[Résolu] Infection par Carte Micro SD

Coucou tout le monde

voilà je viens de remarquer que depuis que j'ai insère la carte Micro SD dans mon ordinateur, ben sa m'affiche des message d'erreur ( Mon antivirus ) et sa ma demander de le redemaré pour finir la suppression ce que j'ai fait.

Après le redémarrage, j'ai remarque que de drôle de fichier se sont rajouté dans chaque de mes dossier ...

C'est pour cela que je vous appel a l'aide car mon ordinateur j'en n'ai besoin pour les examens qui approchent ...

En Vous Remerciant

m3ri3m

Voici un rapport Hijacthis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:21:01, on 06/05/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Salaat Time\SalaatTime.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\MRIEM~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\PROGRA~1\SOLIDW~1\SOLIDW~1\sldworks.exe
C:\Users\MRIEM~1\AppData\Local\Temp\SolidWorksLicTemp.0001
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Mériem\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Systemboot
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SalaatTime] C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClient Control) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI8E3C.tmp
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12022 bytes

Salut m

Bien qu'Hijackthis ait été un superbe outil de désinfection, aujourd'hui nous en préférons d'autres.
Vois déjà pour faire ça, un helper te prendra ensuite en charge si besoin est :
http://www.bibou0007.com/aide-a-la-desinfection-f8/procedure-a-suivre-avant-de-poster-t2887.htm

Bonne soirée

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4073

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

06/05/2010 20:50:27
mbam-log-2010-05-06 (20-50-27).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 125225
Temps écoulé: 7 minute(s), 56 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Logfile of random's system information tool 1.07 (written by random/random)
Run by Mériem at 2010-05-06 20:52:27
Microsoft Windows Vista Édition Familiale Premium Service Pack 2
System drive C: has 127 GB (54%) free of 233 GB
Total RAM: 2813 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:52:33, on 06/05/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Users\MRIEM~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Salaat Time\SalaatTime.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Users\Mériem\Downloads\RSIT.exe
C:\Program Files\trend micro\Mériem.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Systemboot
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SalaatTime] C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClient Control) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI8E3C.tmp
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 26022 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{1495A1F5-7326-43FD-B3A0-876B6053D9C2}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-11-04 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59994074-c06d-4a75-9768-49e5a8c21264}]
Messenger Plus Live France Toolbar - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll [2010-03-09 2355224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.DLL [2009-08-22 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-14 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-21 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-21 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-14 142896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-21 279664]
{59994074-c06d-4a75-9768-49e5a8c21264} - Messenger Plus Live France Toolbar - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll [2010-03-09 2355224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-20 6144000]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-22 30192]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-14 526896]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-05-30 544768]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-02-13 1033512]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-07-16 821768]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-05-09 397312]
"eRecoveryService"= []
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-05-12 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-05-12 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-05-12 167936]
"SolidWorks_CheckForUpdates"=C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe [2009-03-19 7308584]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-17 13552160]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-17 92704]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-11-04 198160]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-10-26 15872]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"SalaatTime"=C:\Program Files\Salaat Time\SalaatTime.exe [2008-05-16 13496320]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-26 68856]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-02-18 2012912]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-26 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
C:\PROGRA~1\WinZip\WZQKPICK.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3cfd3d17-da8b-11de-8a9b-806e6f6e6963}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{707f0726-5763-11df-ad8f-000a94d1b6e9}]
shell\AutoRun\command - "G:\WD SmartWare.exe" autoplay=true

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8a2c611f-fb5d-11de-8135-00238bd38faf}]
shell\AutoRun\command - F:\HPLauncher.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-05-06 20:52:27 ----D---- C:\rsit
2010-05-06 20:41:00 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-27 12:19:12 ----D---- C:\Program Files\Conduit
2010-04-27 12:19:11 ----D---- C:\Program Files\Messenger_Plus_Live_France
2010-04-22 11:16:23 ----D---- C:\Users\Mériem\AppData\Roaming\CVitae
2010-04-22 11:16:23 ----D---- C:\Program Files\CVitaeV4
2010-04-19 11:46:10 ----SHD---- C:\Config.Msi
2010-04-14 10:26:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-14 10:26:12 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-14 10:26:07 ----A---- C:\Windows\system32\vbscript.dll
2010-04-14 10:25:56 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-14 10:24:23 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 10:23:47 ----A---- C:\Windows\system32\cabview.dll

======List of files/folders modified in the last 1 months======

2010-05-06 20:52:33 ----D---- C:\Program Files\Trend Micro
2010-05-06 20:42:16 ----D---- C:\Windows\Temp
2010-05-06 20:41:02 ----D---- C:\Windows\system32\drivers
2010-05-06 20:41:00 ----D---- C:\Program Files
2010-05-06 20:39:21 ----D---- C:\Program Files\Mozilla Firefox
2010-05-06 20:37:45 ----D---- C:\Users\Mériem\AppData\Roaming\IM
2010-05-06 20:15:07 ----D---- C:\Windows\System32
2010-05-06 20:15:07 ----D---- C:\Windows\inf
2010-05-06 20:15:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-06 11:45:11 ----D---- C:\Users\Mériem\AppData\Roaming\vlc
2010-05-06 10:43:44 ----SD---- C:\Users\Mériem\AppData\Roaming\Microsoft
2010-05-05 22:23:18 ----D---- C:\Users\Mériem\AppData\Roaming\dvdcss
2010-05-05 12:00:32 ----D---- C:\Windows
2010-05-03 18:14:58 ----D---- C:\Users\Mériem\AppData\Roaming\SolidWorks
2010-04-29 23:21:48 ----RSD---- C:\Windows\Fonts
2010-04-29 11:16:18 ----D---- C:\Windows\winsxs
2010-04-29 11:15:31 ----SHD---- C:\System Volume Information
2010-04-28 21:24:41 ----D---- C:\Users\Mériem\AppData\Roaming\Skype
2010-04-28 20:48:34 ----D---- C:\Users\Mériem\AppData\Roaming\skypePM
2010-04-28 15:11:36 ----D---- C:\Windows\system32\catroot
2010-04-28 15:11:35 ----D---- C:\Windows\system32\catroot2
2010-04-27 22:12:38 ----D---- C:\Users\Mériem\AppData\Roaming\SolidDocuments
2010-04-27 12:19:04 ----D---- C:\Program Files\Messenger Plus! Live
2010-04-19 23:36:06 ----D---- C:\Windows\Debug
2010-04-19 11:47:17 ----SHD---- C:\Windows\Installer
2010-04-19 11:46:12 ----D---- C:\Program Files\Google
2010-04-18 12:57:20 ----D---- C:\Windows\system32\Tasks
2010-04-18 12:57:19 ----D---- C:\Windows\Tasks
2010-04-15 13:49:26 ----D---- C:\Program Files\Windows Mail
2010-04-15 09:47:38 ----D---- C:\ProgramData\Microsoft Help
2010-04-11 14:20:48 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NAV\1008000.029\BHDrvx86.sys [2009-08-22 259632]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NAV\1008000.029\ccHPx86.sys [2010-02-02 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-01-22 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100429.001\IDSvix86.sys [2009-12-30 343088]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-02-17 66632]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NAV\1008000.029\SRTSP.SYS [2009-08-22 308272]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NAV\1008000.029\SRTSPX.SYS [2009-08-22 43696]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-08-22 25648]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NAV\1008000.029\SYMTDI.SYS [2009-08-22 217136]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-09 61424]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-03-21 15392]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-05-26 12672]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-14 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-14 60464]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-05-26 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-30 1184768]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-04-07 210432]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-01-22 102448]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-05-26 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-05-26 207872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-20 2143136]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100506.005\NAVENG.SYS [2010-04-08 84912]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100506.005\NAVEX15.SYS [2010-04-08 1324720]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-12-29 45600]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-17 7580544]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-10-21 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-05-06 62976]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]
R3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
R3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
R3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-01-24 124976]
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NAV\1008000.029\SYMFW.SYS [2009-08-22 89904]
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NAV\1008000.029\SYMNDISV.SYS [2009-08-22 48688]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-02-13 196784]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-26 661504]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-12-18 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 Ltn_stk7070P;PCTV LITEON based TV tuner device; C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys [2008-02-04 542976]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 WSDPrintDevice;Prise en charge de l’impression WSD via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-14 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 Norton AntiVirus;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe [2009-08-22 117640]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-17 203296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 SCPDFV4ReadSpool;SolidConverterPDFv4ReadSpool; C:\Windows\Installer\MSI8E3C.tmp [2009-11-11 189688]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-05-26 386560]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-31 135664]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-03-19 83240]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-22 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-26 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-12-17 243056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2009-10-29 79360]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2010-05-06 20:52:35

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall
Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
Acer Crystal Eye Webcam-->C:\Program Files\InstallShield Installation Information\{DD1DED37-2486-4F56-8F89-56AA814003F5}\setup.exe -runfromtemp -l0x040c -removeonly
Acer eAudio Management-->"C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.exe" -uninstall
Acer eDataSecurity Management-->C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer ePower Management-->"C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer eRecovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{13D85C14-2B85-419F-AC41-C7F21E68B25D}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer GameZone Console 2.0.1.1-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly
Acer Product Registration-->"C:\Program Files\InstallShield Installation Information\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Agatha Christie Death on the Nile-->"C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\Uninstall.exe" "C:\Program Files\Acer GameZone\Agatha Christie Death on the Nile\install.log"
Alice Greenfingers-->"C:\Program Files\Acer GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files\Acer GameZone\Alice Greenfingers\install.log"
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
Azada-->"C:\Program Files\Acer GameZone\Azada\Uninstall.exe" "C:\Program Files\Acer GameZone\Azada\install.log"
Backspin Billiards-->"C:\Program Files\Acer GameZone\Backspin Billiards\Uninstall.exe" "C:\Program Files\Acer GameZone\Backspin Billiards\install.log"
Big Kahuna Reef-->"C:\Program Files\Acer GameZone\Big Kahuna Reef\Uninstall.exe" "C:\Program Files\Acer GameZone\Big Kahuna Reef\install.log"
Bricks of Egypt-->"C:\Program Files\Acer GameZone\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Acer GameZone\Bricks of Egypt\install.log"
Cake Mania-->"C:\Program Files\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files\Acer GameZone\Cake Mania\install.log"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Chicken Invaders 3-->"C:\Program Files\Acer GameZone\Chicken Invaders 3\Uninstall.exe" "C:\Program Files\Acer GameZone\Chicken Invaders 3\install.log"
CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
Diner Dash Flo on the Go-->"C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\Uninstall.exe" "C:\Program Files\Acer GameZone\Diner Dash Flo on the Go\install.log"
DWGeditor-->MsiExec.exe /X{1B140425-1EA0-4AB8-BB31-1830C4A0A1F2}
eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x040c
Five-a-Side Football (remove only)-->"C:\Users\Public\Documents\Acer\Five-a-Side Football\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.1.249.1064\Installer\setup.exe" --uninstall --system-level
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{08C0729E-3E50-11DF-9D81-005056806466}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IAcrZUn32z.INF
HijackThis 2.0.2-->"C:\Users\Mériem\Downloads\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Jewel Quest Solitaire-->"C:\Program Files\Acer GameZone\Jewel Quest Solitaire\Uninstall.exe" "C:\Program Files\Acer GameZone\Jewel Quest Solitaire\install.log"
Juniper Networks Setup Client Activex Control-->C:\Windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Kick N Rush-->"C:\Program Files\Acer GameZone\Kick N Rush\Uninstall.exe" "C:\Program Files\Acer GameZone\Kick N Rush\install.log"
Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI
Ma-Config.com-->MsiExec.exe /X{18754BA4-4F0C-4E6E-888B-9496AFA05F43}
Mahjong Escape Ancient China-->"C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjong Escape Ancient China\install.log"
Mahjongg Artifacts-->"C:\Program Files\Acer GameZone\Mahjongg Artifacts\Uninstall.exe" "C:\Program Files\Acer GameZone\Mahjongg Artifacts\install.log"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Messenger_Plus_Live_France Toolbar-->C:\PROGRA~1\MESSEN~2\UNWISE.EXE /U C:\PROGRA~1\MESSEN~2\INSTALL.LOG
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90120000-00A4-0409-0000-0000000FF1CE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual Studio 2005 Tools for Applications - ENU-->MsiExec.exe /X{D481EA96-2313-4A7C-98EE-710D1AF884AC}
Microsoft Visual Studio 2005 Tools for Applications - ENU-->MsiExec.exe /X{D481EA96-2313-4A7C-98EE-710D1AF884AC}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mystery Case Files - Huntsville-->"C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Case Files - Huntsville\install.log"
Mystery Solitaire - Secret Island-->"C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\install.log"
Norton AntiVirus-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\2454B0AB\16.8.0.41\InstStub.exe /X
NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x040c
NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x040c
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
Opera 10.10-->MsiExec.exe /X{FB8148DD-C575-4B0A-9F6C-0CFC46937930}
Orion-->MsiExec.exe /X{5B63A470-9334-44D1-AF61-6CE2DB565AE9}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDF Editor 2-->C:\Windows\cadkasdeinst01e.exe "C:\Program Files\PDF Editor 2\"
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PhotoNow!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Readiris Pro 11 Demo-->MsiExec.exe /I{B0F11672-0D3D-4881-8BA2-06AD828670BB}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0009 -removeonly
Salaat Time 2.0-->C:\PROGRA~1\SALAAT~1\Setup.exe /remove /q0
SAMSUNG Mobile Composite Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}
Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}
Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB980470)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {34573F17-DADE-4D0D-835F-A54A1DE8AC1F}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Solid Converter PDF v4-->MsiExec.exe /I{56BFAA6E-2BCC-4AED-9233-84731E66B205}
SolidWorks 2009 SP03-->"C:\Windows\SolidWorks\IM_20090-40300-1100-200\sldim\sldim.exe" /remove "C:\Windows\SolidWorks\IM_20090-40300-1100-200\sldim\sldIM_installed.xml"
SolidWorks 2009 SP03-->MsiExec.exe /X{DC82B166-F691-4C9A-9D9E-4FA71C35434E}
SolidWorks eDrawings 2009-->MsiExec.exe /I{80BA07B3-537F-4189-92F7-26E2BA76095A}
SolidWorks Explorer 2009 sp03-->MsiExec.exe /I{030A97A0-8506-4ABD-98B1-183F8889EF8C}
SolidWorks viewer-->MsiExec.exe /X{DDD04533-8F0C-496F-A7D4-067510745DE4}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Turbo Pizza-->"C:\Program Files\Acer GameZone\Turbo Pizza\Uninstall.exe" "C:\Program Files\Acer GameZone\Turbo Pizza\install.log"
Unlocker 1.8.8-->C:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}
Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb981433)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5A6859A6-042D-4DF7-84E2-79F8DEFB5D48}
VLC media player 1.0.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winbond CIR Device Drivers-->MsiExec.exe /I{10F498FF-5392-4DF3-8F73-FE172A9F3800}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Zuma Deluxe-->"C:\Program Files\Acer GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Zuma Deluxe\install.log"

======Security center information======

AS: Windows Defender
AS: SUPERAntiSpyware

======System event log======

Computer Name: PC-de-Mériem
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 79933
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20091230095704.798174-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Mériem
Event Code: 4
Message: Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Record Number: 79923
Source Name: b57nd60x
Time Written: 20091230095622.732072-000
Event Type: Avertissement
User:

Computer Name: PC-de-Mériem
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 79916
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20091229224920.384800-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Mériem
Event Code: 7000
Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 79810
Source Name: Service Control Manager
Time Written: 20091229170939.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Mériem
Event Code: 4
Message: Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Record Number: 79765
Source Name: b57nd60x
Time Written: 20091229170905.747672-000
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: PC-de-Mériem
Event Code: 10005
Message: Produit : Windows Live Mail -- Windows Installer a rencontré une erreur inattendue lors de l’installation de ce package. Il s’agit peut-être d’un problème lié au package. Le code d’erreur est 2762. Les arguments sont : , ,
Record Number: 1322
Source Name: MsiInstaller
Time Written: 20091026193505.000000-000
Event Type: Erreur
User: PC-de-Mériem\Mériem

Computer Name: PC-de-Mériem
Event Code: 1000
Message: Application défaillante iexplore.exe, version 7.0.6001.18000, horodatage 0x47918f11, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000, code d’exception 0xc0000005, décalage d’erreur 0x04b1798c, ID du processus 0x1448, heure de début de l’application 0x01ca567219800a58.
Record Number: 1268
Source Name: Application Error
Time Written: 20091026192732.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Mériem
Event Code: 8194
Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

Opération :
Données du rédacteur en cours de collecte

Contexte :
ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
Nom du rédacteur: System Writer
ID d’instance du rédacteur: {a2f3ea2a-9e03-4163-b100-832662b8602e}
Record Number: 1246
Source Name: VSS
Time Written: 20091026173613.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Mériem
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 1228
Source Name: Microsoft-Windows-WMI
Time Written: 20091026233800.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Mériem
Event Code: 1008
Message: Le service Windows Search tente de supprimer l’ancien catalogue.

Record Number: 1223
Source Name: Microsoft-Windows-Search
Time Written: 20091026233757.000000-000
Event Type: Avertissement
User:

=====Security event log=====

Computer Name: PC-de-Mériem
Event Code: 5024
Message: Le démarrage du service Pare-feu Windows s’est correctement déroulé.
Record Number: 15305
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091211061424.851756-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-Mériem
Event Code: 5033
Message: Le pilote du Pare-feu Windows est correctement démarré.
Record Number: 15304
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091211061423.026544-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-Mériem
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 15303
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091211061422.776942-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-Mériem
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-MÉRIEM$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x2a4
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 15302
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091211061422.776942-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-Mériem
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-MÉRIEM$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x2a4
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Adresse du réseau : -
Port : -

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 15301
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091211061422.776942-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Samsung\Samsung PC Studio 3\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64
"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\;
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-06 21:48:20
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\MRIEM~1\AppData\Local\Temp\kwlyipob.sys


---- System - GMER 1.0.15 ----

SSDT 870560B0 ZwAlertResumeThread
SSDT 870619C8 ZwAlertThread
SSDT 8736BB70 ZwAllocateVirtualMemory
SSDT 86F9E688 ZwAlpcConnectPort
SSDT 871D7048 ZwAssignProcessToJobObject
SSDT 8736B1A0 ZwCreateMutant
SSDT 873599A0 ZwCreateSymbolicLinkObject
SSDT 8734FE18 ZwCreateThread
SSDT 87157F10 ZwDebugActiveProcess
SSDT 8736BCC8 ZwDuplicateObject
SSDT 8736B950 ZwFreeVirtualMemory
SSDT 870E21F8 ZwImpersonateAnonymousToken
SSDT 870E6290 ZwImpersonateThread
SSDT 86F9E610 ZwLoadDriver
SSDT 8736B870 ZwMapViewOfSection
SSDT 870D1108 ZwOpenEvent
SSDT 8736BE68 ZwOpenProcess
SSDT 870E6138 ZwOpenProcessToken
SSDT 87164048 ZwOpenSection
SSDT 8736BD98 ZwOpenThread
SSDT 87359BD0 ZwProtectVirtualMemory
SSDT 870E3EB0 ZwResumeThread
SSDT 87108108 ZwSetContextThread
SSDT 8736B718 ZwSetInformationProcess
SSDT 87139068 ZwSetSystemInformation
SSDT 87148068 ZwSuspendProcess
SSDT 8713A068 ZwSuspendThread
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess [0x94012320]
SSDT 870E7108 ZwTerminateThread
SSDT 87100110 ZwUnmapViewOfSection
SSDT 8736BAA0 ZwWriteVirtualMemory
SSDT 87359AF0 ZwCreateThreadEx

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 11D 826C9880 8 Bytes [B0, 60, 05, 87, C8, 19, 06, ...]
.text ntkrnlpa.exe!KeSetEvent + 131 826C9894 4 Bytes [70, BB, 36, 87]
.text ntkrnlpa.exe!KeSetEvent + 13D 826C98A0 4 Bytes [88, E6, F9, 86]
.text ntkrnlpa.exe!KeSetEvent + 191 826C98F4 4 Bytes [48, 70, 1D, 87]
.text ntkrnlpa.exe!KeSetEvent + 1F5 826C9958 4 Bytes [A0, B1, 36, 87]
.text ...
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8DE0A320, 0x3F4617, 0xE8000020]
C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl entry point in "" section [0xAA73941C]
.clc C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl unknown last code section [0xAA73A000, 0x1000, 0xE0000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[300] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[396] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Program Files\Unlocker\UnlockerAssistant.exe[444] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] kernel32.dll!FindResourceExA 77C22575 7 Bytes JMP 2806C4C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] kernel32.dll!FindResourceA 77C22653 5 Bytes JMP 2806C430 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] kernel32.dll!CreateEventA 77C444C0 5 Bytes JMP 2806BF90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] kernel32.dll!LockResource 77C468DF 5 Bytes JMP 2806C670 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] kernel32.dll!FindResourceExW 77C469FD 7 Bytes JMP 2806C3B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] kernel32.dll!LoadResource 77C46ADB 7 Bytes JMP 2806C550 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] kernel32.dll!FindResourceW 77C47FA1 5 Bytes JMP 2806C330 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] kernel32.dll!SizeofResource 77C47FBF 7 Bytes JMP 2806C600 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] ADVAPI32.dll!CryptDeriveKey 76F0FCAE 7 Bytes JMP 2806BAA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] ADVAPI32.dll!CryptDecrypt 76F0FE91 7 Bytes JMP 2806BB00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] USER32.dll!CreateDialogParamW 773072A2 5 Bytes JMP 2806FC80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] USER32.dll!SetWindowPlacement 77307963 5 Bytes JMP 2806FB30 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] USER32.dll!SetWindowRgn 7730A221 7 Bytes JMP 2806FBD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] USER32.dll!LoadImageW 7730C9E5 5 Bytes JMP 280702E0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] USER32.dll!LoadIconW 7730DA9F 5 Bytes JMP 28070460 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] USER32.dll!CreateWindowExW 77311305 5 Bytes JMP 2806DB70 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] USER32.dll!GetWindowLongW 7731F8BF 7 Bytes JMP 28070590 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] USER32.dll!PeekMessageW 7732045A 5 Bytes JMP 2806E590 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] USER32.dll!TrackPopupMenuEx 77330CE7 5 Bytes JMP 2806EC10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] USER32.dll!MessageBoxIndirectW 7735D5D3 5 Bytes JMP 2806FE80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] SHELL32.dll!Shell_NotifyIconW 75E28626 5 Bytes JMP 2806D260 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] ole32.dll!CoRegisterClassObject 776E7DB6 5 Bytes JMP 2806C9D0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] ole32.dll!CoCreateInstance 77729EA6 5 Bytes JMP 2806CC50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] ole32.dll!CoInitializeEx 7772AD63 5 Bytes JMP 2806C8D0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] WININET.dll!InternetReadFile 7743654B 5 Bytes JMP 28073800 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] WININET.dll!InternetCloseHandle 77439088 5 Bytes JMP 28073940 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] WININET.dll!HttpOpenRequestA 7743D508 5 Bytes JMP 280736A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[516] WININET.dll!HttpSendRequestA 7744EE89 5 Bytes JMP 280738A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe[816] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Windows\system32\nvvsvc.exe[904] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe[1112] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Windows\System32\svchost.exe[1160] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Windows\system32\svchost.exe[1176] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text ...
.text C:\Windows\Explorer.EXE[2340] SHELL32.dll!SHGetFolderPathAndSubDirW + 81C9 75E0B364 2 Bytes [00, 26] {ADD [ESI], AH}
.text C:\Windows\Explorer.EXE[2340] SHELL32.dll!SHGetFolderPathAndSubDirW + 81CC 75E0B367 1 Byte [10]
.text C:\Windows\Explorer.EXE[2340] SHELL32.dll!SHFileOperationW 75E168D0 5 Bytes JMP 03D51102 C:\Program Files\Unlocker\UnlockerHook.dll
.text C:\Windows\Explorer.EXE[2340] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Windows\system32\svchost.exe[2344] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe[2420] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Windows\System32\svchost.exe[2440] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2488] SHELL32.dll!ShellExecuteExW + 18B7 75E3D9EC 4 Bytes [10, 1B, 00, 10] {ADC [EBX], BL; ADD [EAX], DL}
.text ...

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74D07817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74D5A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74D0BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74CFF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74D075E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74CFE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74D38395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [74D0DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74CFFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74CFFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74CF71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74D8CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74D2C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74CFD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74CF6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74CF687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74D02AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [100027E0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001D90] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10002B30] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[2340] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [100011D0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF dynamique/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF dynamique/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Gestionnaire de filtres de système de fichiers Microsoft/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94d1b6e9
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@0012d1504090 0xF1 0x00 0x61 0xD0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@0023d61e8ea5 0x70 0x1E 0x31 0x30 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@002547c016de 0x6E 0x09 0x05 0x4E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@001e7d6f8cd3 0x37 0x51 0x38 0x40 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@002567d3ec35 0xCE 0x97 0x66 0x3F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@001c62f192dc 0x8A 0x7A 0x80 0x90 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@001d25a2edb3 0xA0 0x13 0x6F 0xFB ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@0026cc73e7d4 0x8A 0x7F 0xA0 0x69 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@0016b89c91f9 0xDF 0x69 0x64 0xDD ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94d1b6e9 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@0012d1504090 0xF1 0x00 0x61 0xD0 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@0023d61e8ea5 0x70 0x1E 0x31 0x30 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@002547c016de 0x6E 0x09 0x05 0x4E ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@001e7d6f8cd3 0x37 0x51 0x38 0x40 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@002567d3ec35 0xCE 0x97 0x66 0x3F ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@001c62f192dc 0x8A 0x7A 0x80 0x90 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@001d25a2edb3 0xA0 0x13 0x6F 0xFB ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@0026cc73e7d4 0x8A 0x7F 0xA0 0x69 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a94d1b6e9@0016b89c91f9 0xDF 0x69 0x64 0xDD ...

---- EOF - GMER 1.0.15 ----

Merci GrosBébé pour ton message

Salut

Citation :

Après le redémarrage, j'ai remarque que de drôle de fichier se sont rajouté dans chaque de mes dossier ...

Lesquels ?


Clique ici pour télécharger USbFix sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes les applications en cours /!\
/!\ Branche tous tes périphériques ayant pu être infectés (clés usb, disque dur externe, etc ...) /!\

• Double-clique sur "UsbFix" pour lancer le programme
  (Utilisateur de Vista/Windows 7, clique droit sur UsbFix et sélectionne "Exécuter en tant qu'administrateur")
  
• Tape "F" pour français et valide avec la touche "Entrée"
  
• Tape ensuite "1" pour "Rechercher" et valide
  
• Laisse travailler l'outil
  
• A la fin, un rapport apparaitra (sinon, il est situé ici C:\Usbfix.txt). Poste-le dans ta prochaine réponse

Une aide à l'utilisation ici


Bonne soirée.

Dans mon dossier " Mériem" dans mon dossier vidéo, image , musique , fichier télécharge ... dans tout les dossier principal même mon bureau ....

############################## | UsbFix V6.111 |

User : Mériem (Administrateurs) # PC-DE-MÉRIEM
Update on 03/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21:13:00 | 07/05/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) X2 Dual-Core QL-62
Microsoft Windows Vista Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18904
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 227,88 Go (123,85 Go free) [ACER] # NTFS
D:\ -> Disque fixe local # 227,88 Go (44,5 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 3,73 Go (1,56 Go free) [USB MÉRIEM] # FAT32
G:\ -> Disque amovible # 1,83 Go (1,62 Go free) # FAT

################## | Elements infectieux |


################## | Registre |


################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{3cfd3d17-da8b-11de-8a9b-806e6f6e6963}
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs

HKCU\..\..\Explorer\MountPoints2\{707f0726-5763-11df-ad8f-000a94d1b6e9}
shell\AutoRun\command ="G:\WD SmartWare.exe" autoplay=true

HKCU\..\..\Explorer\MountPoints2\{8a2c611f-fb5d-11de-8135-00238bd38faf}
shell\AutoRun\command =F:\HPLauncher.exe

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné !

################## | ! Fin du rapport # UsbFix V6.111 ! |

Salut

GrosBébé a écrit:

Citation :

Après le redémarrage, j'ai remarque que de drôle de fichier se sont rajouté dans chaque de mes dossier ...

Lesquels ?

En fait, je voulais savoir quels "drôles de fichiers" se sont rajoutés


/!\ Déconnecte-toi et ferme toutes les applications en cours /!\
/!\ Branche tous tes périphériques ayant pu être infectés (clés usb, disque dur externe, etc ...) /!\

• Double-clique sur "UsbFix" pour lancer le programme
  (Utilisateur de Vista/Windows 7, clique droit sur UsbFix et sélectionne "Exécuter en tant qu'administrateur")
  
• Tape "F" pour français et valide avec la touche "Entrée"
  
• Tape ensuite "2" pour "Suppression" et valide
  
• Accepte le redémarrage du pc puis laisse travailler l'outil
  
• A la fin, un rapport apparaitra (sinon, il est situé ici C:\Usbfix.txt). Poste-le dans ta prochaine réponse

Une aide à l'utilisation ici


A plus tard.

Comme les 4 première ligne il se sont rajouté juste après le problème j'ai préfère ne pas les supprimer

Re


Les fichiers avec des flèches ? Ce sont ds "raccourcis" ou des "points de jonction", c'est normal qu'ils soient là. Si tu ne veux plus les voir, il suffit de :

Cliquer sur la bulle démarrer, puis sélectionner Ordinateur, cliquer sur le menu "Organiser" puis sur "Options des dossiers et de recherche"


La fenêtre "Options des dossiers" s'ouvre, cliquer sur l'onglet "Affichage".
Décocher "Afficher les fichiers et dossiers cachés".
Cocher "Masquer les fichiers protégés du système d' exploitation (recommandé)".

Réponds Oui à l'alerte.
Puis clique sur "Appliquer" et OK.

############################## | UsbFix V6.111 |

User : Mériem (Administrateurs) # PC-DE-MÉRIEM
Update on 03/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 13:56:58 | 08/05/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) X2 Dual-Core QL-62
Microsoft Windows Vista Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18904
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 227,88 Go (123,35 Go free) [ACER] # NTFS
D:\ -> Disque fixe local # 227,88 Go (44,5 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 3,73 Go (1,56 Go free) [USB MÉRIEM] # FAT32
G:\ -> Disque amovible

################## | Elements infectieux |

Supprimé ! C:\$Recycle.Bin\S-1-5-21-826191800-4290940314-1872323238-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-826191800-4290940314-1872323238-500
Supprimé ! D:\$Recycle.Bin\S-1-5-21-826191800-4290940314-1872323238-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-826191800-4290940314-1872323238-500

################## | Registre |


################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{3cfd3d17-da8b-11de-8a9b-806e6f6e6963}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{707f0726-5763-11df-ad8f-000a94d1b6e9}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{8a2c611f-fb5d-11de-8135-00238bd38faf}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[08/02/2010 22:02|--a------|4914] C:\8_02_09_cle_registres.reg
[16/02/2010 12:28|--a------|5865] C:\Ad-Report-CLEAN[1].log
[16/02/2010 11:37|--a------|5925] C:\Ad-Report-SCAN[1].log
[18/09/2006 23:43|--a------|24] C:\autoexec.bat
[11/04/2009 08:36|-rahs----|333257] C:\bootmgr
[09/01/2009 17:54|-ra-s----|8192] C:\BOOTSECT.BAK
[07/03/2010 12:05|--a------|15186] C:\cc_20100307_110549.reg
[07/03/2010 12:06|--a------|708] C:\cc_20100307_110607.reg
[07/03/2010 14:09|--a------|1292] C:\cc_20100307_130936.reg
[05/04/2010 11:09|--a------|46076] C:\cc_20100405_110848ernier05.04.reg
[19/04/2010 23:37|--a------|2484] C:\cc_20100419_233702.reg
[18/09/2006 23:43|--a------|10] C:\config.sys
[?|?|?] C:\hiberfil.sys
[12/11/2009 12:22|-rahs----|0] C:\IO.SYS
[12/11/2009 12:22|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[09/01/2009 10:45|--a------|426] C:\RHDSetup.log
[08/06/2009 19:40|--a------|193] C:\Setup.log
[18/03/2010 20:34|--a------|2309] C:\TCleaner.txt
[08/05/2010 14:04|--a------|2534] C:\UsbFix.txt
[27/02/2010 00:42|--a------|734054400] D:\La-haut.avi
[03/04/2010 12:36|--a------|739999744] D:\Le.Concert.2010.FRENCH.DVDRIP.XVID_mlive.avi
[10/11/2009 22:09|--a------|732262400] D:\Safari.avi
[28/02/2010 12:49|--a------|402467162] D:\Vampire.Killers.mp4
[29/04/2010 11:44|--a------|1436754] F:\bac blanc -2.pptx
[05/05/2010 21:54|--a------|299214] F:\ScannedImage-5.jpg
[05/05/2010 21:54|--a------|408618] F:\ScannedImage-6.jpg
[05/05/2010 21:54|--a------|393067] F:\ScannedImage-7.jpg
[06/05/2010 22:21|--a------|1298629] F:\bac blanc projeter22.pptx
[06/05/2010 22:31|--ah-----|165] F:\~$bac blanc projeter22.pptx
[06/05/2010 22:32|--a------|2512384] F:\bac blanc projeter22.ppt

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# F:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

################## | Upload |

Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_PC-de-M‚riem.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.111 ! |

Ok


Je t'ai laissé un message juste avant que tu répondes.
En attendant, on fait un petit point, qu'est ce que ça donne concernant tes problèmes ?

++

Aaaaah ookk

ben sa c'est mis tout seul je comprend pas comment sa se faiit ..

Merciii

Ben tout les fameux dossier qui me dérangée on disparu

je ne sais pas si j'ai une infection ou pas ?!!

OTL logfile created on: 08/05/2010 14:29:01 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Mériem\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 227,88 Gb Total Space | 123,37 Gb Free Space | 54,14% Space Free | Partition Type: NTFS
Drive D: | 227,88 Gb Total Space | 44,50 Gb Free Space | 19,53% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3,73 Gb Total Space | 1,56 Gb Free Space | 41,80% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-MÉRIEM
Current User Name: Mériem
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/08 14:19:19 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Mériem\Downloads\OTL.exe
PRC - [2009/11/11 00:40:43 | 000,189,688 | ---- | M] (Solid Documents, LLC) -- C:\Windows\Installer\MSI8E3C.tmp
PRC - [2009/09/30 20:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/08/22 08:32:54 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/03/30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 17:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2008/05/14 18:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/04/25 22:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008/04/25 22:36:02 | 000,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008/03/21 14:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/03/03 14:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2008/01/16 18:35:02 | 000,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2007/12/06 17:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe


========== Modules (SafeList) ==========

MOD - [2010/05/08 14:19:19 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Mériem\Downloads\OTL.exe
MOD - [2009/04/11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2009/12/17 20:00:28 | 000,243,056 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009/11/22 15:34:20 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009/11/11 00:40:43 | 000,189,688 | ---- | M] (Solid Documents, LLC) [Auto | Running] -- C:\Windows\Installer\MSI8E3C.tmp -- (SCPDFV4ReadSpool)
SRV - [2009/10/29 23:19:43 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2009/09/25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/22 08:32:54 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe -- (Norton AntiVirus)
SRV - [2009/03/30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/03/19 12:31:52 | 000,083,240 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2008/05/14 18:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/04/25 22:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/25 22:36:02 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/21 14:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/03/03 14:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/16 18:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2007/12/06 17:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2005/11/14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/09/23 08:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)


========== Driver Services (SafeList) ==========

DRV - [2010/04/08 20:02:44 | 001,324,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100507.038\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/04/08 20:02:44 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100507.038\NAVENG.SYS -- (NAVENG)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/02 19:24:57 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NAV\1008000.029\ccHPx86.sys -- (ccHP)
DRV - [2010/01/24 11:44:38 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/01/22 11:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/01/22 11:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/12/30 22:48:18 | 000,343,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100505.001\IDSvix86.sys -- (IDSVix86)
DRV - [2009/12/18 11:23:14 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009/09/30 07:53:12 | 001,184,768 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/08/22 08:32:55 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NAV\1008000.029\SYMEFA.SYS -- (SymEFA)
DRV - [2009/08/22 08:32:55 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\Drivers\NAV\1008000.029\SRTSP.SYS -- (SRTSP)
DRV - [2009/08/22 08:32:55 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NAV\1008000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/08/22 08:32:55 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NAV\1008000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/08/22 08:32:55 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\NAV\1008000.029\SYMFW.SYS -- (SYMFW)
DRV - [2009/08/22 08:32:55 | 000,048,688 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\NAV\1008000.029\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/08/22 08:32:55 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1008000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/08/22 08:32:45 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2008/12/29 01:35:00 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/12/17 11:30:00 | 007,580,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/10/21 09:06:47 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/10/21 09:06:38 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/05/26 15:13:00 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2008/05/26 15:13:00 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/05/26 15:13:00 | 000,207,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2008/05/26 15:13:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/05/20 12:01:00 | 002,143,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/05/14 18:05:44 | 000,060,464 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk)
DRV - [2008/05/14 18:05:42 | 000,018,992 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2008/05/14 18:05:42 | 000,016,944 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2008/05/09 12:03:58 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008/05/06 18:44:26 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008/04/07 02:08:00 | 000,210,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008/03/21 11:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/02/13 04:45:00 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/02/04 04:02:26 | 000,542,976 | ---- | M] (LiteOn) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ltn_stk7070P.sys -- (Ltn_stk7070P)
DRV - [2008/01/30 11:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008/01/30 11:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008/01/21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 04:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 04:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/01/21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/16 18:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2007/05/02 12:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2007/05/02 12:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2007/05/02 12:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2007/03/28 08:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2006/11/02 15:29:38 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1
FF - prefs.js..extensions.enabledItems: {59994074-c06d-4a75-9768-49e5a8c21264}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.35
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/04 12:14:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/17 10:50:54 | 000,000,000 | ---D | M]

[2009/10/26 21:32:44 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\mozilla\Extensions
[2010/05/07 22:10:19 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\mozilla\Firefox\Profiles\l06d8fym.default\extensions
[2009/10/29 13:36:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mériem\AppData\Roaming\mozilla\Firefox\Profiles\l06d8fym.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/27 12:19:10 | 000,000,000 | ---D | M] (Messenger Plus Live France Toolbar) -- C:\Users\Mériem\AppData\Roaming\mozilla\Firefox\Profiles\l06d8fym.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}
[2010/01/15 20:52:19 | 000,000,000 | ---D | M] (Noscript) -- C:\Users\Mériem\AppData\Roaming\mozilla\Firefox\Profiles\l06d8fym.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/11/05 19:48:30 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Mériem\AppData\Roaming\mozilla\Firefox\Profiles\l06d8fym.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/03/18 20:38:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mériem\AppData\Roaming\mozilla\Firefox\Profiles\l06d8fym.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/11/20 17:24:36 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\mozilla\Firefox\Profiles\l06d8fym.default\extensions\firefox@tvunetworks.com
[2010/05/08 14:28:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/03/12 16:16:54 | 000,155,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll
[2009/12/17 15:24:13 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009/12/17 15:24:13 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/12/17 15:24:13 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009/12/17 15:24:13 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009/12/17 15:24:13 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/10/30 10:29:02 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SalaatTime] C:\Program Files\Salaat Time\SalaatTime.exe (Salaat Time - www.salaattime.com)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\MRIEM~1\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\MRIEM~1\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/05/08 14:05:06 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/05/08 14:05:06 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/05/08 14:05:08 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/05/08 14:05:06 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/05/07 21:11:39 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010/05/06 20:52:27 | 000,000,000 | ---D | C] -- C:\rsit
[2010/05/06 20:44:39 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Desktop\rapport
[2010/05/06 20:41:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/05/06 20:41:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/05/06 20:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/04 17:04:09 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\Document Telephone
[2010/05/01 16:31:16 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\Nouveau dossier (2)
[2010/04/28 17:24:02 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\Dernier Bac BLANC
[2010/04/27 12:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/04/27 12:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger_Plus_Live_France
[2010/04/22 11:56:03 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\N
[2010/04/22 11:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\CVitaeV4
[2010/04/22 11:16:23 | 000,000,000 | ---D | C] -- C:\Users\Mériem\AppData\Roaming\CVitae
[2010/04/21 20:42:53 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\Cour_physique
[2010/04/20 16:21:08 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\Cv et lettre de motiv job ete
[2010/04/19 11:46:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/04/18 12:36:45 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Desktop\Toutes les photo
[2010/04/10 11:08:07 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\Adresse opticien
[2010/04/08 07:29:33 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Desktop\Nouveau dossier (3)
[2010/04/05 19:52:40 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\My Art
[2010/04/04 17:30:18 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\HAMZA
[2010/04/02 17:34:10 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Desktop\Nouveau dossier (2)
[2010/03/07 14:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/03/07 14:40:44 | 000,000,000 | ---D | C] -- C:\Users\Mériem\AppData\Roaming\SUPERAntiSpyware.com
[2010/03/07 14:40:44 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/03/07 14:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/03/02 16:20:11 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\Cour
[2010/02/27 12:19:53 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\DCIM
[2010/02/25 22:15:28 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\yazid
[2010/02/19 19:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/02/19 19:44:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/02/17 11:40:21 | 000,000,000 | ---D | C] -- C:\Users\Mériem\AppData\Roaming\vlc
[2010/02/17 11:18:56 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\Mariage
[2010/02/16 19:29:39 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/02/14 21:52:25 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\Nouveau dossier22
[2010/02/14 15:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/02/10 22:23:35 | 000,000,000 | ---D | C] -- C:\Users\Mériem\AppData\Local\Opera
[2010/02/10 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Mériem\AppData\Roaming\Opera
[2010/02/10 22:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010/02/09 16:32:10 | 000,000,000 | ---D | C] -- C:\Users\Mériem\Documents\cour Physik
[2009/01/09 17:53:22 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 90 Days ==========

[2010/05/08 14:33:30 | 006,291,456 | -HS- | M] () -- C:\Users\Mériem\NTUSER.DAT
[2010/05/08 14:13:05 | 000,127,406 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/05/08 14:06:24 | 000,001,759 | ---- | M] () -- C:\UsbFix_Upload_Me_PC-de-Mériem.zip
[2010/05/08 13:57:21 | 001,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/05/08 13:57:21 | 000,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/05/08 13:57:21 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/05/08 13:57:21 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/05/08 13:57:21 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/05/08 13:52:41 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010/05/08 13:52:34 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/08 13:52:33 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/08 13:51:59 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/08 13:51:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/08 13:51:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/08 13:51:09 | 2951,110,656 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/08 13:44:23 | 000,524,288 | -HS- | M] () -- C:\Users\Mériem\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/05/08 13:44:23 | 000,065,536 | -HS- | M] () -- C:\Users\Mériem\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/05/08 13:44:00 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/05/08 13:43:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/08 13:39:33 | 000,186,950 | ---- | M] () -- C:\Users\Mériem\Desktop\impri-ecran.jpg
[2010/05/08 13:08:29 | 000,127,406 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/05/07 23:41:59 | 004,295,604 | -H-- | M] () -- C:\Users\Mériem\AppData\Local\IconCache.db
[2010/05/07 23:15:45 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1495A1F5-7326-43FD-B3A0-876B6053D9C2}.job
[2010/05/07 16:34:46 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2010/05/06 21:52:38 | 000,002,647 | ---- | M] () -- C:\Users\Mériem\Desktop\Microsoft Office Word 2007.lnk
[2010/05/06 21:08:38 | 000,293,376 | ---- | M] () -- C:\Users\Mériem\Desktop\gmer.exe
[2010/05/06 20:41:05 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/06 08:22:25 | 000,002,457 | ---- | M] () -- C:\Users\Public\Desktop\SolidWorks 2009 SP3.0.lnk
[2010/05/03 18:10:03 | 000,008,268 | ---- | M] () -- C:\Users\Mériem\AppData\Local\d3d9caps.dat
[2010/05/01 10:47:01 | 000,407,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/28 20:48:13 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/04/28 17:37:38 | 000,002,577 | ---- | M] () -- C:\Users\Mériem\Desktop\Microsoft Office PowerPoint 2007.lnk
[2010/04/22 11:16:27 | 000,000,756 | ---- | M] () -- C:\Users\Mériem\Desktop\CVitae V4.lnk
[2010/04/21 20:43:08 | 006,032,304 | ---- | M] () -- C:\Users\Mériem\Documents\Cour_physique.zip
[2010/04/19 23:37:07 | 000,002,484 | ---- | M] () -- C:\cc_20100419_233702.reg
[2010/04/19 11:47:05 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/04/17 10:50:55 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/12 08:57:09 | 000,115,608 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010/04/12 08:52:23 | 000,008,224 | ---- | M] () -- C:\Users\Mériem\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/07 15:43:43 | 000,028,112 | ---- | M] () -- C:\Users\Mériem\Documents\bacblancGO.pdf
[2010/04/05 11:09:10 | 000,046,076 | ---- | M] () -- C:\cc_20100405_110848ernier05.04.reg
[2010/03/07 14:40:50 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/03/07 14:09:38 | 000,001,292 | ---- | M] () -- C:\cc_20100307_130936.reg
[2010/03/07 12:06:10 | 000,000,708 | ---- | M] () -- C:\cc_20100307_110607.reg
[2010/03/07 12:05:55 | 000,015,186 | ---- | M] () -- C:\cc_20100307_110549.reg
[2010/03/06 14:16:58 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010/02/17 11:39:42 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/02/16 13:16:25 | 000,062,976 | ---- | M] () -- C:\Users\Mériem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/10 22:22:36 | 000,000,678 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/02/08 22:02:47 | 000,004,914 | ---- | M] () -- C:\8_02_09_cle_registres.reg

========== Files Created - No Company Name ==========

[2010/05/08 14:06:24 | 000,001,759 | ---- | C] () -- C:\UsbFix_Upload_Me_PC-de-Mériem.zip
[2010/05/08 13:39:31 | 000,186,950 | ---- | C] () -- C:\Users\Mériem\Desktop\impri-ecran.jpg
[2010/05/06 20:41:05 | 000,000,782 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/28 17:37:35 | 000,002,577 | ---- | C] () -- C:\Users\Mériem\Desktop\Microsoft Office PowerPoint 2007.lnk
[2010/04/22 11:16:27 | 000,000,756 | ---- | C] () -- C:\Users\Mériem\Desktop\CVitae V4.lnk
[2010/04/21 20:43:06 | 006,032,304 | ---- | C] () -- C:\Users\Mériem\Documents\Cour_physique.zip
[2010/04/19 23:37:04 | 000,002,484 | ---- | C] () -- C:\cc_20100419_233702.reg
[2010/04/19 11:47:05 | 000,002,037 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/04/18 12:57:19 | 000,000,430 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{1495A1F5-7326-43FD-B3A0-876B6053D9C2}.job
[2010/04/07 15:43:43 | 000,028,112 | ---- | C] () -- C:\Users\Mériem\Documents\bacblancGO.pdf
[2010/04/05 11:09:05 | 000,046,076 | ---- | C] () -- C:\cc_20100405_110848ernier05.04.reg
[2010/03/07 14:40:50 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/03/07 14:09:37 | 000,001,292 | ---- | C] () -- C:\cc_20100307_130936.reg
[2010/03/07 12:06:09 | 000,000,708 | ---- | C] () -- C:\cc_20100307_110607.reg
[2010/03/07 12:05:51 | 000,015,186 | ---- | C] () -- C:\cc_20100307_110549.reg
[2010/03/06 14:16:58 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/02/17 11:39:42 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/02/14 15:50:55 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/02/10 22:22:36 | 000,000,678 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/02/08 22:02:43 | 000,004,914 | ---- | C] () -- C:\8_02_09_cle_registres.reg
[2010/02/01 19:34:21 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini
[2010/02/01 19:07:05 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009/11/15 15:36:36 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009/11/11 00:45:27 | 000,000,118 | ---- | C] () -- C:\Windows\ConverterCore.INI
[2009/11/11 00:40:42 | 000,013,560 | ---- | C] () -- C:\Windows\System32\solidlocalui.dll
[2009/11/11 00:40:41 | 000,021,240 | ---- | C] () -- C:\Windows\System32\solidlocalmon.dll
[2009/11/11 00:32:21 | 000,000,148 | ---- | C] () -- C:\Windows\Readiris.ini
[2009/11/07 00:34:09 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009/10/30 10:52:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/29 23:24:23 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2009/06/08 19:43:49 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2009/01/09 17:51:58 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009/01/09 11:37:32 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2009/01/09 11:37:32 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2009/01/09 11:07:35 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009/01/09 10:45:12 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/08/21 21:46:34 | 000,059,160 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2010/03/01 12:18:55 | 000,000,000 | -HSD | M] -- C:\Users\Mériem\AppData\Roaming\.#
[2009/01/09 11:35:23 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\Acer GameZone Console
[2009/11/15 15:32:33 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\Apowersoft
[2009/10/26 23:38:55 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\Big Fish Games
[2010/04/30 14:06:25 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\CVitae
[2010/02/05 23:14:16 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\DWGeditor
[2009/11/23 13:47:56 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\eSobi
[2009/10/31 20:24:42 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\FloodLightGames
[2009/10/30 18:32:55 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\Gaijin Ent
[2009/11/10 23:38:09 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\gtk-2.0
[2010/05/08 09:55:58 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\IM
[2009/11/10 23:32:52 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\Inkscape
[2009/11/09 21:56:30 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\Juniper Networks
[2010/02/10 22:23:34 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\Opera
[2010/02/01 19:46:18 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\Samsung
[2010/04/27 22:12:38 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\SolidDocuments
[2009/10/26 22:03:59 | 000,000,000 | ---D | M] -- C:\Users\Mériem\AppData\Roaming\Windows Live Writer
[2010/05/08 13:43:58 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/05/07 23:15:45 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1495A1F5-7326-43FD-B3A0-876B6053D9C2}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:C95B63DA
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:FEBEC560
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:FC420CE6
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:B623B5B8
< End of report >

OTL Extras logfile created on: 08/05/2010 14:29:12 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Mériem\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 227,88 Gb Total Space | 123,37 Gb Free Space | 54,14% Space Free | Partition Type: NTFS
Drive D: | 227,88 Gb Total Space | 44,50 Gb Free Space | 19,53% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3,73 Gb Total Space | 1,56 Gb Free Space | 41,80% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-MÉRIEM
Current User Name: Mériem
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01BDC77F-BC01-4927-8B32-C5788A9CD046}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{05BB2540-FD15-4528-A514-51E4320255DD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{116AEF76-3979-4E7E-B40B-709553E60672}" = rport=5358 | protocol=6 | dir=out | app=system |
"{165ECAE7-7E68-461D-B567-5B134395D64C}" = lport=138 | protocol=17 | dir=in | app=system |
"{16C1EA29-6145-45DE-B48C-B5A71A2DC96C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1E405CB3-E156-4B6A-A753-A10E89B7DCFB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{218E0970-B89B-440D-A4F4-85DD6E4EF559}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{260F85DE-EE5A-4D5A-8D7B-5580C3D46B80}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{527B1B01-7627-4615-AA74-06FB7938EE85}" = lport=5357 | protocol=6 | dir=in | app=system |
"{548C6727-19DF-47AD-9D2F-C2FAE27F0876}" = rport=445 | protocol=6 | dir=out | app=system |
"{5BC5016B-3DE1-4347-9785-00FD187C669F}" = lport=445 | protocol=6 | dir=in | app=system |
"{74B4CBAD-C88E-4B26-8FCB-2C97B1D45D2D}" = rport=138 | protocol=17 | dir=out | app=system |
"{88ADC58A-11CA-4BCB-9517-DC3E7B613EC5}" = lport=137 | protocol=17 | dir=in | app=system |
"{91B3DC7B-AC4C-4926-A782-D8AD5844C2D8}" = rport=137 | protocol=17 | dir=out | app=system |
"{9935B1D0-ED36-431E-9247-C26AD4B798C2}" = rport=5357 | protocol=6 | dir=out | app=system |
"{A4588056-F698-4C50-B57C-3190F3CAB8AD}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{AD13904E-5505-4B94-ACD4-53D65640C341}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BFCECD14-1D31-414D-8E21-8C8F5F990977}" = lport=139 | protocol=6 | dir=in | app=system |
"{C13E39F7-190B-4DDE-A790-BB11E9F168CD}" = rport=139 | protocol=6 | dir=out | app=system |
"{DBC7C9E8-74C4-4C15-B1C4-2D8893361ECC}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{F9275A43-E413-4041-BCB4-B0AE5BADA131}" = lport=5358 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{069FD6E2-D01A-44F7-94F5-D33E3D1F7720}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C7DE0AB-0310-4B5E-AC73-95454D0772B6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{100AB495-FEB4-4315-BEF0-E3986F78F741}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{136CD08A-C9E6-49F7-A3E1-46ED390191F8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{13970F48-6D4E-4810-8FA4-AC7DC6859269}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{223F302E-24B2-4B8E-AEFE-DD5F3A5EF3EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2AB91839-446D-4FF5-889B-CCB3FB315E19}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{2BC0A329-75D9-497F-8484-30D398C551A9}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{355361CE-4684-4533-AB77-A56D3AAC57D2}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{46FB9C2C-A252-4747-A756-8CD4D706A180}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{47008A91-ECDA-457B-8D09-776F0F353D59}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{4C5D3C5C-CB5A-4DEB-B105-2DB54197D682}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{58A67EA8-6F87-4744-8203-F950C19DC4A6}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{81671485-1111-499F-90DE-2DAC7C881EDD}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{92A18F98-0C94-48CC-A624-EE04991BBDC2}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{B3E0D406-06B6-4555-9699-E3FBCB5DECC4}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{B722FC8F-57F4-41F4-8B4D-2C5B50C14E38}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{BF692DD6-41FD-482A-B4FC-3B3BDDCF5275}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C3E1E6F4-EAB9-41A9-BFB2-C06EE575CC54}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C6A35AF7-0F74-4A89-8D2C-50935633C25A}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{C8A874C2-6DF2-4307-8766-4E0363A2B41E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{D0790D99-8233-4A68-9496-837D119DD3B2}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{E4904E7F-64E3-4308-A8A3-FEAE69B288A6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E6509CA2-0985-4C37-BF14-DC55F7712491}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E74F3A9A-0504-467A-BA83-F172A1B3322E}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{E917B6AF-E80F-4AAC-BBDC-D428ABFC9376}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{E949AFBB-D17F-4C2C-A46A-5206B48192BC}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{F2CDE8D9-C3DC-47A0-9EBF-EE28F6D86DA9}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{FB922DD1-1884-4662-BE44-2089D599F8C6}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{FF48751F-080E-49E5-962A-100F5D1D9BFB}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"TCP Query User{4519EC74-5B1F-4031-AB8C-92DEA230ABEC}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{4CA63153-C244-412D-8109-C4A239307265}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{65CD38CE-1DA5-4DC2-AC44-B89AC5B02DF6}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{9BD1A225-2FB1-4056-A714-D8BC57FD8001}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{06AA18D3-E20F-404E-855E-CAF17DE4CC9C}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{8EF23AA5-3378-45C3-9EAA-99082211CAEF}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{9209218B-6D19-46B3-932A-C5F1B12043BC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{CAC96939-9C98-4F8D-B990-AA1446C1A1AF}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{030A97A0-8506-4ABD-98B1-183F8889EF8C}" = SolidWorks Explorer 2009 sp03
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18754BA4-4F0C-4E6E-888B-9496AFA05F43}" = Ma-Config.com
"{1B140425-1EA0-4AB8-BB31-1830C4A0A1F2}" = DWGeditor
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 18
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56BFAA6E-2BCC-4AED-9233-84731E66B205}" = Solid Converter PDF v4
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80BA07B3-537F-4189-92F7-26E2BA76095A}" = SolidWorks eDrawings 2009
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.2 - Français
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B0F11672-0D3D-4881-8BA2-06AD828670BB}" = Readiris Pro 11 Demo
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D5B35376-6F9E-47B3-A9F8-791824EBFE0D}" = Samsung PC Studio 3
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DC82B166-F691-4C9A-9D9E-4FA71C35434E}" = SolidWorks 2009 SP03
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye Webcam
"{DDD04533-8F0C-496F-A7D4-067510745DE4}" = SolidWorks viewer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Five-a-Side Football" = Five-a-Side Football (remove only)
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"JuniperSetupClient Activex Control" = Juniper Networks Setup Client Activex Control
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live_France Toolbar" = Messenger_Plus_Live_France Toolbar
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"NAV" = Norton AntiVirus
"NVIDIA Drivers" = NVIDIA Drivers
"PDF Editor 2" = PDF Editor 2
"PhotoFiltre" = PhotoFiltre
"PROPLUS" = Microsoft Office Professional Plus 2007
"RealPlayer 12.0" = RealPlayer
"Salaat Time 2.0 {D91540FA-7A65-4C0B-B475-2936C370EACB}" = Salaat Time 2.0
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SolidWorks Installation Manager 20090-40300-1100-200" = SolidWorks 2009 SP03
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Unlocker" = Unlocker 1.8.8
"VLC media player" = VLC media player 1.0.5
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Installation Windows Live

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CVitaeV4" = CVitaeV4
"JuniperSetupClient" = Juniper Networks Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/04/2010 02:46:57 | Computer Name = PC-de-Mériem | Source = WinMgmt | ID = 10
Description =

Error - 12/04/2010 02:49:45 | Computer Name = PC-de-Mériem | Source = Application Error | ID = 1000
Description = Application défaillante SynTPEnh.exe, version 10.2.4.0, horodatage
0x4790f827, module défaillant SynTPEnh.exe, version 10.2.4.0, horodatage 0x4790f827,
code d’exception 0xc0000409, décalage d’erreur 0x0002983c, ID du processus 0xf9c,
heure de début de l’application 0x01cada0bee4f1411.

Error - 12/04/2010 02:51:41 | Computer Name = PC-de-Mériem | Source = WinMgmt | ID = 10
Description =

Error - 12/04/2010 02:55:47 | Computer Name = PC-de-Mériem | Source = WinMgmt | ID = 10
Description =

Error - 12/04/2010 06:07:19 | Computer Name = PC-de-Mériem | Source = WinMgmt | ID = 10
Description =

Error - 12/04/2010 11:59:30 | Computer Name = PC-de-Mériem | Source = WinMgmt | ID = 10
Description =

Error - 12/04/2010 12:01:39 | Computer Name = PC-de-Mériem | Source = Application Error | ID = 1000
Description = Application défaillante SynTPEnh.exe, version 10.2.4.0, horodatage
0x4790f827, module défaillant SynTPEnh.exe, version 10.2.4.0, horodatage 0x4790f827,
code d’exception 0xc0000409, décalage d’erreur 0x0002983c, ID du processus 0xd8c,
heure de début de l’application 0x01cada592b77b1c7.

Error - 13/04/2010 02:06:18 | Computer Name = PC-de-Mériem | Source = WinMgmt | ID = 10
Description =

Error - 13/04/2010 02:06:39 | Computer Name = PC-de-Mériem | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 14.0.8089.726, horodatage
0x4a6ce533, module défaillant PresenceIM.dll, version 14.0.8089.726, horodatage
0x4a6ce51e, code d’exception 0xc0000005, décalage d’erreur 0x0002186c, ID du processus
0xe20, heure de début de l’application 0x01cadacf755847de.

Error - 13/04/2010 07:58:08 | Computer Name = PC-de-Mériem | Source = Application Error | ID = 1000
Description = Application défaillante SynTPEnh.exe, version 10.2.4.0, horodatage
0x4790f827, module défaillant SynTPEnh.exe, version 10.2.4.0, horodatage 0x4790f827,
code d’exception 0xc0000409, décalage d’erreur 0x0002983c, ID du processus 0xf14,
heure de début de l’application 0x01cadacf6cc1f26e.

[ OSession Events ]
Error - 22/04/2010 06:05:20 | Computer Name = PC-de-Mériem | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 06/05/2010 14:10:20 | Computer Name = PC-de-Mériem | Source = Service Control Manager | ID = 7000
Description =

Error - 06/05/2010 14:10:54 | Computer Name = PC-de-Mériem | Source = DCOM | ID = 10016
Description =

Error - 07/05/2010 01:33:18 | Computer Name = PC-de-Mériem | Source = Service Control Manager | ID = 7000
Description =

Error - 07/05/2010 01:34:03 | Computer Name = PC-de-Mériem | Source = DCOM | ID = 10016
Description =

Error - 07/05/2010 10:29:53 | Computer Name = PC-de-Mériem | Source = Dhcp | ID = 1001
Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur
DHCP) pour la carte réseau avec l'adresse réseau 0017C47C3517. Il s'est produit
l'erreur suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa
propre adresse auprès du serveur d'adresse réseau (DHCP).

Error - 08/05/2010 03:55:40 | Computer Name = PC-de-Mériem | Source = Service Control Manager | ID = 7000
Description =

Error - 08/05/2010 03:56:28 | Computer Name = PC-de-Mériem | Source = DCOM | ID = 10016
Description =

Error - 08/05/2010 05:19:01 | Computer Name = PC-de-Mériem | Source = Dhcp | ID = 1001
Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur
DHCP) pour la carte réseau avec l'adresse réseau 0017C47C3517. Il s'est produit
l'erreur suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa
propre adresse auprès du serveur d'adresse réseau (DHCP).

Error - 08/05/2010 07:52:35 | Computer Name = PC-de-Mériem | Source = Service Control Manager | ID = 7000
Description =

Error - 08/05/2010 07:52:57 | Computer Name = PC-de-Mériem | Source = DCOM | ID = 10016
Description =


< End of report >

Désinstalle Hijackthis



Mets Java à jour
http://javadl.sun.com/webapps/download/AutoDL?BundleId=39494



Quelques suppressions. Relance OTL

• Dans le cadre Personnalisation qui est en bas, colle le contenu du cadre ci dessous :
  
  

  Citation :

  :OTL
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  [2010/05/07 21:11:39 | 000,000,000 | ---D | C] -- C:\UsbFix
  [2010/05/06 20:52:27 | 000,000,000 | ---D | C] -- C:\rsit
  [2010/03/01 12:18:55 | 000,000,000 | -HSD | M] -- C:\Users\Mériem\AppData\Roaming\.#
  
  :Commands
  [purity]
  [EMPTYFLASH]
  [emptytemp]

  Puis clique sur le bouton Correction en haut.
  
• Laisse OTL tourner, le pc va redémarrer.
  
• Au redémarrage, un nouveau rapport va s'ouvrir, copie/colle son contenu ici svp
  

Un scan en ligne pour contrôler le tout.
Rends toi sur kaspersky online scanner (clique ici)

• Clique sur Accept en bas pour installer le programme.
  
• Ferme toutes tes fenêtres et désactive tes logiciels de sécurité.
  
• Clique sur exécuter pour lancer le programme.
  Patiente le temps de la mise à jour ...
  
• Clique sur my computer sous scan (à gauche)
  Patiente le temps du scan.
  
• Dès que c'est fini, clique sur Report... à gauche, puis clique sur save report...

Sauvegarde le rapport sous le nom kaspersky.txt et copie/colle son contenu ici svp.
Réactive ton antivirus.

ps : n'utilise pas ton pc le temps du scan.

Une aide en image ici



A plus tard.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
C:\UsbFix\Tools\Erunt folder moved successfully.
C:\UsbFix\Tools folder moved successfully.
C:\UsbFix\Reg folder moved successfully.
C:\UsbFix\Quarantine\D\$RECYCLE.BIN folder moved successfully.
C:\UsbFix\Quarantine\D folder moved successfully.
C:\UsbFix\Quarantine\C\$RECYCLE.BIN\S-1-5-21-826191800-4290940314-1872323238-500.UsbFix folder moved successfully.
C:\UsbFix\Quarantine\C\$RECYCLE.BIN\S-1-5-21-826191800-4290940314-1872323238-1000.UsbFix folder moved successfully.
C:\UsbFix\Quarantine\C\$RECYCLE.BIN folder moved successfully.
C:\UsbFix\Quarantine\C folder moved successfully.
C:\UsbFix\Quarantine folder moved successfully.
C:\UsbFix\Fich folder moved successfully.
C:\UsbFix\Backup\Registry 08-05-2010\Users\00000002 folder moved successfully.
C:\UsbFix\Backup\Registry 08-05-2010\Users\00000001 folder moved successfully.
C:\UsbFix\Backup\Registry 08-05-2010\Users folder moved successfully.
C:\UsbFix\Backup\Registry 08-05-2010 folder moved successfully.
C:\UsbFix\Backup folder moved successfully.
Folder move failed. C:\UsbFix scheduled to be moved on reboot.
C:\rsit folder moved successfully.
C:\Users\Mériem\AppData\Roaming\.# folder moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Mériem
->Flash cache emptied: 19278 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mériem
->Temp folder emptied: 3815542 bytes
->Temporary Internet Files folder emptied: 181221987 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 80339926 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3424 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 253,00 mb


OTL by OldTimer - Version 3.2.4.1 log created on 05082010_180431

Files\Folders moved on Reboot...
C:\UsbFix folder moved successfully.
File\Folder C:\Windows\temp\JETEFDA.tmp not found!

Registry entries deleted on Reboot...

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Sunday, May 9, 2010
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Sunday, May 09, 2010 08:31:31
Records in database: 4086965
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Objects scanned: 157020
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 04:31:19

No threats found. Scanned area is clean.

Selected area has been scanned.

Salut m3ri3m

Ton pc me semble propre, tu vois quelque chose de ton côté ?

Non je ne vois rien de spécial

Merci GrosBébé de ton Aiiiiiiide

Ok

Double clique sur OTL.exe et clique sur le bouton Purge Outils. OTL va supprimer tous les logiciels qu'on a utilisés et faire redémarrer ton ordinateur.


Supprime tous les logiciels que je t'ai demandés d'installer qui ne seraient pas partis avec OTL ainsi que les différents rapports.


Conserve Malwarebyte et utilise le régulièrement, c'est un antimalware "grand public"

"""""""""""""""""""""""""""""""""""""""""""""

Désactive puis réactive la restauration du système.
http://www.commentcamarche.net/faq/13214-desactiver-reactiver-la-restauration-systeme-de-vista

"""""""""""""""""""""""""""""""""""""""""""""

Voilà, si tu estimes ton problème résolu, édite ton premier message pour rajouter [Résolu] dans ton titre svp

Je te remercie .... MERCI

De rien m3ri3m

Le sujet semble résolu, je le verrouille. Si pour une raison ou une autre, vous avez besoin de le réouvrir, faites en la demande par MP en précisant la raison et le lien vers ce sujet. Ceci ne s'applique qu'à m3ri3m. Pour les autres, créez votre propre sujet svp.