Se connecter / S'enregistrer
Votre question

Bonjour petit probleme de virus ^^

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Décembre 2009 12:07:42

Bonjour ^^, j'ai un petit probleme de virus ,page d'accueil qui change totu le temps, pc qui ralentit etc ... je n'arrive pas a le supprimer mon antivirus bloque et fati planter mon pc. j'aurai besoin de votre aide merci d'avance.
a +tard

Autres pages sur : bonjour petit probleme virus

13 Décembre 2009 20:12:29

Bonsoir micose,

télécharge RSIT (merci random/random) sur le Bureau : Ici

Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.

-Si HijackThis n' est pas présent/non détecté sur ton Pc, il le téléchargera (autorise l' accès dans ton pare-feu si demandé et accepte la licence).

Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi que info.txt qui est dans la Barre des Tâches

NB : Ces rapports sont enregistrés dans le dossier C:\rsit

Tuto : http://forum.pcastuces.com/randoms_system_information_t...

A+
14 Décembre 2009 09:45:28

bonjour et merci de ton aide voici les rapports.


Logfile of random's system information tool 1.06 (written by random/random)
Run by Solène at 2009-12-14 09:35:15
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 15 GB (13%) free of 114 GB
Total RAM: 3070 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:35:46, on 14/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Users\Solène\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Savvy TV\DTV Service.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Users\SOLNE~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Solène\Desktop\RSIT.exe
C:\Program Files\trend micro\Solène.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] "%ProgramFiles%\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM\..\Run: [SynTPStart] "C:\Program Files\Synaptics\SynTP\SynTPStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] "C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe"
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LManager] "C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [PLFSet] "rundll32.exe" C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Savvy DTV Service] C:\Program Files\Savvy TV\DTV Service.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\Solène\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] "C:\Windows\ehome\ehTray.exe"
O4 - HKCU\..\Run: [mess clock] "C:\ProgramData\4 Media Media.ne4mg"
O4 - HKCU\..\Run: [locks tick title proc] "C:\ProgramData\Up Sixth Bin.aon43"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpld...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Inc. - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14825 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{57A2D547-7E5F-4BE6-BE22-4B0BDE2BA9F0}.job
C:\Windows\tasks\wrSpySweeper_LA185408EC3074F4B9A84C481A804B121.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-09-05 816400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-15 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-08 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-28 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}]
EoBHO Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll [2008-11-18 42792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask.com Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-15 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-01-03 155184]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-09-05 816400]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-08 263280]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask.com Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"ALaunch"=C:\Acer\ALaunch\AlaunchClient.exe []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-24 4702208]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2008-01-24 102400]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-01-03 521776]
"eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-10-10 1286144]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-11-22 178712]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2008-01-30 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-01-30 8501792]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-01-30 81920]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-01-02 707080]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2008-01-22 200704]
"eRecoveryService"= []
"PLFSet"=C:\Windows\PLFSet.dll [2007-04-25 45056]
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-15 136600]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-02-28 63048]
"EoEngine"=C:\Program Files\EoRezo\EoEngine.exe [2009-02-23 472872]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Savvy DTV Service"=C:\Program Files\Savvy TV\DTV Service.exe [2006-07-04 49152]
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2009-11-06 6515784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SoftwareHelper"=C:\Users\Solène\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"mess clock"=C:\ProgramData\4 Media Media.ne4mg [2009-04-01 77840]
"locks tick title proc"=C:\ProgramData\Up Sixth Bin.aon43 [2009-02-01 253968]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-28 39408]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

C:\Users\Solène\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:D ecryption"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:D ecryption"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{456fddf0-51e1-11de-bb8b-b04b5f38db9f}]
shell\AutoRun\command - E:\Toshiba\more4you.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be78abf2-690f-11dd-961f-dbd48c2c2924}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs


======List of files/folders created in the last 1 months======

2009-12-14 09:35:15 ----D---- C:\rsit
2009-12-14 09:35:15 ----D---- C:\Program Files\trend micro
2009-12-12 09:13:06 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-12 09:12:58 ----A---- C:\Windows\system32\httpapi.dll
2009-12-11 14:59:41 ----A---- C:\Windows\system32\winhttp.dll
2009-12-11 14:59:23 ----A---- C:\Windows\system32\mshtml.dll
2009-12-11 14:59:22 ----A---- C:\Windows\system32\wininet.dll
2009-12-11 14:59:22 ----A---- C:\Windows\system32\occache.dll
2009-12-11 14:59:21 ----A---- C:\Windows\system32\urlmon.dll
2009-12-11 14:59:19 ----A---- C:\Windows\system32\ieframe.dll
2009-12-11 14:59:18 ----A---- C:\Windows\system32\iertutil.dll
2009-12-11 14:59:18 ----A---- C:\Windows\system32\ieapfltr.dll
2009-12-11 14:59:17 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-11 14:59:17 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-11 14:59:16 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-11 14:59:16 ----A---- C:\Windows\system32\ieaksie.dll
2009-12-11 14:59:15 ----A---- C:\Windows\system32\mstime.dll
2009-12-11 14:59:15 ----A---- C:\Windows\system32\ieencode.dll
2009-12-11 14:59:14 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-11 14:58:12 ----A---- C:\Windows\system32\rastls.dll
2009-12-11 14:58:12 ----A---- C:\Windows\system32\raschap.dll
2009-12-08 18:54:32 ----D---- C:\Users\Solène\AppData\Roaming\QuickScan
2009-12-08 12:47:50 ----D---- C:\Users\Solène\AppData\Roaming\Webroot
2009-12-08 12:47:50 ----D---- C:\ProgramData\Webroot
2009-12-08 12:47:50 ----A---- C:\Windows\WRSetup.dll
2009-11-26 14:18:33 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 11:18:36 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 11:18:35 ----A---- C:\Windows\system32\msxml3.dll
2009-11-16 17:41:49 ----A---- C:\Windows\system32\WSDApi.dll

======List of files/folders modified in the last 1 months======

2009-12-14 09:35:28 ----D---- C:\Windows\Temp
2009-12-14 09:35:16 ----D---- C:\Windows\Prefetch
2009-12-14 09:35:15 ----RD---- C:\Program Files
2009-12-14 09:29:07 ----A---- C:\Users\Solène\AppData\Roaming\acervcmtmp.ini
2009-12-14 09:28:57 ----D---- C:\Users\Solène\AppData\Roaming\OpenOffice.org2
2009-12-14 09:28:47 ----D---- C:\Users\Solène\AppData\Roaming\EoRezo
2009-12-14 09:27:38 ----SHD---- C:\System Volume Information
2009-12-13 18:03:13 ----D---- C:\Windows\System32
2009-12-13 18:03:13 ----D---- C:\Windows\inf
2009-12-13 18:03:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-13 12:02:08 ----D---- C:\Windows
2009-12-12 19:56:51 ----D---- C:\Windows\rescache
2009-12-12 19:44:20 ----D---- C:\Windows\system32\catroot
2009-12-12 19:43:37 ----D---- C:\Windows\system32\drivers
2009-12-12 10:08:59 ----D---- C:\Windows\winsxs
2009-12-12 09:21:11 ----D---- C:\Windows\system32\fr-FR
2009-12-12 09:21:11 ----D---- C:\Program Files\Windows Mail
2009-12-12 09:21:11 ----D---- C:\Program Files\Internet Explorer
2009-12-12 09:13:33 ----D---- C:\Windows\system32\catroot2
2009-12-12 09:12:52 ----SHD---- C:\Windows\Installer
2009-12-12 09:12:46 ----D---- C:\ProgramData\Microsoft Help
2009-12-08 13:52:44 ----D---- C:\Windows\Tasks
2009-12-08 13:18:13 ----D---- C:\Windows\system32\Tasks
2009-12-08 12:47:50 ----HD---- C:\ProgramData
2009-12-08 12:47:50 ----D---- C:\Program Files\Webroot
2009-12-08 12:44:34 ----D---- C:\Users\Solène\AppData\Roaming\GetRightToGo
2009-12-08 00:57:16 ----D---- C:\Program Files\LogMeIn
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-11-20 20:30:57 ----D---- C:\Program Files\Mozilla Firefox
2009-11-18 13:54:53 ----RSD---- C:\Windows\assembly
2009-11-18 13:54:20 ----RSD---- C:\Windows\Fonts
2009-11-18 13:54:15 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-18 13:54:01 ----D---- C:\Program Files\Microsoft Works

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 pwipf6;Privacyware Filter Driver; C:\Windows\system32\DRIVERS\pwipf6.sys [2009-12-08 102224]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-25 41456]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2008-10-17 47640]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-24 12672]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-01-03 16432]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-01-03 59952]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-24 8704]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-24 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-24 208384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-24 1950552]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2008-02-28 10144]
R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-02-18 6144]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-01-30 7629504]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-06-12 1729152]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-24 192816]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-24 660480]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2008-01-24 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-24 179712]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EAGLE2RC;Analog/DVB-T Hybrid Tv Infrared Receiver; C:\Windows\system32\DRIVERS\Eagle2RC.sys [2006-05-24 8576]
S3 Eagle2TV;TV tuner device; C:\Windows\System32\Drivers\eagle2tv_B.sys [2006-06-02 384128]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Pilote de carte Intel(R) PRO/sans fil 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
S3 SSKBFD;Webroot Spy Sweeper Keylogger Shield Keyboard Filter; C:\Windows\System32\Drivers\sskbfd.sys [2007-07-19 23864]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-02-08 611664]
R2 ALaunchService;ALaunch Service; C:\Acer\ALaunch\ALaunchSvc.exe [2007-09-19 51200]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-01-03 506416]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-10-01 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-12-20 131072]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-11-22 358936]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-11-27 110592]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-12-04 266343]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2007-09-28 233472]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2009-11-06 4048240]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-20 167936]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [2009-12-08 1201640]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-24 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2009-10-10 116032]
S4 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-02-28 63040]

-----------------EOF-----------------









info.txt logfile of random's system information tool 1.06 2009-12-14 09:35:52

======Uninstall list======

-->"C:\Program Files\Webroot\Spy Sweeper\unins000.exe" /Log="C:\Users\SOLNE~1\AppData\Local\Temp\Uninstall.txt"
-->Dummy
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\SetXX.exe" -uninst
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade Deluxe-->C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\Setup.exe -uninstall
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x040c -removeonly -u
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe -runfromtemp -l0x0009 -removeonly
Acer eAudio Management-->"C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.exe" -uninstall
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly
Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly
Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer GameZone Console 2.0.1.1-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -l0x40c -removeonly
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
Adobe® Photoshop® Album Edition Découverte 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Agatha Christie Death on the Nile-->"C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\Uninstall.exe" "C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\install.log"
Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ask.com Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Azada-->"C:\Program Files\Acer GameZone\Azada\Uninstall.exe" "C:\Program Files\Acer GameZone\Azada\install.log"
Backspin Billiards-->"C:\Program Files\Acer GameZone\Backspin Billiards\Uninstall.exe" "C:\Program Files\Acer GameZone\Backspin Billiards\install.log"
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
Big Kahuna Reef-->"C:\Program Files\Acer GameZone\Big Kahuna Reef\Uninstall.exe" "C:\Program Files\Acer GameZone\Big Kahuna Reef\install.log"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Bricks of Egypt-->"C:\Program Files\Acer GameZone\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Acer GameZone\Bricks of Egypt\install.log"
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe
eoEngine 9.1-->"C:\Program Files\EoRezo\unins000.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -IAcrZUn32z.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
iTunes-->MsiExec.exe /I{5D601655-6D54-4384-B52C-17EC5385FBBD}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Jewel Quest Solitaire-->"C:\Program Files\Acer GameZone\Jewel Quest Solitaire\Uninstall.exe" "C:\Program Files\Acer GameZone\Jewel Quest Solitaire\install.log"
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Kick N Rush-->"C:\Program Files\Acer GameZone\Kick N Rush\Uninstall.exe" "C:\Program Files\Acer GameZone\Kick N Rush\install.log"
Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x040c -removeonly
LimeWire 4.18.6-->"C:\Program Files\LimeWire\uninstall.exe"
LogMeIn-->MsiExec.exe /I{ED0042CA-CBEA-4ADF-B262-FE0518AF2221}
Magic Karaoke Maker-->C:\Program Files\Magic Karaoke Maker\Uninstall.exe
Mahjong Escape Ancient China-->"C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\install.log"
Mahjongg Artifacts-->"C:\Program Files\Acer GameZone\Mahjongg Artifacts\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjongg Artifacts\install.log"
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Mozilla Firefox (3.0.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 and SOAP Toolkit 3.0-->MsiExec.exe /I{32343DB6-9A52-40C9-87E4-5E7C79791C87}
Mystery Case Files - Huntsville-->"C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\install.log"
Mystery Solitaire - Secret Island-->"C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\install.log"
Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\NSSSetup\{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}_2_0_0\NSSSetup.exe" /X
Norton Security Scan-->MsiExec.exe /X{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe" -removeonly
NTI Backup NOW! 4.7-->C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe -runfromtemp -l0x040c
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
OpenOffice.org 2.4-->MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D}
Orion-->MsiExec.exe /X{0BF78E88-A7C9-4406-89CF-0BA473BA7821}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
Pro Evolution Soccer 2008 DEMO-->C:\Program Files\InstallShield Installation Information\{DA0B985B-6B62-466B-B141-1F4E52E6370F}\setup.exe -runfromtemp -l0x040c
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\Setup.exe" -l0x40c anything
Savvy TV-->MsiExec.exe /I{648BF0F4-2FA7-40D5-AE3C-A257ACD6ED79}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SoftwareUpdate 1.0-->"C:\Users\Solène\AppData\Roaming\eoRezo\SoftwareUpdate\unins000.exe"
SonicStage 4.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x40c UNINSTALL -removeonly
Spy Sweeper Core-->MsiExec.exe /I{3F5B6210-0903-4DC6-8034-8F488AA3A782}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winbond CIR Drivers-->MsiExec.exe /X{427967BF-09F8-46D5-9275-37001CCBBA5D}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
Zuma Deluxe-->"C:\Program Files\Acer GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Zuma Deluxe\install.log"

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 091213-0]
AS: Windows Defender
AS: avast! antivirus 4.8.1229 [VPS 091213-0]

======System event log======

Computer Name: PC-de-Solène
Event Code: 7000
Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 211878
Source Name: Service Control Manager
Time Written: 20091214082820.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Solène
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {457EBD4B-FE44-4197-A371-92EB4760EBDB}
Utilisateur : PC-de-Solène\Solène
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : regkey:HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper;runonce:HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper;file:C:\Users\Solène\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 211941
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091214082950.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-Solène
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {79957D41-F107-4E88-B15B-CE2AA1A001B4}
Utilisateur : PC-de-Solène\Solène
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : regkey:HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper;runonce:HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper;file:C:\Users\Solène\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 211943
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091214082953.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-Solène
Event Code: 8021
Message: Le service Explorateur n'a pas pu retrouver la liste des serveurs du maître explorateur \\PCANDY sur le réseau \Device\NetBT_Tcpip_{53FA46BB-9ABE-421B-A09B-5B1A9E66D59B}.

Maître explorateur : \\PCANDY
Réseau : \Device\NetBT_Tcpip_{53FA46BB-9ABE-421B-A09B-5B1A9E66D59B}

Cet événement peut être causé par une perte temporaire de connectivité réseau. Si ce message apparaît à nouveau, vérifiez que le serveur est toujours connecté au réseau. Le code renvoyé est dans la boîte de texte Données.
Record Number: 211952
Source Name: BROWSER
Time Written: 20091214083118.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-Solène
Event Code: 8032
Message: Le service Explorateur d'ordinateur a rencontré un nombre d'échecs trop important en essayant de retrouver la copie de sauvegarde de la liste sur le transport \Device\NetBT_Tcpip_{53FA46BB-9ABE-421B-A09B-5B1A9E66D59B}. L'explorateur secondaire s'arrête.
Record Number: 211957
Source Name: BROWSER
Time Written: 20091214083236.000000-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name: PC-de-Solène
Event Code: 1002
Message: Le programme firefox.exe version 1.9.0.3576 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solution
Contenus similaires
14 Décembre 2009 14:22:56

Bonjour micose,

ta machine est surinfectée...

Désactive le Contrôle des comptes utilisateurs (UAC, tu le réactiveras après la désinfection) :
- Va dans démarrer>Panneau de configuration
- Double-clique sur l' icône Comptes d' utilisateurs
- Clique ensuite sur désactiver puis valide

Télécharge ToolBar-S&D (merci Team Idn) : Ici

* Double-clique sur ToolBar-S&D afin de lancer l' installation, un raccourci sera ajouté sur le Bureau
* Double-clique dessus pour démarrer l' outil et choisis la langue
* Tape 1 puis sur la touche [Entrée] afin de lancer la recherche
* Patiente jusqu' à la fin de celle-ci, le rapport s' ouvrira dans le Bloc-notes
* Poste le rapport (se trouvant également C:\TB.txt)

A+
14 Décembre 2009 17:28:27

bonjour et merci ^^ voici les rapports



-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz )
BIOS : ZD1 v1.3811 3H11
USER : Solène ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 091213-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:111 Go (Free:14 Go)
D:\ (Local Disk) - NTFS - Total:107 Go (Free:107 Go)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 14/12/2009|17:22 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR"
"Start Page"="http://y.lo.st"
"Search Bar"="http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR"
"First Home Page"="http://y.lo.st"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://fr.fr.acer.yahoo.com"
"Default_Page_URL"="http://fr.fr.acer.yahoo.com"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 14/12/2009|17:25 - Option : [1]

-----------\\ Fin du rapport a 17:25:03,96

14 Décembre 2009 20:37:51

Bonsoir micose,

fais cette manip' et poste le rapport : Ici

A+
14 Décembre 2009 21:10:07

voici le rapport et merci de ton aide ^^

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_E | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 13.12.2009 à 20:08
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:52:49, 14/12/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
Nom du PC: PC-DE-SOLÔNE | Utilisateur actuel: SolŠne
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.

C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
C:\Users\SolŠne\AppData\LocalLow\AskToolbar
C:\Program Files\EoRezo
C:\Users\SOLNE~1\AppData\Roaming\EoRezo
.
HKCU\software\appdatalow\software\AskToolbar
HKCU\software\Ask.com
HKCU\software\EoRezo
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\software\classes\appid\EoRezoBHO.DLL
HKLM\software\classes\appid\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\software\classes\EoRezoBHO.EoBHO
HKLM\software\classes\EoRezoBHO.EoBHO.1
HKLM\software\classes\GenericAskToolbar.ToolbarWnd
HKLM\software\classes\GenericAskToolbar.ToolbarWnd.1
HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Classes\Interface\{819DB72D-1C28-4387-9778-E2FF3DC86F74}
HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\software\EoRezo
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper
HKLM\software\microsoft\windows\currentversion\uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
HKLM\software\microsoft\windows\currentversion\uninstall\eoEngine_is1
HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
HKU\s-1-5-21-591565691-734077761-1061759920-1000\software\appdatalow\software\AskToolbar
HKU\s-1-5-21-591565691-734077761-1061759920-1000\software\Ask.com
HKU\s-1-5-21-591565691-734077761-1061759920-1000\software\EoRezo
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.15 [fr] *
.
Nom du profil: ofu6hklc.default (SolŠne)
.
(SOLNE~1, Invalidprefs.js) Browser.download.dir, C:\Users\Solène\Downloads
(SOLNE~1, Invalidprefs.js) Browser.download.lastDir, C:\Users\Solène\Desktop\a dvP
(SOLNE~1, Invalidprefs.js) Browser.startup.homepage, hxxp://y.lo.st
.
(SOLNE~1, Invalidprefs.js) TROUVE - Browser.startup.homepage, hxxp://y.lo.st
.
(SOLNE~1, prefs.js) Browser.download.dir, C:\Users\Solène\Downloads
(SOLNE~1, prefs.js) Browser.download.lastDir, C:\Users\Solène\Desktop
(SOLNE~1, prefs.js) Browser.search.defaultenginename, Ask.com
(SOLNE~1, prefs.js) Browser.search.selectedEngine, Google
(SOLNE~1, prefs.js) Browser.startup.homepage, hxxp://y.lo.st
.
(SOLNE~1, prefs.js) TROUVE - Browser.search.defaultengine, Ask.com
(SOLNE~1, prefs.js) TROUVE - Browser.search.defaultenginename, Ask.com
(SOLNE~1, prefs.js) TROUVE - Browser.search.order.1, Ask.com
(SOLNE~1, prefs.js) TROUVE - Browser.startup.homepage, hxxp://y.lo.st
(SOLNE~1, prefs.js) TROUVE - Extensions.asktb.cbid, W6
(SOLNE~1, prefs.js) TROUVE - Extensions.asktb.default-channel-url-mask, hxxp://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}
(SOLNE~1, prefs.js) TROUVE - Extensions.asktb.fresh-install, false
(SOLNE~1, prefs.js) TROUVE - Extensions.asktb.l, dis
(SOLNE~1, prefs.js) TROUVE - Extensions.asktb.last-config-req, 1260816552336
(SOLNE~1, prefs.js) TROUVE - Extensions.asktb.locale, en_US
(SOLNE~1, prefs.js) TROUVE - Extensions.asktb.o, 13997
(SOLNE~1, prefs.js) TROUVE - Extensions.asktb.overlay-reloaded-using-restart, true
(SOLNE~1, prefs.js) TROUVE - Extensions.asktb.qsrc, 2871
(SOLNE~1, prefs.js) TROUVE - Extensions.asktb.r, 3
(SOLNE~1, prefs.js) TROUVE - Extensions.enabledItems, toolbar@ask.com:3.2.1.265,{e001c731-5e37-4538-a5cb-8168736a2360}:0.9.8.2,{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}:6.0.04,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,LogMeInClient@logmein.com:1.0.0.381,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15
.
(SOLNE~1, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(SOLNE~1, prefs.js) Browser.search.selectedEngine, Live Search
.
.
* Internet Explorer Version 7.0.6001.18000 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Search Page: hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
Start Page: hxxp://y.lo.st
Use Search Asst: no
Search Bar: hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
Use Custom Search URL: 1 (0x1)
Enable Browser Extensions: yes
First Home Page: hxxp://y.lo.st
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.fr.acer.yahoo.com
Default_Page_URL: hxxp://fr.fr.acer.yahoo.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: hxxp://y.lo.st
.
===================================
.
7388 Octet(s) - C:\Ad-Report-SCAN[1].log
.
1149 Fichier(s) - C:\Users\SOLNE~1\AppData\Local\Temp
65 Fichier(s) - C:\Windows\Temp
93 Fichier(s) - C:\Windows\Prefetch
.
3 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 21:08:33 | 14/12/2009 - SCAN[1]
.
============== E.O.F ==============
14 Décembre 2009 23:21:09

Re,

et fais celle-ci : Ici
15 Décembre 2009 09:47:19

re voici le rapport
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_E | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 13.12.2009 à 20:08
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 9:20:57, 15/12/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
Nom du PC: PC-DE-SOLÔNE | Utilisateur actuel: SolŠne
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
C:\Users\SolŠne\AppData\LocalLow\AskToolbar
C:\Program Files\EoRezo
C:\Users\SOLNE~1\AppData\Roaming\EoRezo

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\appdatalow\software\AskToolbar
HKCU\software\Ask.com
HKCU\software\EoRezo
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\software\classes\appid\EoRezoBHO.DLL
HKLM\software\classes\appid\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\software\classes\EoRezoBHO.EoBHO
HKLM\software\classes\EoRezoBHO.EoBHO.1
HKLM\software\classes\GenericAskToolbar.ToolbarWnd
HKLM\software\classes\GenericAskToolbar.ToolbarWnd.1
HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Classes\Interface\{819DB72D-1C28-4387-9778-E2FF3DC86F74}
HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\software\EoRezo
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper
HKLM\software\microsoft\windows\currentversion\uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
HKLM\software\microsoft\windows\currentversion\uninstall\eoEngine_is1
HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.15 [fr] *
.
Nom du profil: ofu6hklc.default (SolŠne)
.
(SOLNE~1, Invalidprefs.js) Browser.download.dir, C:\Users\Solène\Downloads
(SOLNE~1, Invalidprefs.js) Browser.download.lastDir, C:\Users\Solène\Desktop\a dvP
(SOLNE~1, Invalidprefs.js) Browser.startup.homepage, hxxp://y.lo.st
.
(SOLNE~1, Invalidprefs.js) EFFACE - Browser.startup.homepage, hxxp://y.lo.st
.
(SOLNE~1, prefs.js) Browser.download.dir, C:\Users\Solène\Downloads
(SOLNE~1, prefs.js) Browser.download.lastDir, C:\Users\Solène\Desktop
(SOLNE~1, prefs.js) Browser.search.defaultenginename, Ask.com
(SOLNE~1, prefs.js) Browser.search.selectedEngine, Google
(SOLNE~1, prefs.js) Browser.startup.homepage, hxxp://y.lo.st
.
(SOLNE~1, prefs.js) EFFACE - Browser.search.defaultengine, Ask.com
(SOLNE~1, prefs.js) EFFACE - Browser.search.defaultenginename, Ask.com
(SOLNE~1, prefs.js) EFFACE - Browser.search.order.1, Ask.com
(SOLNE~1, prefs.js) EFFACE - Browser.startup.homepage, hxxp://y.lo.st
(SOLNE~1, prefs.js) EFFACE - Extensions.asktb.cbid, W6
(SOLNE~1, prefs.js) EFFACE - Extensions.asktb.default-channel-url-mask, hxxp://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}
(SOLNE~1, prefs.js) EFFACE - Extensions.asktb.fresh-install, false
(SOLNE~1, prefs.js) EFFACE - Extensions.asktb.l, dis
(SOLNE~1, prefs.js) EFFACE - Extensions.asktb.last-config-req, 1260816552336
(SOLNE~1, prefs.js) EFFACE - Extensions.asktb.locale, en_US
(SOLNE~1, prefs.js) EFFACE - Extensions.asktb.o, 13997
(SOLNE~1, prefs.js) EFFACE - Extensions.asktb.overlay-reloaded-using-restart, true
(SOLNE~1, prefs.js) EFFACE - Extensions.asktb.qsrc, 2871
(SOLNE~1, prefs.js) EFFACE - Extensions.asktb.r, 3
(SOLNE~1, prefs.js) EFFACE - Extensions.enabledItems, toolbar@ask.com:3.2.1.265,{e001c731-5e37-4538-a5cb-8168736a2360}:0.9.8.2,{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}:6.0.04,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,LogMeInClient@logmein.com:1.0.0.381,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15
.
(SOLNE~1, prefs.js) Browser.startup.homepage, hxxp://fr.msn.com/
(SOLNE~1, prefs.js) Browser.search.selectedEngine, Live Search
.
.
* Internet Explorer Version 7.0.6001.18000 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Search Page: hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
Start Page: hxxp://www.google.fr/
Use Search Asst: no
Search Bar: hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
Use Custom Search URL: 1 (0x1)
Enable Browser Extensions: yes
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.fr.acer.yahoo.com
Default_Page_URL: hxxp://fr.fr.acer.yahoo.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
7373 Octet(s) - C:\Ad-Report-CLEAN[1].log
7758 Octet(s) - C:\Ad-Report-SCAN[1].log
.
1 Fichier(s) - C:\Users\SOLNE~1\AppData\Local\Temp
1 Fichier(s) - C:\Windows\Temp
13 Fichier(s) - C:\Windows\Prefetch
.
22 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
63 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 9:44:56 | 15/12/2009 - CLEAN[1]
.
============== E.O.F ==============
.
15 Décembre 2009 15:40:31

Bonjour micose,

télécharge UsbFix (merci Chiquitine29) : Ici

# Connecte tous tes périphériques externes, sans les ouvrir

# Double-clique sur le raccourci présent sur ton Bureau

# Choisis l' option 1 (Recherche) et laisse-le travailler

# Poste le rapport (également sauvegardé à la racine du disque)

process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus...) comme étant un RiskTool. Il ne s' agit pas d' un virus, mais d' un utilitaire destiné à mettre fin des processus. Mis entre de mauvaises mains cet utilitaire pourrait arrêter des logiciels de sécurité (antivirus, firewall...), d' où l' alerte émise.


A+
15 Décembre 2009 16:15:48

bonjour frederix voici le rapport


############################## | UsbFix V6.063 |

User : Solène (Administrateurs) # PC-DE-SOLÈNE
Update on 14/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 16:09:59 | 15/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled
AV : avast! antivirus 4.8.1229 [VPS 091214-0] 4.8.1229 [ Enabled | Updated ]

C:\ -> Disque fixe local # 111,19 Go (18,24 Go free) [ACER] # NTFS
D:\ -> Disque fixe local # 107,69 Go (107,6 Go free) [DATA] # NTFS
E:\ -> Disque amovible # 3,63 Go (946,98 Mo free) [USB SOO] # FAT32
F:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\Windows\System32\smss.exe 504
C:\Windows\system32\csrss.exe 628
C:\Windows\system32\wininit.exe 680
C:\Windows\system32\csrss.exe 692
C:\Windows\system32\services.exe 728
C:\Windows\system32\lsass.exe 744
C:\Windows\system32\lsm.exe 752
C:\Windows\system32\winlogon.exe 828
C:\Windows\system32\svchost.exe 928
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe 980
C:\Windows\system32\svchost.exe 1012
C:\Windows\System32\svchost.exe 1052
C:\Windows\System32\svchost.exe 1108
C:\Windows\System32\svchost.exe 1144
C:\Windows\system32\svchost.exe 1168
C:\Windows\system32\SLsvc.exe 1416
C:\Windows\system32\svchost.exe 1464
C:\Windows\system32\svchost.exe 1640
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe 1772
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1784
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1800
C:\Windows\system32\Dwm.exe 1948
C:\Windows\Explorer.EXE 1972
C:\Program Files\Windows Defender\MSASCui.exe 372
C:\Windows\RtHDVCpl.exe 380
C:\Program Files\Synaptics\SynTP\SynTPStart.exe 364
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe 452
C:\Acer\Empowering Technology\eAudio\eAudio.exe 512
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 600
C:\Windows\System32\rundll32.exe 632
C:\Program Files\Launch Manager\QtZgAcer.EXE 772
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe 1964
C:\Program Files\Java\jre6\bin\jusched.exe 1884
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 1868
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe 848
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe 1516
C:\Program Files\iTunes\iTunesHelper.exe 1336
C:\Program Files\Savvy TV\DTV Service.exe 1340
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe 1312
C:\Program Files\Windows Sidebar\sidebar.exe 1344
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1404
C:\Windows\ehome\ehtray.exe 596
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 1216
C:\Program Files\Windows Media Player\wmpnscfg.exe 1944
C:\Windows\System32\rundll32.exe 2084
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2120
C:\Program Files\Acer\Acer VCM\AcerVCM.exe 2136
C:\Program Files\LogMeIn\x86\LMIGuardian.exe 2152
C:\Windows\ehome\ehmsas.exe 2204
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE 2232
C:\Windows\System32\spoolsv.exe 2404
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe 2452
C:\Windows\system32\taskeng.exe 2464
C:\Windows\system32\svchost.exe 2480
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE 2544
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE 2740
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE 2936
C:\Windows\system32\taskeng.exe 2980
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN 2992
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE 3068
C:\Users\SOLNE~1\AppData\Local\Temp\RtkBtMnt.exe 3164
C:\Acer\ALaunch\ALaunchSvc.exe 3644
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 3700
C:\Program Files\Bonjour\mDNSResponder.exe 3724
C:\Windows\system32\svchost.exe 3752
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe 3772
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe 3792
C:\Acer\Empowering Technology\eNet\eNet Service.exe 3988
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 4080
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 1864
C:\Acer\Mobility Center\MobilityService.exe 336
C:\Windows\system32\svchost.exe 2696
C:\Program Files\CyberLink\Shared Files\RichVideo.exe 2104
C:\Program Files\Acer\Acer VCM\RS_Service.exe 2868
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3096
C:\Windows\system32\svchost.exe 3480
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe 3568
C:\Windows\System32\svchost.exe 2128
C:\Windows\system32\SearchIndexer.exe 4060
C:\Windows\system32\DRIVERS\xaudio.exe 2756
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe 3336
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe 3424
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe 4160
C:\Windows\system32\wbem\wmiprvse.exe 4408
C:\Windows\system32\wbem\wmiprvse.exe 4848
C:\Windows\system32\wbem\unsecapp.exe 4936
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 4992
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 5016
C:\Program Files\Windows Media Player\wmpnetwk.exe 5260
C:\Program Files\iPod\bin\iPodService.exe 5616
C:\Program Files\Acer\Acer VCM\acp2HID.exe 3688
C:\Windows\system32\wbem\unsecapp.exe 5552
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE 5776
C:\Windows\system32\wuauclt.exe 124
C:\Program Files\iTunes\iTunes.exe 2268
C:\Windows\system32\SearchProtocolHost.exe 5908
C:\Windows\system32\SearchFilterHost.exe 4572
C:\Program Files\Mozilla Firefox\firefox.exe 6000
C:\Windows\system32\conime.exe 4832
C:\Windows\system32\WUDFHost.exe 4336

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{456fddf0-51e1-11de-bb8b-b04b5f38db9f}
shell\AutoRun\command =E:\Toshiba\more4you.exe

HKCU\..\..\Explorer\MountPoints2\{be78abf2-690f-11dd-961f-dbd48c2c2924}
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.063 ! |

15 Décembre 2009 16:39:15

Re,

# Connecte tous tes périphériques externes, sans les ouvrir

# Double-clique sur le raccourci présent sur ton Bureau

# Choisis l' option 2 (Suppression)

# Ton bureau va disparaître et le pc redémarrer

# Laisse-le travailler

# Poste le rapport
15 Décembre 2009 16:58:28

voici le rapport ^^


############################## | UsbFix V6.063 |

User : Solène (Administrateurs) # PC-DE-SOLÈNE
Update on 14/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 16:49:43 | 15/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1229 [VPS 091214-0] 4.8.1229 [ Enabled | Updated ]

C:\ -> Disque fixe local # 111,19 Go (18,3 Go free) [ACER] # NTFS
D:\ -> Disque fixe local # 107,69 Go (107,6 Go free) [DATA] # NTFS
E:\ -> Disque amovible # 3,63 Go (946,98 Mo free) [USB SOO] # FAT32
F:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\Windows\System32\smss.exe 460
C:\Windows\system32\csrss.exe 544
C:\Windows\system32\wininit.exe 596
C:\Windows\system32\csrss.exe 608
C:\Windows\system32\services.exe 644
C:\Windows\system32\lsass.exe 660
C:\Windows\system32\lsm.exe 668
C:\Windows\system32\winlogon.exe 744
C:\Windows\system32\svchost.exe 856
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe 904
C:\Windows\system32\svchost.exe 936
C:\Windows\System32\svchost.exe 972
C:\Windows\System32\svchost.exe 1176
C:\Windows\System32\svchost.exe 1204
C:\Windows\system32\svchost.exe 1220
C:\Windows\system32\SLsvc.exe 1352
C:\Windows\system32\svchost.exe 1408
C:\Windows\system32\svchost.exe 1644
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe 1756
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1772
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1792
C:\Windows\system32\Dwm.exe 1956
C:\Windows\Explorer.EXE 2044
C:\Windows\system32\runonce.exe 476
C:\Windows\System32\spoolsv.exe 1568
C:\Windows\system32\svchost.exe 1908
C:\Windows\system32\taskeng.exe 1980
C:\Windows\system32\taskeng.exe 2132
C:\Acer\ALaunch\ALaunchSvc.exe 2240
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 2268
C:\Program Files\Bonjour\mDNSResponder.exe 2280
C:\Windows\system32\svchost.exe 2300
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe 2324
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe 2384
C:\Acer\Empowering Technology\eNet\eNet Service.exe 2508
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 2608
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2640
C:\Acer\Mobility Center\MobilityService.exe 2668
C:\Windows\system32\svchost.exe 2732
C:\Program Files\CyberLink\Shared Files\RichVideo.exe 2772
C:\Program Files\Acer\Acer VCM\RS_Service.exe 2844
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2856
C:\Windows\system32\svchost.exe 2896
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe 2948
C:\Windows\System32\svchost.exe 3244
C:\Windows\system32\SearchIndexer.exe 3272
C:\Windows\system32\DRIVERS\xaudio.exe 3344
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe 3364
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe 3412
C:\Windows\system32\wbem\wmiprvse.exe 3512
C:\Windows\system32\PresentationSettings.exe 3552
C:\Windows\system32\WUDFHost.exe 3756
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe 3844
C:\Windows\system32\wbem\wmiprvse.exe 3932
C:\Windows\system32\wbem\unsecapp.exe 3976
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2096
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2176
C:\Program Files\Alwil Software\Avast4\setup\avast.setup 3192
C:\Windows\system32\wbem\WmiApSrv.exe 1404

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\$Recycle.Bin\S-1-5-21-591565691-734077761-1061759920-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-591565691-734077761-1061759920-500
Supprimé ! D:\$Recycle.Bin\S-1-5-21-591565691-734077761-1061759920-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-591565691-734077761-1061759920-500

################## | Registre # Clés infectieuses |


################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{456fddf0-51e1-11de-bb8b-b04b5f38db9f}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{be78abf2-690f-11dd-961f-dbd48c2c2924}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[05/12/2009 12:26|--a------|1024] C:\.rnd
[15/12/2009 09:44|--a------|7786] C:\Ad-Report-CLEAN[1].log
[14/12/2009 21:08|--a------|7758] C:\Ad-Report-SCAN[1].log
[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[21/01/2008 03:24|-rahs----|333203] C:\bootmgr
[18/02/2008 23:49|-ra-s----|8192] C:\BOOTSECT.BAK
[18/09/2006 22:43|--a------|10] C:\config.sys
[?|?|?] C:\hiberfil.sys
[11/04/2009 01:02|--a------|164] C:\install.dat
[16/08/2005 08:49|---------|40960] C:\junction.exe
[22/03/2009 22:25|--a------|4263003] C:\LogMeIn-0784-20090322-222552.dmp
[13/09/2007 10:56|--a------|512] C:\MDR.iss
[18/03/2008 02:13|--a------|20] C:\Medion.ini
[?|?|?] C:\pagefile.sys
[18/03/2008 02:10|--a------|60] C:\Partition.txt
[11/04/2009 01:01|--ah-----|0] C:\ProgramData.LOG1
[11/04/2009 01:01|--ah-----|0] C:\ProgramData.LOG2
[18/02/2008 16:20|--a------|426] C:\RHDSetup.log
[18/02/2008 16:57|--a------|86] C:\setup.log
[14/12/2009 17:25|--a------|1669] C:\TB.txt
[15/12/2009 16:54|--a------|5363] C:\UsbFix.txt
[23/11/2009 19:27|--ah-----|4096] E:\._.Trashes
[26/11/2009 21:57|--ah-----|4096] E:\._.TemporaryItems
[08/12/2009 15:31|--a------|29518] E:\fiche Laligant.odt
[02/12/2009 20:40|--a------|435033] E:\CM CONNAISSANCES DES FAITS SOCIAUX - INTEGRAL.pdf
[03/12/2009 12:35|--a------|20676] E:\fiche enquete.odt
[03/12/2009 09:40|--a------|50467] E:\resum‚ livre.odt
[03/12/2009 09:33|--a------|27637] E:\r‚sum‚ livre.odt
[03/12/2009 19:11|--ah-----|4096] E:\._CM CONNAISSANCES DES FAITS SOCIAUX - INTEGRAL.pdf
[02/12/2009 20:44|--a------|497909] E:\CM INSTITUTIONS ET SOCIETES - INTEGRAL.pdf
[03/12/2009 19:11|--ah-----|4096] E:\._CM INSTITUTIONS ET SOCIETES - INTEGRAL.pdf
[02/12/2009 20:46|--a------|333501] E:\CM SOCIETES ET CULTURES - INTEGRAL.pdf
[03/12/2009 19:11|--ah-----|4096] E:\._CM SOCIETES ET CULTURES - INTEGRAL.pdf
[03/12/2009 20:31|--a------|1146245] E:\CM.rar
[05/12/2009 16:42|--a------|734531584] E:\L'Annee Des Guignols CD 1 2009.avi
[05/12/2009 13:11|--a------|703414942] E:\Voisin contre voisin.Up.By.Mat59.avi
[06/12/2009 19:32|--a------|738125824] E:\Harry Potter et le Prince de sang.FRENCH.BDRiP(2).avi
[08/12/2009 15:36|--a------|22107] E:\fiche bibliographique.odt

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |


################## | Upload |

Veuillez envoyer le fichier : C:\Users\SOLNE~1\Desktop\UsbFix_Upload_Me_PC-de-SolŠne.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.063 ! |

15 Décembre 2009 17:13:44

micose a dit :
> Veuillez envoyer le fichier : C:\Users\SOLNE~1\Desktop\UsbFix_Upload_Me_PC-de-SolŠne.zip : http://chiquitine.changelog.fr/Sample/Upload.php


> ;) 

Dés que vous ouvrez une page Internet, vous vous retrouvez envahi(e) de fenêtres publicitaires nommées CiD, vous proposant de télécharger divers programmes, et vous ne savez plus quoi faire pour vous en débarrasser ? … Ces fenêtres révèlent en réalité la présence de l’adware Lop responsable de cette publicité intempestive dont vous êtes victime.
...
Cet adware s’installe lors de l’installation des logiciels suivants, en contrepartie de leur dite « gratuité » :

* Sponsors MSN plus !
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101
* ...
...
En revanche, seul MSN plus ! propose explicitement à l’internaute d’installer ou non le sponsor (responsable de cette publicité abusive). Et par la suite, permettre de désinstaller facilement le sponsor en question.
...
"POLITIQUE DE PROTECTION DE LA VIE PRIVÉE"

CiD vous fournit le produit logiciel (le « logiciel ») gratuitement ou à un prix réduit en échange de votre acceptation à recevoir des messages publicitaires et promotionnels livrés par CiD et des tiers à votre ordinateur basés en partie sur les
mots-clés des sites web que vous - ou tout autre utilisateur de l'ordinateur - visitez.
Le contenu complémentaire peut inclure des publicités, des promotions, des liens à des sites web tiers ou autres documentations livrés à votre ordinateur qui correspondent à ce qui vous intéresse, basés en partie sur des mots-clés trouvés sur les sites web que vous visitez. (...)"
...
Pour les autres programmes cités précédemment, c’est différent, car le fait de désinstaller le logiciel p2p ne supprimera pas pour autant le sponsor, car celui-ci est dissimulé dans un autre programme nommé "CiDhelp" (ou "CiD-quelquechose" dans certains cas).

Remarque : la plupart du temps, la publicité générée par l’adware lop propose elle-même de télécharger d’autres programmes gratuits, comme des jeux, des chaînes de TV et radios etc. … qui, une fois téléchargés, installeront à leur tour d’autres malwares comme : navipromo, le dialer instant access … eux aussi générateurs de pubs ! Résultat : une infection « en Cascade » se traduisant par une invasion de publicités en tout genre !
1ère Méthode de désinfection : suppression manuelle

* Démarrer en mode sans échec
* Aller dans le menu Démarrer
* Cliquer sur panneau de configuration
* Choisir le module ajout/suppression de programmes
* Pour Msn plus! : il suffit de désinstaller le sponsor :

* Pour les logiciels p2p indiqués un peu plus haut : il faut chercher et supprimer le sponsor lié à CiD :
o Supprimer les programmes suivants si présents :
+ Cid help
+ Circle Developement
+ Adverts


http://www.commentcamarche.net/faq/sujet-5996-comment-b...
16 Décembre 2009 07:19:34

merci a toi !! plus de probleme en vue :)  merci encore et a bientot!
16 Décembre 2009 12:17:04

Bonjour micose,

nous n' avons pas terminé :sarcastic: ...

*Télécharge LOP S&D (merci Eric71) : Ici
-Double-clique dessus pour lancer l' installation, puis sur le raccourci présent sur ton Bureau
-Sélectionne la langue souhaitée et choisis l' option 1 (Recherche)
-Patiente jusqu' à la fin de celle-ci
-Poste le rapport (situé également C:\lopR.txt)

A+
16 Décembre 2009 15:39:17

bonjour ^^ ha mince pas fini ^^ voici le rapport


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz )
BIOS : ZD1 v1.3811 3H11
USER : Solène ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 091216-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:111 Go (Free:14 Go)
D:\ (Local Disk) - NTFS - Total:107 Go (Free:107 Go)
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 16/12/2009|15:32 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[25/05/2008|13:17] C:\Users\SOLNE~1\AppData\Local\Acer Arcade Deluxe
[22/05/2008|17:41] C:\Users\SOLNE~1\AppData\Local\acer eNM
[24/05/2008|14:46] C:\Users\SOLNE~1\AppData\Local\Adobe
[09/09/2008|21:04] C:\Users\SOLNE~1\AppData\Local\Apple
[11/12/2008|18:20] C:\Users\SOLNE~1\AppData\Local\Apple Computer
[22/05/2008|17:40] C:\Users\SOLNE~1\AppData\Local\Application Data
[25/05/2008|13:17] C:\Users\SOLNE~1\AppData\Local\CyberLink
[24/05/2008|12:06] C:\Users\SOLNE~1\AppData\Local\d3d8caps.dat
[31/10/2009|13:12] C:\Users\SOLNE~1\AppData\Local\d3d9caps.dat
[14/12/2009|18:10] C:\Users\SOLNE~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[09/07/2008|12:32] C:\Users\SOLNE~1\AppData\Local\DVDivine
[18/11/2009|17:45] C:\Users\SOLNE~1\AppData\Local\GDIPFONTCACHEV1.DAT
[08/12/2009|12:50] C:\Users\SOLNE~1\AppData\Local\Google
[22/05/2008|17:40] C:\Users\SOLNE~1\AppData\Local\Historique
[25/05/2008|13:17] C:\Users\SOLNE~1\AppData\Local\HomeMedia
[16/12/2009|08:27] C:\Users\SOLNE~1\AppData\Local\IconCache.db
[06/08/2008|20:14] C:\Users\SOLNE~1\AppData\Local\LogMeIn
[16/02/2009|15:30] C:\Users\SOLNE~1\AppData\Local\Microsoft
[03/08/2008|16:59] C:\Users\SOLNE~1\AppData\Local\Microsoft Games
[17/05/2009|18:31] C:\Users\SOLNE~1\AppData\Local\Microsoft Help
[16/04/2009|19:40] C:\Users\SOLNE~1\AppData\Local\MigWiz
[22/05/2008|20:45] C:\Users\SOLNE~1\AppData\Local\Mozilla
[28/05/2008|09:36] C:\Users\SOLNE~1\AppData\Local\PlayMovie
[23/05/2008|21:08] C:\Users\SOLNE~1\AppData\Local\PowerCinema
[16/12/2009|15:32] C:\Users\SOLNE~1\AppData\Local\Temp
[22/05/2008|17:40] C:\Users\SOLNE~1\AppData\Local\Temporary Internet Files
[25/05/2008|21:51] C:\Users\SOLNE~1\AppData\Local\VirtualStore
[18/12/2008|21:20] C:\Users\SOLNE~1\AppData\Local\Windows Live Writer

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[08/12/2009 13:49][--a------] C:\Windows\tasks\wrSpySweeper_LA185408EC3074F4B9A84C481A804B121.job
[16/12/2009 10:56][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{57A2D547-7E5F-4BE6-BE22-4B0BDE2BA9F0}.job
[16/12/2009 10:51][--ah-----] C:\Windows\tasks\SA.DAT
[16/12/2009 08:27][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[18/02/2008|17:26] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[09/04/2009|18:31] C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[28/12/2008|00:48] C:\ProgramData\4 Media Media.2lla6
[01/04/2009|19:10] C:\ProgramData\4 Media Media.82xztv
[01/04/2009|21:43] C:\ProgramData\4 Media Media.ap70cpv
[01/04/2009|20:37] C:\ProgramData\4 Media Media.ek78k
[01/02/2009|06:10] C:\ProgramData\4 Media Media.gji23bv
[01/04/2009|20:59] C:\ProgramData\4 Media Media.gkvl69p
[01/04/2009|21:21] C:\ProgramData\4 Media Media.i0g5hd2
[04/01/2009|01:45] C:\ProgramData\4 Media Media.k8ksn
[01/04/2009|22:05] C:\ProgramData\4 Media Media.ne4mg
[17/01/2009|18:16] C:\ProgramData\4 Media Media.ock2r
[01/04/2009|20:15] C:\ProgramData\4 Media Media.ou4tu
[01/04/2009|19:32] C:\ProgramData\4 Media Media.rbojpvg
[01/02/2009|06:10] C:\ProgramData\4 Media Media.t0xov38
[01/04/2009|19:54] C:\ProgramData\4 Media Media.ucnjl
[18/12/2008|23:05] C:\ProgramData\4 Media Media.ui3fw3q
[18/02/2008|16:45] C:\ProgramData\Acer GameZone Console
[27/02/2009|15:25] C:\ProgramData\Adobe
[24/07/2009|21:21] C:\ProgramData\Apple
[09/09/2008|21:06] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[24/05/2008|18:43] C:\ProgramData\Arcade Lab
[02/04/2009|21:00] C:\ProgramData\bags readme locks tick
[22/05/2008|17:36] C:\ProgramData\Bureau
[28/12/2008|00:49] C:\ProgramData\byte meow vc.bio66
[22/04/2009|17:13] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[03/09/2009|13:24] C:\ProgramData\Electronic Arts
[29/09/2008|17:01] C:\ProgramData\ezsidmv.dat
[22/05/2008|17:36] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[18/02/2008|16:34] C:\ProgramData\FloodLightGames
[28/02/2009|15:48] C:\ProgramData\Google
[01/04/2009|19:10] C:\ProgramData\gramtwo
[08/02/2009|23:14] C:\ProgramData\Lavasoft
[06/08/2008|20:14] C:\ProgramData\LogMeIn
[22/05/2008|17:36] C:\ProgramData\Menu D‚marrer
[12/07/2008|17:37] C:\ProgramData\Messenger Plus!
[18/09/2009|19:14] C:\ProgramData\Microsoft
[12/12/2009|09:12] C:\ProgramData\Microsoft Help
[22/05/2008|17:36] C:\ProgramData\ModŠles
[15/06/2008|20:44] C:\ProgramData\NannyMania
[18/03/2008|02:06] C:\ProgramData\NVIDIA
[25/05/2008|22:24] C:\ProgramData\Sandlot Games
[29/09/2008|16:58] C:\ProgramData\Skype
[15/07/2008|12:45] C:\ProgramData\SonicStage
[15/07/2008|12:45] C:\ProgramData\Sony Corporation
[02/11/2006|14:02] C:\ProgramData\Start Menu
[11/02/2009|18:09] C:\ProgramData\Symantec
[03/08/2009|17:24] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[01/02/2009|06:11] C:\ProgramData\Up Sixth Bin.aon43
[08/12/2009|13:15] C:\ProgramData\Webroot
[07/10/2008|11:21] C:\ProgramData\WLInstaller
[24/05/2008|13:17] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[18/03/2008|02:16] C:\Program Files\Acer
[18/03/2008|02:09] C:\Program Files\Acer Arcade Deluxe
[18/03/2008|02:18] C:\Program Files\ACER CrystalEye webcam
[14/05/2009|20:07] C:\Program Files\Acer GameZone
[18/03/2008|02:20] C:\Program Files\Acer Inc
[18/02/2008|17:26] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[27/02/2009|15:25] C:\Program Files\Adobe
[15/12/2009|09:44] C:\Program Files\Ad-Remover
[04/06/2008|17:01] C:\Program Files\Alwil Software
[09/09/2008|21:04] C:\Program Files\Apple Software Update
[15/06/2008|20:41] C:\Program Files\bfgclient
[18/02/2008|16:45] C:\Program Files\Big Kahuna Reef
[05/02/2009|14:45] C:\Program Files\Bonjour
[14/05/2009|20:06] C:\Program Files\BoontyGames
[18/02/2008|16:22] C:\Program Files\Broadcom
[25/02/2009|18:53] C:\Program Files\Circle Developement
[13/04/2009|16:19] C:\Program Files\Common Files
[18/02/2008|16:02] C:\Program Files\CONEXANT
[18/02/2008|17:06] C:\Program Files\CyberLink
[02/11/2008|20:09] C:\Program Files\EA GAMES
[03/09/2009|13:23] C:\Program Files\Electronic Arts
[22/05/2008|17:36] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[28/02/2009|18:32] C:\Program Files\Google
[03/09/2009|13:06] C:\Program Files\InstallShield Installation Information
[18/03/2008|02:02] C:\Program Files\Intel
[12/12/2009|09:21] C:\Program Files\Internet Explorer
[26/06/2009|20:21] C:\Program Files\iPod
[26/06/2009|20:21] C:\Program Files\iTunes
[15/02/2009|12:41] C:\Program Files\Java
[14/12/2009|17:28] C:\Program Files\Launch Manager
[08/02/2009|23:13] C:\Program Files\Lavasoft
[10/09/2008|12:39] C:\Program Files\LimeWire
[08/12/2009|00:57] C:\Program Files\LogMeIn
[14/05/2009|20:05] C:\Program Files\M6 Jeux
[03/04/2009|15:43] C:\Program Files\Magic Karaoke Maker
[09/04/2009|22:17] C:\Program Files\Messenger Plus! Live
[18/09/2009|19:13] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[18/02/2008|17:25] C:\Program Files\Microsoft Office
[09/09/2009|13:53] C:\Program Files\Microsoft Silverlight
[22/05/2008|18:17] C:\Program Files\Microsoft SQL Server Compact Edition
[18/09/2009|19:14] C:\Program Files\Microsoft Sync Framework
[18/11/2009|13:54] C:\Program Files\Microsoft Works
[03/09/2009|13:22] C:\Program Files\Microsoft WSE
[18/02/2008|17:22] C:\Program Files\Microsoft.NET
[21/01/2008|03:35] C:\Program Files\Movie Maker
[16/12/2009|11:26] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[18/09/2009|19:13] C:\Program Files\MSN Messenger
[13/04/2009|16:19] C:\Program Files\MSSOAP
[22/05/2008|17:59] C:\Program Files\MSXML 4.0
[18/02/2008|16:57] C:\Program Files\NewTech Infosystems
[24/05/2008|14:39] C:\Program Files\OpenOffice.org 2.4
[26/06/2009|20:20] C:\Program Files\QuickTime
[18/02/2008|16:20] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[13/09/2009|13:38] C:\Program Files\Savvy TV
[29/09/2008|16:58] C:\Program Files\Skype
[14/07/2008|15:59] C:\Program Files\Sony
[18/03/2008|02:18] C:\Program Files\SUYIN
[18/02/2008|16:24] C:\Program Files\Synaptics
[14/12/2009|09:35] C:\Program Files\trend micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[24/05/2008|12:31] C:\Program Files\VideoLAN
[08/12/2009|12:47] C:\Program Files\Webroot
[18/02/2008|16:28] C:\Program Files\Winbond Electronics
[21/01/2008|03:35] C:\Program Files\Windows Calendar
[21/01/2008|03:35] C:\Program Files\Windows Collaboration
[21/01/2008|03:35] C:\Program Files\Windows Defender
[21/01/2008|03:35] C:\Program Files\Windows Journal
[18/09/2009|19:14] C:\Program Files\Windows Live
[16/02/2009|15:30] C:\Program Files\Windows Live Safety Center
[17/12/2008|13:55] C:\Program Files\Windows Live SkyDrive
[18/09/2009|19:14] C:\Program Files\Windows Live Toolbar
[12/12/2009|09:21] C:\Program Files\Windows Mail
[31/10/2009|12:44] C:\Program Files\Windows Media Player
[22/05/2008|17:36] C:\Program Files\Windows NT
[21/01/2008|03:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|03:35] C:\Program Files\Windows Sidebar
[25/03/2009|13:45] C:\Program Files\WinRAR
[18/02/2008|17:43] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[27/02/2009|15:25] C:\Program Files\Common Files\Adobe
[26/06/2009|20:21] C:\Program Files\Common Files\Apple
[18/02/2008|17:22] C:\Program Files\Common Files\DESIGNER
[18/02/2008|17:03] C:\Program Files\Common Files\InstallShield
[24/05/2008|14:37] C:\Program Files\Common Files\Java
[18/02/2008|16:56] C:\Program Files\Common Files\LightScribe
[18/11/2009|13:54] C:\Program Files\Common Files\microsoft shared
[13/04/2009|16:19] C:\Program Files\Common Files\MSSoap
[18/02/2008|16:56] C:\Program Files\Common Files\muvee Technologies
[18/02/2008|16:57] C:\Program Files\Common Files\NewTech Infosystems
[15/06/2008|15:15] C:\Program Files\Common Files\Oberon Media
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[29/09/2008|16:58] C:\Program Files\Common Files\Skype
[18/03/2008|02:17] C:\Program Files\Common Files\snp2uvc
[14/07/2008|15:58] C:\Program Files\Common Files\Sony Shared
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[19/04/2009|17:02] C:\Program Files\Common Files\Symantec Shared
[21/01/2008|03:35] C:\Program Files\Common Files\System
[17/12/2008|13:48] C:\Program Files\Common Files\Windows Live
[07/10/2008|11:22] C:\Program Files\Common Files\WindowsLiveInstaller
[08/02/2009|23:11] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 104 Processes )

iexplore.exe ~ [PID:4552]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\4 Media Media.2lla6
C:\ProgramData\4 Media Media.ek78k
C:\ProgramData\4 Media Media.k8ksn
C:\ProgramData\4 Media Media.ne4mg
C:\ProgramData\4 Media Media.ock2r
C:\ProgramData\4 Media Media.ou4tu
C:\ProgramData\4 Media Media.ucnjl
C:\ProgramData\byte meow vc.bio66
C:\ProgramData\Up Sixth Bin.aon43
C:\ProgramData\4 Media Media.82xztv
C:\ProgramData\4 Media Media.ap70cpv
C:\ProgramData\4 Media Media.gji23bv
C:\ProgramData\4 Media Media.gkvl69p
C:\ProgramData\4 Media Media.i0g5hd2
C:\ProgramData\4 Media Media.rbojpvg
C:\ProgramData\4 Media Media.t0xov38
C:\ProgramData\4 Media Media.ui3fw3q

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\bags readme locks tick
C:\ProgramData\bags readme locks tick\love store.dat
C:\Users\SOLNE~1\AppData\Local\Temp\nsg5409.tmp
C:\Program Files\Circle Developement

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mess clock"="\"C:\\ProgramData\\4 Media Media.ne4mg\""
"locks tick title proc"="\"C:\\ProgramData\\Up Sixth Bin.aon43\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-16 15:33:14
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 34

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:32][D:63]-> C:\Users\SOLNE~1\AppData\Local\Temp
[F:34][D:1]-> C:\Users\SOLNE~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:544][D:5]-> C:\Users\SOLNE~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:1][D:1]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 16/12/2009|15:35 - Option : [1]

--------------------\\ Fin du rapport a 15:35:49
[ UAC => 1 ]

16 Décembre 2009 19:11:46

Re,

-Double-clique sur le raccourci LOP S&D et choisis l' option 3, cela supprime l' infection
-A la fin de celle-ci une recherche est relancée
-Le Bloc-notes s' ouvre, poste le rapport dans ta prochaine réponse
16 Décembre 2009 19:31:09

hop voici le rapport ^^

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz )
BIOS : ZD1 v1.3811 3H11
USER : Solène ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 091216-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:111 Go (Free:14 Go)
D:\ (Local Disk) - NTFS - Total:107 Go (Free:107 Go)
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( 16/12/2009|19:25 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\bags readme locks tick\love store.dat
Supprime! - C:\Users\SOLNE~1\AppData\Local\Temp\nsg5409.tmp
Supprime! - C:\ProgramData\4 Media Media.2lla6
Supprime! - C:\ProgramData\4 Media Media.ek78k
Supprime! - C:\ProgramData\4 Media Media.k8ksn
Supprime! - C:\ProgramData\4 Media Media.ne4mg
Supprime! - C:\ProgramData\4 Media Media.ock2r
Supprime! - C:\ProgramData\4 Media Media.ou4tu
Supprime! - C:\ProgramData\4 Media Media.ucnjl
Supprime! - C:\ProgramData\byte meow vc.bio66
Supprime! - C:\ProgramData\Up Sixth Bin.aon43
Supprime! - C:\ProgramData\4 Media Media.82xztv
Supprime! - C:\ProgramData\4 Media Media.ap70cpv
Supprime! - C:\ProgramData\4 Media Media.gji23bv
Supprime! - C:\ProgramData\4 Media Media.gkvl69p
Supprime! - C:\ProgramData\4 Media Media.i0g5hd2
Supprime! - C:\ProgramData\4 Media Media.rbojpvg
Supprime! - C:\ProgramData\4 Media Media.t0xov38
Supprime! - C:\ProgramData\4 Media Media.ui3fw3q
Supprime! - C:\ProgramData\bags readme locks tick
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[25/05/2008|13:17] C:\Users\SOLNE~1\AppData\Local\Acer Arcade Deluxe
[22/05/2008|17:41] C:\Users\SOLNE~1\AppData\Local\acer eNM
[24/05/2008|14:46] C:\Users\SOLNE~1\AppData\Local\Adobe
[09/09/2008|21:04] C:\Users\SOLNE~1\AppData\Local\Apple
[11/12/2008|18:20] C:\Users\SOLNE~1\AppData\Local\Apple Computer
[22/05/2008|17:40] C:\Users\SOLNE~1\AppData\Local\Application Data
[25/05/2008|13:17] C:\Users\SOLNE~1\AppData\Local\CyberLink
[24/05/2008|12:06] C:\Users\SOLNE~1\AppData\Local\d3d8caps.dat
[31/10/2009|13:12] C:\Users\SOLNE~1\AppData\Local\d3d9caps.dat
[14/12/2009|18:10] C:\Users\SOLNE~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[09/07/2008|12:32] C:\Users\SOLNE~1\AppData\Local\DVDivine
[18/11/2009|17:45] C:\Users\SOLNE~1\AppData\Local\GDIPFONTCACHEV1.DAT
[08/12/2009|12:50] C:\Users\SOLNE~1\AppData\Local\Google
[22/05/2008|17:40] C:\Users\SOLNE~1\AppData\Local\Historique
[25/05/2008|13:17] C:\Users\SOLNE~1\AppData\Local\HomeMedia
[16/12/2009|08:27] C:\Users\SOLNE~1\AppData\Local\IconCache.db
[06/08/2008|20:14] C:\Users\SOLNE~1\AppData\Local\LogMeIn
[16/02/2009|15:30] C:\Users\SOLNE~1\AppData\Local\Microsoft
[03/08/2008|16:59] C:\Users\SOLNE~1\AppData\Local\Microsoft Games
[17/05/2009|18:31] C:\Users\SOLNE~1\AppData\Local\Microsoft Help
[16/04/2009|19:40] C:\Users\SOLNE~1\AppData\Local\MigWiz
[22/05/2008|20:45] C:\Users\SOLNE~1\AppData\Local\Mozilla
[28/05/2008|09:36] C:\Users\SOLNE~1\AppData\Local\PlayMovie
[23/05/2008|21:08] C:\Users\SOLNE~1\AppData\Local\PowerCinema
[16/12/2009|19:25] C:\Users\SOLNE~1\AppData\Local\Temp
[22/05/2008|17:40] C:\Users\SOLNE~1\AppData\Local\Temporary Internet Files
[25/05/2008|21:51] C:\Users\SOLNE~1\AppData\Local\VirtualStore
[18/12/2008|21:20] C:\Users\SOLNE~1\AppData\Local\Windows Live Writer

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[08/12/2009 13:49][--a------] C:\Windows\tasks\wrSpySweeper_LA185408EC3074F4B9A84C481A804B121.job
[16/12/2009 10:56][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{57A2D547-7E5F-4BE6-BE22-4B0BDE2BA9F0}.job
[16/12/2009 10:51][--ah-----] C:\Windows\tasks\SA.DAT
[16/12/2009 08:27][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[18/02/2008|17:26] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[09/04/2009|18:31] C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[18/02/2008|16:45] C:\ProgramData\Acer GameZone Console
[27/02/2009|15:25] C:\ProgramData\Adobe
[24/07/2009|21:21] C:\ProgramData\Apple
[09/09/2008|21:06] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[24/05/2008|18:43] C:\ProgramData\Arcade Lab
[22/05/2008|17:36] C:\ProgramData\Bureau
[22/04/2009|17:13] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[03/09/2009|13:24] C:\ProgramData\Electronic Arts
[29/09/2008|17:01] C:\ProgramData\ezsidmv.dat
[22/05/2008|17:36] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[18/02/2008|16:34] C:\ProgramData\FloodLightGames
[28/02/2009|15:48] C:\ProgramData\Google
[01/04/2009|19:10] C:\ProgramData\gramtwo
[08/02/2009|23:14] C:\ProgramData\Lavasoft
[06/08/2008|20:14] C:\ProgramData\LogMeIn
[22/05/2008|17:36] C:\ProgramData\Menu D‚marrer
[12/07/2008|17:37] C:\ProgramData\Messenger Plus!
[18/09/2009|19:14] C:\ProgramData\Microsoft
[12/12/2009|09:12] C:\ProgramData\Microsoft Help
[22/05/2008|17:36] C:\ProgramData\ModŠles
[15/06/2008|20:44] C:\ProgramData\NannyMania
[18/03/2008|02:06] C:\ProgramData\NVIDIA
[25/05/2008|22:24] C:\ProgramData\Sandlot Games
[29/09/2008|16:58] C:\ProgramData\Skype
[15/07/2008|12:45] C:\ProgramData\SonicStage
[15/07/2008|12:45] C:\ProgramData\Sony Corporation
[02/11/2006|14:02] C:\ProgramData\Start Menu
[11/02/2009|18:09] C:\ProgramData\Symantec
[03/08/2009|17:24] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[08/12/2009|13:15] C:\ProgramData\Webroot
[07/10/2008|11:21] C:\ProgramData\WLInstaller
[24/05/2008|13:17] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[18/03/2008|02:16] C:\Program Files\Acer
[18/03/2008|02:09] C:\Program Files\Acer Arcade Deluxe
[18/03/2008|02:18] C:\Program Files\ACER CrystalEye webcam
[14/05/2009|20:07] C:\Program Files\Acer GameZone
[18/03/2008|02:20] C:\Program Files\Acer Inc
[18/02/2008|17:26] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[27/02/2009|15:25] C:\Program Files\Adobe
[15/12/2009|09:44] C:\Program Files\Ad-Remover
[04/06/2008|17:01] C:\Program Files\Alwil Software
[09/09/2008|21:04] C:\Program Files\Apple Software Update
[15/06/2008|20:41] C:\Program Files\bfgclient
[18/02/2008|16:45] C:\Program Files\Big Kahuna Reef
[05/02/2009|14:45] C:\Program Files\Bonjour
[14/05/2009|20:06] C:\Program Files\BoontyGames
[18/02/2008|16:22] C:\Program Files\Broadcom
[13/04/2009|16:19] C:\Program Files\Common Files
[18/02/2008|16:02] C:\Program Files\CONEXANT
[18/02/2008|17:06] C:\Program Files\CyberLink
[02/11/2008|20:09] C:\Program Files\EA GAMES
[03/09/2009|13:23] C:\Program Files\Electronic Arts
[22/05/2008|17:36] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[28/02/2009|18:32] C:\Program Files\Google
[03/09/2009|13:06] C:\Program Files\InstallShield Installation Information
[18/03/2008|02:02] C:\Program Files\Intel
[12/12/2009|09:21] C:\Program Files\Internet Explorer
[26/06/2009|20:21] C:\Program Files\iPod
[26/06/2009|20:21] C:\Program Files\iTunes
[15/02/2009|12:41] C:\Program Files\Java
[14/12/2009|17:28] C:\Program Files\Launch Manager
[08/02/2009|23:13] C:\Program Files\Lavasoft
[10/09/2008|12:39] C:\Program Files\LimeWire
[08/12/2009|00:57] C:\Program Files\LogMeIn
[14/05/2009|20:05] C:\Program Files\M6 Jeux
[03/04/2009|15:43] C:\Program Files\Magic Karaoke Maker
[09/04/2009|22:17] C:\Program Files\Messenger Plus! Live
[18/09/2009|19:13] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[18/02/2008|17:25] C:\Program Files\Microsoft Office
[09/09/2009|13:53] C:\Program Files\Microsoft Silverlight
[22/05/2008|18:17] C:\Program Files\Microsoft SQL Server Compact Edition
[18/09/2009|19:14] C:\Program Files\Microsoft Sync Framework
[18/11/2009|13:54] C:\Program Files\Microsoft Works
[03/09/2009|13:22] C:\Program Files\Microsoft WSE
[18/02/2008|17:22] C:\Program Files\Microsoft.NET
[21/01/2008|03:35] C:\Program Files\Movie Maker
[16/12/2009|18:51] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[18/09/2009|19:13] C:\Program Files\MSN Messenger
[13/04/2009|16:19] C:\Program Files\MSSOAP
[22/05/2008|17:59] C:\Program Files\MSXML 4.0
[18/02/2008|16:57] C:\Program Files\NewTech Infosystems
[24/05/2008|14:39] C:\Program Files\OpenOffice.org 2.4
[26/06/2009|20:20] C:\Program Files\QuickTime
[18/02/2008|16:20] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[13/09/2009|13:38] C:\Program Files\Savvy TV
[29/09/2008|16:58] C:\Program Files\Skype
[14/07/2008|15:59] C:\Program Files\Sony
[18/03/2008|02:18] C:\Program Files\SUYIN
[18/02/2008|16:24] C:\Program Files\Synaptics
[14/12/2009|09:35] C:\Program Files\trend micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[24/05/2008|12:31] C:\Program Files\VideoLAN
[08/12/2009|12:47] C:\Program Files\Webroot
[18/02/2008|16:28] C:\Program Files\Winbond Electronics
[21/01/2008|03:35] C:\Program Files\Windows Calendar
[21/01/2008|03:35] C:\Program Files\Windows Collaboration
[21/01/2008|03:35] C:\Program Files\Windows Defender
[21/01/2008|03:35] C:\Program Files\Windows Journal
[18/09/2009|19:14] C:\Program Files\Windows Live
[16/02/2009|15:30] C:\Program Files\Windows Live Safety Center
[17/12/2008|13:55] C:\Program Files\Windows Live SkyDrive
[18/09/2009|19:14] C:\Program Files\Windows Live Toolbar
[12/12/2009|09:21] C:\Program Files\Windows Mail
[31/10/2009|12:44] C:\Program Files\Windows Media Player
[22/05/2008|17:36] C:\Program Files\Windows NT
[21/01/2008|03:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|03:35] C:\Program Files\Windows Sidebar
[25/03/2009|13:45] C:\Program Files\WinRAR
[18/02/2008|17:43] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[27/02/2009|15:25] C:\Program Files\Common Files\Adobe
[26/06/2009|20:21] C:\Program Files\Common Files\Apple
[18/02/2008|17:22] C:\Program Files\Common Files\DESIGNER
[18/02/2008|17:03] C:\Program Files\Common Files\InstallShield
[24/05/2008|14:37] C:\Program Files\Common Files\Java
[18/02/2008|16:56] C:\Program Files\Common Files\LightScribe
[18/11/2009|13:54] C:\Program Files\Common Files\microsoft shared
[13/04/2009|16:19] C:\Program Files\Common Files\MSSoap
[18/02/2008|16:56] C:\Program Files\Common Files\muvee Technologies
[18/02/2008|16:57] C:\Program Files\Common Files\NewTech Infosystems
[15/06/2008|15:15] C:\Program Files\Common Files\Oberon Media
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[29/09/2008|16:58] C:\Program Files\Common Files\Skype
[18/03/2008|02:17] C:\Program Files\Common Files\snp2uvc
[14/07/2008|15:58] C:\Program Files\Common Files\Sony Shared
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[19/04/2009|17:02] C:\Program Files\Common Files\Symantec Shared
[21/01/2008|03:35] C:\Program Files\Common Files\System
[17/12/2008|13:48] C:\Program Files\Common Files\Windows Live
[07/10/2008|11:22] C:\Program Files\Common Files\WindowsLiveInstaller
[08/02/2009|23:11] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 102 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-16 19:26:08
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 34

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:35][D:62]-> C:\Users\SOLNE~1\AppData\Local\Temp
[F:34][D:1]-> C:\Users\SOLNE~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:559][D:5]-> C:\Users\SOLNE~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:1][D:1]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 16/12/2009|15:35 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 16/12/2009|19:28 - Option : [3]

--------------------\\ Fin du rapport a 19:28:39
[ UAC => 1 ]

16 Décembre 2009 23:07:51

Bonsoir micose,

il faut mettre à jour Java (faille de sécurité) :
http://java.sun.com/javase/downloads/index.jsp
Clique sur Download Java Runtime Environment (JRE) 6u17 et dans la page suivante, coche I agree puis télécharge Windows Offline Installation, Multi-language/jre-6u17-windows-i586-p.exe/
Adobe (idem) :
http://www.adobe.com/fr/products/acrobat/readstep2.html
Acrobat Reader 9.2

De+ mets à jour Internet Explorer (8) : http://www.microsoft.com/france/windows/products/winfam...

Et poste un nouveau rapport RSIT.

A+
17 Décembre 2009 11:52:22

Voici le rapport ;) 


Logfile of random's system information tool 1.06 (written by random/random)
Run by Solène at 2009-12-17 11:47:52
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 18 GB (16%) free of 114 GB
Total RAM: 3070 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:48:07, on 17/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Savvy TV\DTV Service.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\SOLNE~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Solène\Desktop\RSIT.exe
C:\Program Files\trend micro\Solène.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.windows.fr/ie8/bienvenue
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] "%ProgramFiles%\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM\..\Run: [SynTPStart] "C:\Program Files\Synaptics\SynTP\SynTPStart.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] "C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe"
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LManager] "C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [PLFSet] "rundll32.exe" C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Savvy DTV Service] C:\Program Files\Savvy TV\DTV Service.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] "C:\Windows\ehome\ehTray.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Inc. - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13693 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{57A2D547-7E5F-4BE6-BE22-4B0BDE2BA9F0}.job
C:\Windows\tasks\wrSpySweeper_LA185408EC3074F4B9A84C481A804B121.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-09-05 816400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-08 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-28 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-01-03 155184]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-09-05 816400]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-08 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"ALaunch"=C:\Acer\ALaunch\AlaunchClient.exe []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-24 4702208]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2008-01-24 102400]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-01-03 521776]
"eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-10-10 1286144]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-11-22 178712]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2008-01-30 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-01-30 8501792]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-01-30 81920]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-01-02 707080]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2008-01-22 200704]
"eRecoveryService"= []
"PLFSet"=C:\Windows\PLFSet.dll [2007-04-25 45056]
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-02-28 63048]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Savvy DTV Service"=C:\Program Files\Savvy TV\DTV Service.exe [2006-07-04 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2009-11-06 6515784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-28 39408]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Users\Solène\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=145
"NoDriveTypeAutoRun"=145
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:D ecryption"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:D ecryption"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-17 02:30:30 ----HD---- C:\Windows\msdownld.tmp
2009-12-17 02:29:18 ----A---- C:\Windows\system32\occache.dll
2009-12-17 02:29:17 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-17 02:29:16 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-17 02:29:16 ----A---- C:\Windows\system32\iepeers.dll
2009-12-17 02:29:15 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-17 02:29:14 ----A---- C:\Windows\system32\ieui.dll
2009-12-17 02:29:14 ----A---- C:\Windows\system32\iesetup.dll
2009-12-17 02:29:13 ----A---- C:\Windows\system32\iernonce.dll
2009-12-17 02:29:12 ----A---- C:\Windows\system32\wininet.dll
2009-12-17 02:29:12 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-17 02:29:12 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-17 02:29:11 ----A---- C:\Windows\system32\iertutil.dll
2009-12-17 02:29:11 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-17 02:29:10 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-17 02:29:10 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-17 02:29:09 ----A---- C:\Windows\system32\urlmon.dll
2009-12-17 02:29:06 ----A---- C:\Windows\system32\ieframe.dll
2009-12-17 02:29:05 ----A---- C:\Windows\system32\mshtml.dll
2009-12-17 02:23:29 ----A---- C:\Windows\system32\mshtmled.dll
2009-12-17 02:23:28 ----A---- C:\Windows\system32\icardie.dll
2009-12-17 02:23:27 ----A---- C:\Windows\system32\mshtmler.dll
2009-12-17 02:23:27 ----A---- C:\Windows\system32\admparse.dll
2009-12-17 02:23:25 ----A---- C:\Windows\system32\msls31.dll
2009-12-17 02:23:25 ----A---- C:\Windows\system32\corpol.dll
2009-12-17 02:23:24 ----A---- C:\Windows\system32\ieakeng.dll
2009-12-17 02:23:23 ----A---- C:\Windows\system32\imgutil.dll
2009-12-17 02:23:23 ----A---- C:\Windows\system32\dxtrans.dll
2009-12-17 02:23:23 ----A---- C:\Windows\system32\dxtmsft.dll
2009-12-17 02:23:21 ----A---- C:\Windows\system32\licmgr10.dll
2009-12-17 02:23:21 ----A---- C:\Windows\system32\inseng.dll
2009-12-17 02:23:20 ----A---- C:\Windows\system32\webcheck.dll
2009-12-17 02:23:20 ----A---- C:\Windows\system32\msrating.dll
2009-12-17 02:23:20 ----A---- C:\Windows\system32\ieaksie.dll
2009-12-17 02:23:19 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-12-17 02:23:19 ----A---- C:\Windows\system32\wextract.exe
2009-12-17 02:23:19 ----A---- C:\Windows\system32\ieakui.dll
2009-12-17 02:23:18 ----A---- C:\Windows\system32\mstime.dll
2009-12-17 02:23:17 ----A---- C:\Windows\system32\pngfilt.dll
2009-12-17 02:23:17 ----A---- C:\Windows\system32\advpack.dll
2009-12-17 02:23:16 ----A---- C:\Windows\system32\ieapfltr.dll
2009-12-17 02:23:15 ----A---- C:\Windows\system32\vbscript.dll
2009-12-17 02:23:14 ----A---- C:\Windows\system32\jscript.dll
2009-12-17 02:23:13 ----A---- C:\Windows\system32\url.dll
2009-12-17 02:23:10 ----A---- C:\Windows\system32\mshta.exe
2009-12-17 02:23:10 ----A---- C:\Windows\system32\iexpress.exe
2009-12-17 02:23:09 ----A---- C:\Windows\system32\SetDepNx.exe
2009-12-17 02:23:09 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-12-17 02:23:08 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-12-17 02:23:08 ----A---- C:\Windows\system32\PDMSetup.exe
2009-12-17 02:20:42 ----SHD---- C:\Config.Msi
2009-12-17 02:17:25 ----D---- C:\ProgramData\McAfee Security Scan
2009-12-17 02:17:23 ----D---- C:\Program Files\McAfee Security Scan
2009-12-17 02:07:28 ----A---- C:\Windows\system32\javaws.exe
2009-12-17 02:07:28 ----A---- C:\Windows\system32\javaw.exe
2009-12-17 02:07:28 ----A---- C:\Windows\system32\java.exe
2009-12-16 15:32:51 ----A---- C:\lopR.txt
2009-12-16 15:32:39 ----D---- C:\Lop SD
2009-12-15 16:54:09 ----RASHD---- C:\autorun.inf
2009-12-15 16:49:01 ----A---- C:\UsbFix.txt
2009-12-15 16:09:32 ----D---- C:\UsbFix
2009-12-14 20:47:04 ----D---- C:\Program Files\Ad-Remover
2009-12-14 17:22:03 ----A---- C:\TB.txt
2009-12-14 17:21:34 ----D---- C:\ToolBar SD
2009-12-14 09:35:15 ----D---- C:\rsit
2009-12-14 09:35:15 ----D---- C:\Program Files\trend micro
2009-12-12 09:13:06 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-12 09:12:58 ----A---- C:\Windows\system32\httpapi.dll
2009-12-11 14:59:41 ----A---- C:\Windows\system32\winhttp.dll
2009-12-11 14:58:12 ----A---- C:\Windows\system32\rastls.dll
2009-12-11 14:58:12 ----A---- C:\Windows\system32\raschap.dll
2009-12-08 18:54:32 ----D---- C:\Users\Solène\AppData\Roaming\QuickScan
2009-12-08 12:47:50 ----D---- C:\Users\Solène\AppData\Roaming\Webroot
2009-12-08 12:47:50 ----D---- C:\ProgramData\Webroot
2009-12-08 12:47:50 ----A---- C:\Windows\WRSetup.dll
2009-11-26 14:18:33 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 11:18:36 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 11:18:35 ----A---- C:\Windows\system32\msxml3.dll

======List of files/folders modified in the last 1 months======

2009-12-17 11:47:55 ----D---- C:\Windows\Temp
2009-12-17 11:47:21 ----D---- C:\Windows\System32
2009-12-17 11:47:21 ----D---- C:\Windows\inf
2009-12-17 11:47:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-17 11:43:48 ----D---- C:\Users\Solène\AppData\Roaming\OpenOffice.org2
2009-12-17 11:43:29 ----A---- C:\Users\Solène\AppData\Roaming\acervcmtmp.ini
2009-12-17 11:42:23 ----RD---- C:\Program Files
2009-12-17 11:42:23 ----HD---- C:\ProgramData
2009-12-17 11:39:12 ----SHD---- C:\System Volume Information
2009-12-17 11:38:33 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-12-17 11:37:16 ----D---- C:\Windows\Prefetch
2009-12-17 02:31:29 ----D---- C:\Windows\system32\migration
2009-12-17 02:31:29 ----D---- C:\Program Files\Internet Explorer
2009-12-17 02:31:28 ----D---- C:\Windows\system32\fr-FR
2009-12-17 02:31:26 ----D---- C:\Windows\PolicyDefinitions
2009-12-17 02:31:25 ----D---- C:\Windows\system32\en-US
2009-12-17 02:30:30 ----D---- C:\Windows
2009-12-17 02:30:06 ----D---- C:\Windows\winsxs
2009-12-17 02:29:49 ----D---- C:\Windows\system32\catroot2
2009-12-17 02:29:49 ----D---- C:\Windows\system32\catroot
2009-12-17 02:25:42 ----SHD---- C:\Windows\Installer
2009-12-17 02:25:36 ----D---- C:\ProgramData\Adobe
2009-12-17 02:23:24 ----D---- C:\Program Files\Common Files\Adobe
2009-12-17 02:22:54 ----D---- C:\Program Files\Adobe
2009-12-17 02:16:52 ----D---- C:\Program Files\Mozilla Firefox
2009-12-17 02:07:22 ----D---- C:\Program Files\Java
2009-12-15 16:54:02 ----SD---- C:\Windows\Downloaded Program Files
2009-12-15 16:52:04 ----SHD---- C:\$RECYCLE.BIN
2009-12-15 09:40:41 ----D---- C:\Windows\system32\Tasks
2009-12-14 17:28:12 ----D---- C:\Program Files\Launch Manager
2009-12-12 19:56:51 ----D---- C:\Windows\rescache
2009-12-12 19:43:37 ----D---- C:\Windows\system32\drivers
2009-12-12 09:21:11 ----D---- C:\Program Files\Windows Mail
2009-12-12 09:12:46 ----D---- C:\ProgramData\Microsoft Help
2009-12-08 13:52:44 ----D---- C:\Windows\Tasks
2009-12-08 12:47:50 ----D---- C:\Program Files\Webroot
2009-12-08 12:44:34 ----D---- C:\Users\Solène\AppData\Roaming\GetRightToGo
2009-12-08 00:57:16 ----D---- C:\Program Files\LogMeIn
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-11-18 13:54:53 ----RSD---- C:\Windows\assembly
2009-11-18 13:54:20 ----RSD---- C:\Windows\Fonts
2009-11-18 13:54:15 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-18 13:54:01 ----D---- C:\Program Files\Microsoft Works

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 pwipf6;Privacyware Filter Driver; C:\Windows\system32\DRIVERS\pwipf6.sys [2009-12-08 102224]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-25 41456]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2008-10-17 47640]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-24 12672]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-01-03 16432]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-01-03 59952]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-24 8704]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-24 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-24 208384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-24 1950552]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2008-02-28 10144]
R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-02-18 6144]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-01-30 7629504]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-06-12 1729152]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-24 192816]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-24 660480]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2008-01-24 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-24 179712]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EAGLE2RC;Analog/DVB-T Hybrid Tv Infrared Receiver; C:\Windows\system32\DRIVERS\Eagle2RC.sys [2006-05-24 8576]
S3 Eagle2TV;TV tuner device; C:\Windows\System32\Drivers\eagle2tv_B.sys [2006-06-02 384128]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Pilote de carte Intel(R) PRO/sans fil 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
S3 SSKBFD;Webroot Spy Sweeper Keylogger Shield Keyboard Filter; C:\Windows\System32\Drivers\sskbfd.sys [2007-07-19 23864]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-02-08 611664]
R2 ALaunchService;ALaunch Service; C:\Acer\ALaunch\ALaunchSvc.exe [2007-09-19 51200]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-01-03 506416]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-10-01 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-12-20 131072]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-11-22 358936]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-11-27 110592]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-12-04 266343]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2007-09-28 233472]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2009-11-06 4048240]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-20 167936]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [2009-12-08 1201640]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-24 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2009-10-10 116032]
S4 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-02-28 63040]

-----------------EOF-----------------
21 Décembre 2009 23:36:11

bonsoir frederix je vais pas recuperer le pc de ma copine avant un petit moment dsl ^^ , je vais devoir mettre en suspend cette étape mais je te remercie encore pour ton aide ! dés que je le recupere je post ce que tu m'as demandé a + bonne soiree
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS