Sujet Précédent Sujet Suivant

Dites moi si je suis infecté

flush-royal Messages postés 49 Statut Membre -  
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité -
Bonjour,
bonjour a vous tous
je suis tout nouveau sur le site et je suis pas un pro sur l informatique
je voudrais savoir si je suis infecté par des virus car j ai mon pc portable qui rame un peu et j ai envie de payer avec ma carte banquaire dessus
je vous met mon rapport d hijackthis si je me suis pas trompé oups
je vous suis tres reconnaissant au travail que vous faitent pour nous aider Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:37:14, on 21/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Users\Acer\Downloads\HiJackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\Program Files\Stardock\Object Desktop\DeskScapes\deskscapes.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\Program Files\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\Program Files\Stardock\Object Desktop\DeskScapes\DreamControl.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\ORSP Client\fsorsp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

52 réponses

Précédent
Réponse 21 / 52
flush-royal Messages postés 49 Statut Membre
 
dit moi
0
Réponse 22 / 52
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
on verra ça une fois fini si tu veux bien : Maintenant fait moi ceci :

Télécharger RemoveIT Pro

Fais un scan et poste moi le full rapport log.

A la fin du 1er scan, s'il demande de faire un scan complet dite oui et à la fin du 2ème scan, si virus trouvé cliquez sur fix pour nettoyer des virus trouvés.
0
Réponse 23 / 52
flush-royal Messages postés 49 Statut Membre
 
merci de ta reponse j ai fait le scan
il m a trouvé 3 virus sur des fichiers syst32 je l ai est supprimer en cliquant sur fix
mais quand je fais le full report log je clic sur( save full report log) apres une fenetre apparait (build log about )
je laisse tout coché il lance tout et a la fin j ai un message (error writing log file )
0
Réponse 24 / 52
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
pas grave surtout ne coche tien sans que je te le demande cela pourrait endommager ton pc.

Ensuite fait moi ceci pour voir qu'il n'y plus de virus.

v
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 52
flush-royal Messages postés 49 Statut Membre
 
je comprend pas fais moi ceci lol il y a rien comme lien
0
Réponse 26 / 52
flush-royal Messages postés 49 Statut Membre
 
dsl j ai reussi a poster le log car j etais avec le compte utilisateur
RemoveIT Pro v4 - SE (Build date: 6.6.2008) full information log file.
Generated at: 25/03/2009 on 21:45:34
Microsoft Windows Vista Home Edition Service Pack 1 (Build 6001)
Author: Damjan Irgolic
https://www.incodesolutions.com/
support@incodesolutions.com

Running processes: (28)
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Windows\system32\conime.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe

Startup files:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\WMPNSCFG
[C:\Program Files\Windows Media Player\WMPNSCFG.exe]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Sidebar
[C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ehTray.exe
[C:\Windows\ehome\ehTray.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\eRecoveryService
[]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NWEReboot
[]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ZPdtWzdVitaKey MC3000
["C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Windows Defender
[%ProgramFiles%\Windows Defender\MSASCui.exe -hide]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\WarReg_PopUp
[C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SynTPEnh
[C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RtHDVCpl
[RtHDVCpl.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ORAHSSSessionManager
[C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NvCplDaemon
[RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\IAAnotif
[C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\eDataSecurity Loader
[C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\eAudio
["C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Adobe Reader Speed Launcher
["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\F-Secure Manager
["C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\F-Secure TNB
["C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW]

Detail report: (95)
Clsid c:\program files\acer\acer bio protection\winnotify.dll[7070dd032f4ae4d5d71d03fcbca3a57a][2972160]
Clsid c:\program files\stardock\object desktop\deskscapes\deskscapes.dll[dfd9e4c0072ea6d008d27d1d6bce5464][103728]
Clsid c:\program files\stardock\object desktop\deskscapes\desktopcontrolpanel.dll[4c5ef6655c88b284ad5c483dfb4734ce][87368]
Clsid c:\program files\stardock\object desktop\deskscapes\dreamcontrol.dll[bf390f2b7b675ae7d3340841fa2cfde4][591176]
Clsid c:\program files\superantispyware\saswinlo.dll[972edede23ac8d59aac0c09799c6f18a][356352]
Clsid C:\Windows\system32\iconcodecservice.dll[08578f3ca5365f896d90ce2bf97fd000][9728]
Proc C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe[5a56936640ecf4dbc94fdb9a759edf23][90112]
Proc C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe[a7723617eaf467cd162e1682776f33d8][65536]
Proc C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe[ad4d33e92320b0c8edefea72042f5074][3607040]
Proc C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe[a5bf13293d953a89ca9d50fa15b5b4ba][3772136]
Proc C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe[250ef6ee2eefe202e0b35b6ec583e8bf][544768]
Proc C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe[4bc8167722b6c79b1b13f1f2076b9eec][526896]
Proc C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe[5f3e76c6be90c901c7a3058f05a5dc33][550912]
Proc C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[6e1ac019c8fd1997bf5a17da93627510][178712]
Proc C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE[499812f99b7693a0bbea50d7cad26fef][182936]
Proc C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe[f13a180adc7d18494cf0d3fe4c02b6cc][604768]
Proc C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe[377586e4672c472c6e8afd370f253d46][716800]
Proc C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe[3697f31073e11aacad51546772590f65][364544]
Proc C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe[4651e788ff17882dcf53ee3403e09f3c][28672]
Proc C:\Program Files\OrangeHSS\Launcher\Launcher.exe[fea69c05f185c50f47937acc2cd4656c][598016]
Proc C:\Program Files\OrangeHSS\systray\systrayapp.exe[19669327968537ba685f5c836180b493][94208]
Proc C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[19d93154c82fe39a99b269ced1056a92][1033512]
Proc C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[892699a6aeb910c58b726bd70bea4f4b][95528]
Proc C:\Program Files\Windows Media Player\wmpnscfg.exe[35937ead711207544e219c2a19a78a7d][202240]
Proc C:\Program Files\Windows Sidebar\sidebar.exe[fd278e51a7d6f52d22fce6c67e037ad6][1233920]
Proc C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe[b2994ec6452dbd04e57828eefedfb93c][204800]
Proc C:\Windows\ehome\ehmsas.exe[0f4195b9b348de5cf9b822f81704b20e][37376]
Proc C:\Windows\ehome\ehtray.exe[bf08674925f151bd4537b89a493e3e0c][125952]
Proc C:\Windows\Explorer.EXE[4f554999d7d5f05daaebba7b5ba1089d][2927104]
Proc C:\Windows\RtHDVCpl.exe[02078deb5d98f1f707ed6f4527073b69][6111232]
Proc C:\Windows\system32\conime.exe[f96ebc5a624349d81dcc7600a3c5dc43][69120]
Proc C:\Windows\system32\Dwm.exe[59903071d7ace6a02093c47e9e38af97][81920]
Proc C:\Windows\system32\taskeng.exe[5f109032ce46b7184ed9e50f9fe8489e][169472]
RegRun c:\program files\acer\acer bio protection\pdtwzd.exe [ad4d33e92320b0c8edefea72042f5074][3607040]
RegRun c:\program files\acer\empowering technology\eaudio\eaudio.exe[250ef6ee2eefe202e0b35b6ec583e8bf][544768]
RegRun c:\program files\acer\empowering technology\edatasecurity\x86\edsloader.exe[4bc8167722b6c79b1b13f1f2076b9eec][526896]
RegRun c:\program files\acer\wr_popup\warreg_popup.exe[5a2a87028cb479ffa3abbdcc98b09c47][303104]
RegRun c:\program files\adobe\reader 8.0\reader\reader_sl.exe[392845e8d49b5f0e81aac4d795000a8c][39792]
RegRun c:\program files\intel\intel matrix storage manager\iaanotif.exe[6e1ac019c8fd1997bf5a17da93627510][178712]
RegRun c:\program files\orange\antivirusfirewall\common\fsm32.exe [499812f99b7693a0bbea50d7cad26fef][182936]
RegRun c:\program files\orange\antivirusfirewall\fsgui\tnbutil.exe [a13e30a517235a507d63393c420bf9d2][957024]
RegRun c:\program files\orangehss\sessionmanager\sessionmanager.exe[d691a9beaf0073554d80936a6d180752][107248]
RegRun c:\program files\synaptics\syntp\syntpenh.exe[19d93154c82fe39a99b269ced1056a92][1033512]
RegRun c:\program files\windows media player\wmpnscfg.exe[35937ead711207544e219c2a19a78a7d][202240]
RegRun c:\program files\windows sidebar\sidebar.exe [fd278e51a7d6f52d22fce6c67e037ad6][1233920]
RegRun c:\windows\ehome\ehtray.exe[bf08674925f151bd4537b89a493e3e0c][125952]
RegRun C:\Windows\rthdvcpl.exe[02078deb5d98f1f707ed6f4527073b69][6111232]
RegRun c:\windows\system32\nvcpl.dll[8ae58b0e9865516cfdd1d109e91ba6c3][13535776]
Service c:\acer\mobility center\mobilityservice.exe [1e1a308f4229fab0011a0745ee8377ae][110592]
Service c:\progra~1\common~1\france telecom\shared modules\ftrtsvc\0\ftrtsvc.exe[c88862f45ac3b447df50e814be2f6a13][65536]
Service c:\program files\acer arcade deluxe\homemedia\kernel\dmp\clhnservice.exe[5ca9b1062c0c3e3ae19c23ad9d8a5048][81504]
Service c:\program files\acer\acer bio protection\basvc.exe[60a52c8e2e25c62ec8359c28a4af6e25][3471360]
Service c:\program files\acer\empowering technology\edatasecurity\x86\edsservice.exe[b7dc2580425225c320ceda78de55a3d0][500784]
Service c:\program files\acer\empowering technology\service\etservice.exe[a51fd9df23720485991f56741bbefcfb][24576]
Service c:\program files\a-squared free\a2service.exe[b2d205564a3b9329b32c6ccb504437e0][425080]
Service c:\program files\common files\intel\wirelesscommon\regsrvc.exe[3ff45b7f17d5837216abae652cc61540][466944]
Service c:\program files\common files\lightscribe\lssrvc.exe[793ff718477345cd5d232c50bed1e452][61440]
Service c:\program files\intel\intel matrix storage manager\iaantmon.exe[cb686f44bf955ea02520710a56874fa4][354840]
Service c:\program files\intel\wifi\bin\evteng.exe[54b6e150bff4a47eb0d204119d262e46][860160]
Service c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe[cb76f68ba0d57c5d25b538981b1c611c][50424]
Service c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe[09e6affae6c0e9158bf05c7d08d0107a][16384]
Service c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe[df1c10a75df7e50195fc417f88a33227][131072]
Service c:\program files\orange\antivirusfirewall\anti-virus\fsgk32st.exe[f46eefe92c143bb9d0df3f7d98ea7847][215648]
Service c:\program files\orange\antivirusfirewall\common\fsma32.exe[df064e75259120bd6fb3677debad7040][117400]
Service c:\program files\orange\antivirusfirewall\fsaua\program\fsaua.exe[ee12ad9cd511c94c0a7af6e6040cb4c5][490080]
Service c:\program files\orange\antivirusfirewall\fwes\program\fsdfwd.exe[d08802e4bf2447fe5ef3568b98c4ac06][510560]
Service c:\program files\orange\antivirusfirewall\orsp client\fsorsp.exe[4ca5b3858903d7194d1f71840f155061][55904]
Service c:\program files\spybot - search & destroy\sdwinsec.exe[794d4b48dfb6e999537c7c3947863463][1153368]
Service c:\program files\windows media player\wmpnetwk.exe[3978704576a121a9204f8cc49a301a9b][896512]
Service c:\windows\ehome\ehrecvr.exe[9be3744d295a7701eb425332014f0797][292352]
Service c:\windows\ehome\ehsched.exe[ad1870c8e5d6dd340c829e6074bf3c3f][131072]
Service c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe[d87acaed61e417bba546ced5e7e36d9c][69632]
Service c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe[7b630acaed64fef0c3e1cf255cb56686][881664]
Service c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe[0ad5876ef4e9eb77c8f93eb5b2fff386][132096]
Service c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe[c9be08664611ddaf98e2331e9288b00b][46104]
Service c:\windows\servicing\trustedinstaller.exe[16613a1bad034d4ecf957af18b7c2ff5][39424]
Service c:\windows\system32\agrsmsvc.exe[efbc44fbd75e4f80bd927aebf6e7eade][13312]
Service c:\windows\system32\alg.exe[a1545b731579895d8cc44fc0481c1192][59392]
Service c:\windows\system32\dfsr.exe[fa3463f25f9cc9c3bcf1e7912feff099][2091520]
Service c:\windows\system32\dllhost.exe [be01e566d1f569aab32d0335613e1eea][7168]
Service c:\windows\system32\locator.exe[5123f83cbc4349d065534eeb6bbdc42b][7680]
Service c:\windows\system32\lsass.exe[dcf733788c7d088d814e5f80eb4b3e0f][9728]
Service c:\windows\system32\msdtc.exe[fd7520cc3a80c5fc8c48852bb24c6ded][105984]
Service c:\windows\system32\nvvsvc.exe[342fcbf0b293dbec54b055418df1ee7e][118784]
Service c:\windows\system32\searchindexer.exe [7778bdfa3f6f6fba0e75b9594098f737][439808]
Service c:\windows\system32\slsvc.exe[0ba91e1358ad25236863039bb2609a2e][2623488]
Service c:\windows\system32\snmptrap.exe[2a146a055b4401c16ee62d18b8e2a032][12800]
Service c:\windows\system32\spoolsv.exe[846cdf9a3cf4da9b306adfb7d55ee4c2][125952]
Service c:\windows\system32\svchost.exe [3794b461c45882e06856f282eef025af][21504]
Service c:\windows\system32\ui0detect.exe[ecef404f62863755951e09c802c94ad5][35840]
Service c:\windows\system32\vds.exe[b13bc395b9d6116628f5af47e0802ac4][382976]
Service c:\windows\system32\vssvc.exe[d5fb73d19c46ade183f968e13f186b23][1054720]
Service c:\windows\system32\wbem\wmiapsrv.exe[aba4cf9f856d9a3a25f4ddd7690a6e9d][137728]
Startup c:\programdata\microsoft\windows\start menu\programs\startup\desktop.ini[7f1698bab066b764a314a589d338daae][174]
System.ini c:\windows\system32\svchost.exe [3794b461c45882e06856f282eef025af][21504]

Startup folder: (1)
Startup name: desktop.ini
Command: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

Win.ini Startup: (1)
Path: No additional driver found!

Win.ini Startup: (1)
Path: No additional driver found!

Keyboard drivers: (1)
Name: No Keyboard Filter driver found!

Services: (147)
Service Name: Accès du périphérique d'interface utilisateur [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Acquisition d'image Windows (WIA) [Stopped],
Path: C:\Windows\system32\svchost.exe -k imgsvc
Service Name: Agent de protection d’accès réseau [Stopped],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Agent de stratégie IPsec [Running],
Path: C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
Service Name: Agere Modem Call Progress Audio [Running],
Path: C:\Windows\system32\agrsmsvc.exe
Service Name: Appel de procédure distante (RPC) [Running],
Path: C:\Windows\system32\svchost.exe -k rpcss
Service Name: Application système COM+ [Stopped],
Path: C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Service Name: a-squared Free Service [Running],
Path: "C:\Program Files\a-squared Free\a2service.exe"
Service Name: Assistance IP [Running],
Path: C:\Windows\System32\svchost.exe -k NetSvcs
Service Name: Assistance NetBIOS sur TCP/IP [Running],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Audio Windows [Running],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Cache de police de Windows Presentation Foundation 3.0.0.0 [Stopped],
Path: C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Service Name: Carte à puce [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Carte de performance WMI [Stopped],
Path: C:\Windows\system32\wbem\WmiApSrv.exe
Service Name: Centre de sécurité [Running],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: CLHNService [Running],
Path: C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
Service Name: Cliché instantané de volume [Stopped],
Path: C:\Windows\system32\vssvc.exe
Service Name: Client de stratégie de groupe [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Client de suivi de lien distribué [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Client DHCP [Running],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Client DNS [Running],
Path: C:\Windows\system32\svchost.exe -k NetworkService
Service Name: Collecteur d'événements de Windows [Stopped],
Path: C:\Windows\system32\svchost.exe -k NetworkService
Service Name: Configuration automatique de réseau câblé [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Configuration des services Terminal Server [Stopped],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Connaissance des emplacements réseau [Running],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Connexions réseau [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Contrôle parental [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Coordinateur de transactions distribuées [Stopped],
Path: C:\Windows\System32\msdtc.exe
Service Name: Découverte SSDP [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Détection de services interactifs [Stopped],
Path: C:\Windows\system32\UI0Detect.exe
Service Name: Détection matériel noyau [Running],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Disque virtuel [Stopped],
Path: C:\Windows\System32\vds.exe
Service Name: eDataSecurity Service [Running],
Path: "C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe"
Service Name: Emplacement protégé [Stopped],
Path: C:\Windows\system32\lsass.exe
Service Name: Empowering Technology Service [Running],
Path: C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
Service Name: Énumérateur de bus IP PnP-X [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Expérience audio-vidéo haute qualité Windows [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Expérience d’application [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Explorateur d'ordinateurs [Running],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Fournisseur de cliché instantané de logiciel Microsoft [Stopped],
Path: C:\Windows\System32\svchost.exe -k swprv
Service Name: France Telecom Routing Table Service [Running],
Path: "C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe"
Service Name: F-Secure Anti-Virus Firewall Daemon [Running],
Path: "C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe"
Service Name: F-Secure Automatic Update Agent [Running],
Path: "C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe"
Service Name: F-Secure Management Agent [Running],
Path: "C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE"
Service Name: F-Secure ORSP Client [Running],
Path: "C:\Program Files\Orange\AntivirusFirewall\ORSP Client\fsorsp.exe"
Service Name: FSGKHS [Running],
Path: "C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe"
Service Name: Générateur de points de terminaison du service Audio Windows [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Gestion à distance de Windows (Gestion WSM) [Stopped],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Gestion des clés et des certificats d'intégrité [Stopped],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Gestionnaire de comptes de sécurité [Running],
Path: C:\Windows\system32\lsass.exe
Service Name: Gestionnaire de connexion automatique d'accès distant [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Gestionnaire de connexions d'accès distant [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Gestionnaire de sessions du Gestionnaire de fenêtrage [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Gestionnaire d'identité réseau homologue [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Groupement de mise en réseau de pairs [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Horloge Windows [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Hôte de périphérique UPnP [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Hôte du fournisseur de découverte de fonctions [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Hôte système de diagnostics [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: iGroupTec Service [Running],
Path: C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
Service Name: Informations d'application [Stopped],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Infrastructure de gestion Windows [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Intel(R) Matrix Storage Event Monitor [Running],
Path: C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
Service Name: Intel® PROSet/Wireless Event Log [Running],
Path: C:\Program Files\Intel\WiFi\bin\EvtEng.exe
Service Name: Intel® PROSet/Wireless Registry Service [Running],
Path: C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
Service Name: Interruption SNMP [Stopped],
Path: C:\Windows\System32\snmptrap.exe
Service Name: Isolation de clé CNG [Running],
Path: C:\Windows\system32\lsass.exe
Service Name: Journal d’événements Windows [Running],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Journaux & alertes de performance [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Service Name: Lanceur de processus serveur DCOM [Running],
Path: C:\Windows\system32\svchost.exe -k DcomLaunch
Service Name: Lanceur des services Windows Media Center [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Service Name: Licence du logiciel [Running],
Path: C:\Windows\system32\SLsvc.exe
Service Name: LightScribeService Direct Disc Labeling Service [Running],
Path: "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
Service Name: Localisateur d'appels de procédure distante (RPC) [Stopped],
Path: C:\Windows\system32\locator.exe
Service Name: Mappage de découverte de topologie de la couche de liaison [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalService
Service Name: Microsoft .NET Framework NGEN v2.0.50727_X86 [Stopped],
Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Service Name: MobilityService [Running],
Path: C:\Acer\Mobility Center\MobilityService.exe -p
Service Name: Modules de génération de clés IKE et AuthIP [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Moteur de filtrage de base [Running],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Service Name: Netlogon [Stopped],
Path: C:\Windows\system32\lsass.exe
Service Name: NTI Backup Now 5 Agent Service [Running],
Path: "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe"
Service Name: NTI Backup Now 5 Backup Service [Running],
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
Service Name: NTI Backup Now 5 Scheduler Service [Running],
Path: C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
Service Name: NVIDIA Display Driver Service [Running],
Path: C:\Windows\system32\nvvsvc.exe
Service Name: Ouverture de session secondaire [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Pare-feu Windows [Running],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Service Name: Partage de connexion Internet (ICS) [Stopped],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Planificateur de classes multimédias [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Planificateur de tâches [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Plug-and-Play [Running],
Path: C:\Windows\system32\svchost.exe -k DcomLaunch
Service Name: Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration [Stopped],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Programme d’installation de modules Windows [Stopped],
Path: C:\Windows\servicing\TrustedInstaller.exe
Service Name: Propagation du certificat [Stopped],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Protocole de résolution de noms d'homologues [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Protocole EAP (Extensible Authentication Protocol) [Running],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Publication des ressources de découverte de fonctions [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Registre à distance [Stopped],
Path: C:\Windows\system32\svchost.exe -k regsvc
Service Name: Réplication DFS [Stopped],
Path: C:\Windows\system32\DFSR.exe
Service Name: Routage et accès distant [Stopped],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Sauvegarde Windows [Stopped],
Path: C:\Windows\system32\svchost.exe -k SDRSVC
Service Name: SBSD Security Center Service [Running],
Path: C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
Service Name: Serveur [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Serveur de priorités des threads [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Service de configuration automatique WLAN [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Service de découverte automatique de Proxy Web pour les services HTTP Windows [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Service de l’Assistant Compatibilité des programmes [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Service de la passerelle de la couche Application [Stopped],
Path: C:\Windows\System32\alg.exe
Service Name: Service de notification d’événements système [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Service de notification de l’interface utilisateur SL [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Service de partage de ports Net.Tcp [Stopped],
Path: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Service Name: Service de planification Windows Media Center [Stopped],
Path: C:\Windows\ehome\ehsched.exe
Service Name: Service de profil utilisateur [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Service de publication des noms d’ordinateurs PNRP [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Service de rapport d'erreurs Windows [Running],
Path: C:\Windows\System32\svchost.exe -k WerSvcGroup
Service Name: Service de réception Windows Media Center [Stopped],
Path: C:\Windows\ehome\ehRecvr.exe
Service Name: Service de stratégie de diagnostic [Running],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Service Name: Service de transfert intelligent en arrière-plan [Running],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Service Énumérateur d’appareil mobile [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Service hôte WDIServiceHost [Stopped],
Path: C:\Windows\System32\svchost.exe -k wdisvc
Service Name: Service Initiateur iSCSI de Microsoft [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Service Interface du magasin réseau [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Service KtmRm pour Distributed Transaction Coordinator [Running],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Service Liste des réseaux [Running],
Path: C:\Windows\System32\svchost.exe -k LocalService
Service Name: Service Panneau de saisie Tablet PC [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Service Partage réseau du Lecteur Windows Media [Running],
Path: "C:\Program Files\Windows Media Player\wmpnetwk.exe"
Service Name: Service ReadyBoost [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Service Windows Media Center Extender [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Service SSTP (Secure Socket Tunneling Protocol) [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Services de base de module de plateforme sécurisée [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalService
Service Name: Services de chiffrement [Running],
Path: C:\Windows\system32\svchost.exe -k NetworkService
Service Name: Services Terminal Server [Running],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Spouleur d'impression [Running],
Path: C:\Windows\System32\spoolsv.exe
Service Name: Station de travail [Running],
Path: C:\Windows\System32\svchost.exe -k LocalService
Service Name: Stratégie de retrait de la carte à puce [Stopped],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Superfetch [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Système de couleurs Windows [Stopped],
Path: C:\Windows\system32\svchost.exe -k wcssvc
Service Name: Système d'événement COM+ [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Téléphonie [Running],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Thèmes [Running],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: WebClient [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Windows CardSpace [Stopped],
Path: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
Service Name: Windows Connect Now - Registre de configuration [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalService
Service Name: Windows Defender [Running],
Path: C:\Windows\System32\svchost.exe -k secsvcs
Service Name: Windows Driver Foundation - Infrastructure de pilote mode-utilisateur [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Windows Installer [Stopped],
Path: C:\Windows\system32\msiexec /V
Service Name: Windows Search [Running],
Path: C:\Windows\system32\SearchIndexer.exe /Embedding
Service Name: Windows Update [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Finished...
0
Réponse 27 / 52
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
je mal fait mon copier coller désolé :

Fais un scan en ligne avec Internet explorer
Rend toi sur ce site : https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan

Voici un tutoriel

0
Réponse 28 / 52
flush-royal Messages postés 49 Statut Membre
 
bonjour pimprenelle j ai fait un scan avec panda il m a detecté ça :
Cookie/Serving... Cookie de surveillance
Latent(e)
Masquer +Infos
1. C:\Users\Acer\AppData\Roaming\Microsoft\Windo...\Cookies\acer@bs.serving-sys[1].txt
Cookie/Serving... Cookie de surveillance
Latent(e)
Masquer +Infos
1. C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Cookies\acer@serving-sys[1].txt
adware/favadd Adware (logiciel publicitaire)
Latent(e)
Masquer +Infos
1. HKEY_LOCAL_MACHINE\Software\Microsoft\Interne...954C80-4F0F-11d3-B17C-00C0DFE39736}
0
Réponse 29 / 52
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
y a pas plus d'info sur celui là : 1. HKEY_LOCAL_MACHINE\Software\Microsoft\Interne...954C80-4F0F-­11d3-B17C-00C0DFE39736}
0
Réponse 30 / 52
flush-royal Messages postés 49 Statut Membre
 
non il y avait que ça
0
Réponse 31 / 52
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
rien d'écrit trojan ou autre?
0
Réponse 32 / 52
flush-royal Messages postés 49 Statut Membre
 
dsl pour le retard je me suis absenté
j ai fait un scan en ligne avec kapersky et il m as rien detecté
celui de panda
Cookie/Serving... Cookie de surveillance
Latent(e)
Masquer +Infos
1. C:\Users\Acer\AppData\Roaming\Microsoft\Windo...\Cookies\acer@bs.serving-sys[1].txt
Cookie/Smartad... Cookie de surveillance
Latent(e)
Masquer +Infos
1. C:\Users\Acer\AppData\Roaming\Microsoft\Windo...s\Cookies\acer@smartadserver[2].txt
Cookie/Serving... Cookie de surveillance
Latent(e)
Masquer +Infos
1. C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Cookies\acer@serving-sys[1].txt
adware/favadd Adware (logiciel publicitaire)
Latent(e)
Masquer +Infos
1. HKEY_LOCAL_MACHINE\Software\Microsoft\Interne...954C80-4F0F-11d3-B17C-00C0DFE39736}
+ d infos pour la derniere menace
Common name: Favadd
Technical name: Adware/Favadd
Threat level: Low
Alias: CrackSpider
Type: Spyware
Subtype: Adware
Effects: It collects information on Internet usage and the applications installed in the computer and uses it to display pop-up advertisements.
Affected platforms:

Windows XP/2000/NT
First detected on: Sept. 13, 2005
Detection updated on: March 15, 2006
Statistics No
Proactive protection:
Yes, using TruPrevent Technologies
Brief Description

Adware refers to programs that display advertising using any means: pop-ups, banners, changes to the browser home page or search page, etc. The advertisements could be associated with the products or services offered by the creator of the program or by third-parties.

Adware can be installed in a number of ways, on some occasions without users' consent, and either with or without users' knowledge of its function.

It affects productivity, preventing tasks from being carried out:

* In the affected computer: it displays pop-up windows.

Favadd does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.
0
Réponse 33 / 52
flush-royal Messages postés 49 Statut Membre
 
petite question ?f-secure software est il vraiment fiable avant que je le supprime

et quel choisir eset smart security a la place

ou le gratuit de antivir personal en version française

merci de votre reponse et apres avoir desinfecté mon pc comment supprimer ses fameux fichiers de f- secure software de mon ordi car impossible
0
Réponse 34 / 52
flush-royal Messages postés 49 Statut Membre
 
bj pimprenelle comment peut on savoir de quel programme provient ses virus
au dessu j ai mis le rapport du scan panda merci de votre reponse
0
Réponse 35 / 52
flush-royal Messages postés 49 Statut Membre
 
bsr pimprenelle comment je peux faire pour retrouver ces fichiers de f- secure software pour pouvoir les supprimer merci de votre aide
0
Réponse 36 / 52
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
il n'y a que ça dans le rapport panda qui me gêne :

1. HKEY_LOCAL_MACHINE\Software\Microsoft\Interne...954C80-4F0F-­11d3-B17C-00C0DFE39736}
+ d infos pour la derniere menace
Common name: Favadd
Technical name: Adware/Favadd
Threat level: Low
Alias: CrackSpider
Type: Spyware
Subtype: Adware
0
Réponse 37 / 52
flush-royal Messages postés 49 Statut Membre
 
pourquoi on peut pas le supprimer ?
0
Réponse 38 / 52
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
C'est marqué CrackSpider c'est bizarre.
0
Réponse 39 / 52
flush-royal Messages postés 49 Statut Membre
 
dit moi je sais pas comment tu fais mais tu doit avoir mal de tete en te couchant
vu le nombre de sujets que tu epluches franchement respect
0
Réponse 40 / 52
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
oui c'est pout ça trop devant l'ordi donne souvent mal de tête c'est pour ça que parfois je ne suis plus de devant l'ordi pour répondre car je préfère aller me coucher cause du mal de tête.
0

Discussions similaires

Blocage temporaire
Larkos -
httpswww.facebook.comEmily.Peters70 -

15 réponses
enlever le blocage
Bennour Abdelaziz -
reda rido -

6 réponses
infecté par des virus
Lisy59120 -
Lisy59120 -

5 réponses
compte Facebook temporairement verrouillé
niela -
president lacovic officiel -

20 réponses
Virus non détecté par mon anti-virus ?
F2L -
cabrier -

12 réponses