 81920 ----a-w c:\windows\system32\ieencode.dll 2009-02-16 16:27 . 2009-02-16 16:27 6656 ----a-w c:\windows\system32\haspvdd.dll 2009-02-16 16:27 . 2009-02-16 16:27 47616 ----a-w c:\windows\system32\drivers\Haspnt.sys 2009-02-16 16:27 . 2009-02-16 16:27 383 ----a-w c:\windows\system32\haspdos.sys 2009-02-09 13:17 . 2004-08-10 03:00 1846400 ----a-w c:\windows\system32\win32k.sys 2009-02-09 11:42 . 2005-09-29 18:28 2022912 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-02-09 11:42 . 2005-09-29 18:28 2144768 ----a-w c:\windows\system32\ntoskrnl.exe 2009-02-09 10:03 . 2004-08-10 03:00 740352 ----a-w c:\windows\system32\ntdll.dll 2009-02-09 10:03 . 2004-08-10 03:00 735232 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 10:03 . 2004-08-10 03:00 686080 ----a-w c:\windows\system32\advapi32.dll 2009-02-09 10:03 . 2004-08-10 03:00 401408 ----a-w c:\windows\system32\rpcss.dll 2009-02-09 09:53 . 2004-08-10 03:00 111104 ----a-w c:\windows\system32\services.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-25 39408] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "preload"="c:\windows\RUNXMLPL.exe" [2005-05-19 32768] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 761945] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248] "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-18 7397376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-01-18 86016] "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768] "LManager"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-04-19 69632] "CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480] "LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2005-07-25 241664] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-04-20 86016] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088] "ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 421888] "Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584] "Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-04-28 401408] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280] "LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-06-26 331776] "LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-06-26 13:55 73728] "LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-01-11 15961088] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2005-12-12 88204] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2008-9-12 45056] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [12/09/2008 23:17 111184] R1 Hotkey;Hotkey;c:\windows\system32\drivers\HOTKEY.sys [12/09/2008 22:52 9867] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/09/2008 23:17 20560] R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [12/09/2008 22:56 4096] R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [12/09/2008 22:56 78208] R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [12/09/2008 22:35 1097728] S1 mailKmd;mailKmd; [x] S1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys --> c:\windows\system32\drivers\Wbutton.sys [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0914ed14-ba65-11dd-8c89-001302e344b8}] \Shell\AutoRun\command - F:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cf33b6-c96a-11dd-8c9e-001302e344b8}] \Shell\AutoRun\command - F:\InstallTomTomHOME.exe . - - - - ORPHELINS SUPPRIMES - - - - ShellExecuteHooks-{5ECD31F0-F91A-11d4-B3CA-00D0B70A09D2} - WDShell . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.yahoo.fr/ uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll FF - ProfilePath - c:\documents and settings\seb\Application Data\Mozilla\Firefox\Profiles\qrhtseez.default\ FF - prefs.js: browser.startup.homepage - hxxp://fr.yahoo.com/ FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-09 11:04 Windows 5.1.2600 Service Pack 2 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(6660) c:\program files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll c:\windows\system32\MSNCHATHOOK.DLL c:\windows\system32\sysenv.dll c:\windows\system32\CryptoAPI.dll c:\windows\system32\MFC71U.DLL c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\INTEL\WIRELESS\BIN\EVTENG.EXE c:\program files\INTEL\WIRELESS\BIN\S24EVMON.EXE c:\program files\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE c:\program files\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE c:\program files\FICHIERS COMMUNS\LOGITECH\LVMVFM\LVPRCSRV.EXE c:\acer\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE c:\program files\Bonjour\mDNSResponder.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\windows\system32\fxssvc.exe c:\windows\eHome\ehmsas.exe c:\windows\SYSTEM32\RUNDLL32.EXE c:\windows\system32\wbem\wmiapsrv.exe c:\program files\ALWIL SOFTWARE\AVAST4\ASHDISP.EXE c:\windows\SYSTEM32\RUNDLL32.EXE c:\program files\MICROSOFT ACTIVESYNC\RAPIMGR.EXE c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\dllhost.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-05-09 11:16 - La machine a redémarré ComboFix-quarantined-files.txt 2009-05-09 09:16 Avant-CF: 13 130 530 816 octets libres Après-CF: 13 023 051 776 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect 210 --- E O F --- 2009-04-16 05:34
  8. jeannot27
    Bonjour, Tout d'abord merci de ton aide, voici les rapports demandés... Logfile of random's system information tool 1.06 (written by random/random) Run by seb at 2009-05-09 09:43:32 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 13 GB (23%) free of 54 GB Total RAM: 1022 MB (50% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:45:37, on 09/05/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Acer\OrbiCam\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Microsoft ActiveSync\Wcescomm.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\MICROS~2\rapimgr.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\wuauclt.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\RegCleaner\RegCleanr.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\seb\Bureau\RSIT.exe C:\Documents and Settings\seb\Bureau\seb.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Acer Empowering Technology.lnk = ? O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 12086 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-25 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-25 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-25 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-25 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512] "preload"=C:\Windows\RUNXMLPL.exe [2005-05-19 32768] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-12-16 761945] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-01-11 15961088] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-12-12 88204] "ntiMUI"=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056] ""= [] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952] "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-01-19 7397376] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-01-19 86016] "LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768] "LManager"=C:\Program Files\Launch Manager\HotkeyApp.exe [2006-04-19 69632] "CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480] "LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2005-07-25 241664] "Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2006-04-20 86016] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088] "ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-03-30 421888] "Boot"=C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584] "Acer ePresentation HPD"=C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-03-31 204800] "eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-04-28 401408] "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2006-06-23 225280] "LogitechCameraAssistant"=C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2006-06-26 331776] "LogitechVideo[inspector]"=C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2006-06-26 73728] "LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-25 39408] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-02-07 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5ECD31F0-F91A-11d4-B3CA-00D0B70A09D2}"=WDShell [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Enabled:Football Manager 2009" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0914ed14-ba65-11dd-8c89-001302e344b8}] shell\AutoRun\command - F:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3baa6ccc-9891-11dd-8c57-001302e344b8}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cf33b6-c96a-11dd-8c9e-001302e344b8}] shell\AutoRun\command - F:\InstallTomTomHOME.exe ======List of files/folders created in the last 1 months====== 2009-05-09 09:43:32 ----D---- C:\rsit 2009-05-09 00:23:38 ----D---- C:\WINDOWS\BDOSCAN8 2009-05-09 00:23:26 ----D---- C:\WINDOWS\LastGood 2009-05-08 21:41:03 ----D---- C:\Program Files\Zeb-Utility 2009-05-08 21:25:15 ----D---- C:\Program Files\RegCleaner 2009-05-08 21:21:48 ----D---- C:\WINDOWS\pss 2009-05-08 20:41:47 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-05-08 20:41:47 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-05-08 20:24:41 ----D---- C:\Program Files\ToniArts 2009-05-08 19:02:31 ----D---- C:\WINDOWS\Google Toolbar 2009-04-16 07:34:38 ----HD---- C:\WINDOWS\$NtUninstallKB959426$ 2009-04-16 07:34:32 ----HD---- C:\WINDOWS\$NtUninstallKB961373$ 2009-04-16 07:32:42 ----HD---- C:\WINDOWS\$NtUninstallKB956572$ 2009-04-16 07:32:27 ----HD---- C:\WINDOWS\$NtUninstallKB952004$ 2009-04-16 07:32:20 ----HD---- C:\WINDOWS\$NtUninstallKB960803$ 2009-04-16 07:32:04 ----HD---- C:\WINDOWS\$NtUninstallKB963027$ 2009-04-16 07:31:48 ----HD---- C:\WINDOWS\$NtUninstallKB923561$ 2009-04-15 20:29:30 ----D---- C:\Documents and Settings\seb\Application Data\Google 2009-04-14 21:51:00 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2009-04-14 21:49:32 ----D---- C:\Program Files\Google 2009-04-14 21:48:55 ----D---- C:\Program Files\Western Digital 2009-04-14 21:48:00 ----SD---- C:\Documents and Settings\All Users\Application Data\Memeo 2009-04-14 21:47:48 ----D---- C:\Program Files\Western Digital Technologies 2009-04-11 12:46:31 ----HD---- C:\WINDOWS\PIF ======List of files/folders modified in the last 1 months====== 2009-05-06 19:15:54 ----A---- C:\WINDOWS\win.ini 2009-05-06 19:11:18 ----A---- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt 2009-05-06 13:52:30 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-04-22 21:38:04 ----A---- C:\Documents and Settings\seb\Application Data\QuickZip45.ini 2009-04-20 19:48:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864] R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40320] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-09-12 21275] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032] R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys [] R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys [] R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys [] R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys [] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568] R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys [] R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys [] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-12-12 1124097] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-01-13 4137984] R3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\system32\DRIVERS\lv321av.sys [2006-06-19 1097728] R3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys [] R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys [] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2006-06-19 39424] R3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-11-02 32512] R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-06-09 6144] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-01-19 3628640] R3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys [] R3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys [] R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-10 67584] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-12-16 191936] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-23 162176] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-26 1427968] S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys [] S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys [] S3 akshasp;Aladdin HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2006-11-22 327168] S3 aksusb;Aladdin USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2006-11-22 100096] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800] S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024] S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-02-07 1399615] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824] S3 NSCIRDA;Pilote de périphérique infrarouge NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-03 28672] S3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-10 17024] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160] R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-12-15 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753] R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2006-06-23 86016] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-01-19 143426] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-10 268800] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-25 654848] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 182768] S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920] S3 HP Status Server;HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-11-02 86016] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] -----------------EOF----------------- puis info.Txt info.txt logfile of random's system information tool 1.06 2009-05-09 09:45:50 ======Uninstall list====== -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu" -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.62-->"C:\Program Files\7-Zip\Uninstall.exe" Acer eDataSecurity Management 2.0.3076-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33753F89908} /l1036 Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDStbmngr.exe UNINSTALL 1 Acer Empowering Technology-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly Acer eNet Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\Setup.exe" -l0x40c Acer ePerformance Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x40c -removeonly Acer ePower Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c Acer ePresentation Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\Setup.exe" -l0x40c Acer eSettings Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}\setup.exe" -l0x40c -removeonly Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI Acer Screensaver-->MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05} Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000} Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} Agere Systems HDA Modem-->agrsmdel Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows XP (KB888795)-->"C:\WINDOWS\$NtUninstallKB888795$\spuninst\spuninst.exe" Correctif pour Windows XP (KB891593)-->"C:\WINDOWS\$NtUninstallKB891593$\spuninst\spuninst.exe" Correctif pour Windows XP (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe" Correctif pour Windows XP (KB899337)-->"C:\WINDOWS\$NtUninstallKB899337$\spuninst\spuninst.exe" Correctif pour Windows XP (KB899510)-->"C:\WINDOWS\$NtUninstallKB899510$\spuninst\spuninst.exe" Correctif pour Windows XP (KB902841)-->"C:\WINDOWS\$NtUninstallKB902841$\spuninst\spuninst.exe" Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif Windows XP - KB885855-->C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe Correctif Windows XP - KB888239-->C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe Correctif Windows XP - KB895961-->"C:\WINDOWS\$NtUninstallKB895961$\spuninst\spuninst.exe" EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 Football Manager 2009-->"C:\Program Files\Sports Interactive\Football Manager 2009\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe" Free Easy Burner V 3.8-->"C:\Program Files\Free Easy Burner\unins000.exe" Free Mp3 Wma Converter V 1.7.3-->"C:\Program Files\Free Audio Pack\unins000.exe" GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe" Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Documents and Settings\seb\Bureau\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe" Hotfix for Windows XP (KB909394)-->"C:\WINDOWS\$NtUninstallKB909394$\spuninst\spuninst.exe" Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe" HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{3A316611-45D1-429C-AA26-B71259C44689}\setup\hpzscr01.exe -datfile hposcr11.dat Lapin Malin Maternelle 1-->C:\WINDOWS\unin040c.exe -fC:\TLCWIN\RRT\uninstal\DeIsL1.isu Laplink Controller for Pocket PC-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FEEEE16-9BFA-46B9-9AFC-33C88FD0BBBD}\Setup.exe" -l0x9 UNINSTALL Launch Manager V1.1.0.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\Setup.exe" -l0x40c Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logiciel Acer OrbiCam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76AC1AEB-1167-4ABC-8861-4E58392A5B7F}\setup.exe" -l0x40c Logiciel Intel® PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779} Microsoft .NET Framework 1.0 Hotfix (KB930494)-->"C:\WINDOWS\$NtUninstallKB930494$\spuninst\spuninst.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office 2000 Standard-->MsiExec.exe /I{0002040C-78E1-11D2-B60F-006097C998E7} Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe" Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401} Navman SmartST Desktop 2006 SE-->C:\Program Files\InstallShield Installation Information\{60DD2787-197D-4303-ABAC-7B4DAA373CB2}\setup.exe -runfromtemp -l0x040c -removeonly NTI Backup NOW! 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B06B842F-2450-494F-BBDE-217CDC151A37}\setup.exe" -l0x9 -uninst -removeonly NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7 NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe" PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall Programme de gestion Acer OrbiCam-->"C:\Program Files\Fichiers communs\Acer\OrbiCam\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT -l040c Quick Zip 4.60.019-->"C:\Program Files\QuickZip4\unins000.exe" Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FF6F491D-BC82-4DCC-A72F-1824957C6466} /l1036 TomTom HOME 2.5.2.60-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971} VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B} Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 10 Hotfix - KB894476-->"C:\WINDOWS\$NtUninstallKB894476$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe" XnView 1.94.2-->"C:\Program Files\XnView\unins000.exe" Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE Zeb-Utility 1.2-->C:\Program Files\Zeb-Utility\Uninstal.exe ======Hosts File====== 127.0.0.1 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com ======Security center information====== AV: avast! antivirus 4.8.1296 [VPS 090508-0] ======System event log====== Computer Name: MARTIN Event Code: 7036 Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution. Record Number: 10096 Source Name: Service Control Manager Time Written: 20090330191846.000000+120 Event Type: Informations User: Computer Name: MARTIN Event Code: 7036 Message: Le service Fax est entré dans l'état : arrêté. Record Number: 10095 Source Name: Service Control Manager Time Written: 20090330191845.000000+120 Event Type: Informations User: Computer Name: MARTIN Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{1211F478-EB82-4485-9493-C75122B5DE9B} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 10094 Source Name: Tcpip Time Written: 20090330191831.000000+120 Event Type: Informations User: Computer Name: MARTIN Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 10093 Source Name: EventLog Time Written: 20090330191822.000000+120 Event Type: Informations User: Computer Name: MARTIN Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Multiprocessor Free. Record Number: 10092 Source Name: EventLog Time Written: 20090330191822.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: MARTIN Event Code: 0 Message: Le service a géré avec succès PowerEvent. Record Number: 9960 Source Name: AcerMemUsageCheckService Time Written: 20090319205437.000000+060 Event Type: Informations User: Computer Name: MARTIN Event Code: 0 Message: Le service a géré avec succès PowerEvent. Record Number: 9959 Source Name: AcerMemUsageCheckService Time Written: 20090319205246.000000+060 Event Type: Informations User: Computer Name: MARTIN Event Code: 0 Message: Le service a géré avec succès PowerEvent. Record Number: 9958 Source Name: AcerMemUsageCheckService Time Written: 20090319204946.000000+060 Event Type: Informations User: Computer Name: MARTIN Event Code: 0 Message: Le service a géré avec succès PowerEvent. Record Number: 9957 Source Name: AcerMemUsageCheckService Time Written: 20090319204846.000000+060 Event Type: Informations User: Computer Name: MARTIN Event Code: 0 Message: Le service a géré avec succès PowerEvent. Record Number: 9956 Source Name: AcerMemUsageCheckService Time Written: 20090319204746.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0f06 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- Voila encore merci
  9. jeannot27
    Bonjour, Mon PC rame énormément depuis hier sans aucune explication, le démarrage de windows met 10mn avant que j'ai la main, et ensuite ça rame énormément, je ne peux plus écouter de musique ou regarder de film, le son est déformé et l'image se bloque intempestivement, voici mon rapport HijakThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:38:40, on 08/05/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Acer\Empowering Technology\ePresentation\ePresentation.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Acer\OrbiCam\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Microsoft ActiveSync\Wcescomm.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\MICROS~2\rapimgr.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\wuauclt.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\seb\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe" O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe" O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Acer Empowering Technology.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 11150 bytes Merci pour votre aide....
×
×
  • Créer...