stephanes

Membres

Afficher le profil Afficher son activité

Compteur de contenus
7
Inscription
le 15 février 2010
Dernière visite
le 15 mars 2010

Autres informations

Mes langues
français

stephanes's Achievements

Junior Member (3/12)

Réputation sur la communauté

un de plus !

stephanes a répondu à un(e) sujet de stephanes dans Analyses et éradication malwares

On avance...: J'ai fait un nouveau point de restauration système. J'ai enlevé les versions intermédiaires de java que j'ai mis à jour, ainsi que Firefox. Je n'ai pas trouvé où et comment désinstaller Navilog. J'ai aussi fait du nettoyage avec CCleaner, de ma propre initiative. ( enlevé 850 Mo de bazar...)
- le 9 mars 2010
- 12 réponses
un de plus !

stephanes a répondu à un(e) sujet de stephanes dans Analyses et éradication malwares

Voilà qui est fait. Je repasserai si nécessaire pour la lenteur du PC. Est-ce que les 6% de place restante peuvent en être une cause ? Grand merci en tous cas.
- le 8 mars 2010
- 12 réponses
un de plus !

stephanes a répondu à un(e) sujet de stephanes dans Analyses et éradication malwares

Bonsoir, Merci de suivre ce vieux dossier Pas de pub intempestive. J'ai donc lancé RSIT. Je n'ai pas le fichier info, ni dans la barre des taches, ni dans C:\rsit Voici au moins le Log.tx Logfile of random's system information tool 1.06 (written by random/random) Run by Stéphane at 2010-03-06 22:58:41 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 4 GB (6%) free of 73 GB Total RAM: 894 MB (24% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:59:54, on 06/03/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Windows\System32\mobsync.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Windows\System32\wpcumi.exe C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SFR\Kit\9props.exe C:\Program Files\E-Color\True Internet Color\TICIcon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Users\Stéphane\Desktop\programmes et mises à jour\nettoyage PC\RSIT.exe C:\Users\Stéphane\Desktop\programmes et mises à jour\nettoyage PC\Stéphane.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe O4 - HKLM\..\Run: [F-PROT Antivirus Tray application] C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [?????????] ??????????????e O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [EPSON PX700W Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE /FU "C:\Windows\TEMP\E_S3AA6.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True Internet Color\TICIcon.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O13 - Gopher Prefix: O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxdb_device - - C:\Windows\system32\lxdbcoms.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 9673 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Google Software Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{14D920D5-7FFE-4E93-A306-1D8A7805C347}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-02-06 299008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-06 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-21 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-09 3784704] "Acer Empowering Technology Monitor"=C:\Windows\system32\SysMonitor.exe [2006-11-23 319488] "Acer Tour"= [] "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344] "eRecoveryService"= [] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-06 464168] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-02-21 149280] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440] "WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128] "F-PROT Antivirus Tray application"=C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe [2008-04-21 1597832] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-05-07 591696] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "????r"= [] "?????????"=??????????????e [] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-21 68856] "EPSON PX700W Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE [2008-04-07 188928] "Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-06-20 955712] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE True Internet Color Icon.lnk - C:\Program Files\E-Color\True Internet Color\TICIcon.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FPAVServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FPAVServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8650a6e4-346f-11dd-91b6-0019db571278}] shell\AutoRun\command - start.exe shell\iledefrance\command - start.exe ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-02-27 17:11:28 ----D---- C:\Users\Stéphane\AppData\Roaming\dvdcss 2010-02-27 17:11:08 ----D---- C:\Users\Stéphane\AppData\Roaming\vlc 2010-02-24 08:45:48 ----A---- C:\Windows\system32\jscript.dll 2010-02-24 08:45:38 ----A---- C:\Windows\system32\tzres.dll 2010-02-21 11:58:42 ----A---- C:\Windows\system32\javaws.exe 2010-02-21 11:58:42 ----A---- C:\Windows\system32\javaw.exe 2010-02-21 11:58:42 ----A---- C:\Windows\system32\deploytk.dll 2010-02-21 11:58:41 ----A---- C:\Windows\system32\java.exe 2010-02-19 22:02:53 ----A---- C:\cleannavi.txt 2010-02-19 22:01:46 ----D---- C:\Program Files\Navilog1 2010-02-17 22:45:29 ----D---- C:\Program Files\trend micro 2010-02-17 22:45:25 ----D---- C:\rsit 2010-02-16 21:09:04 ----D---- C:\Windows\system32\vi-VN 2010-02-16 21:09:04 ----D---- C:\Windows\system32\eu-ES 2010-02-16 21:09:04 ----D---- C:\Windows\system32\ca-ES 2010-02-15 22:17:05 ----D---- C:\Users\Stéphane\AppData\Roaming\Malwarebytes 2010-02-15 22:16:55 ----D---- C:\ProgramData\Malwarebytes 2010-02-15 22:16:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-10 10:59:17 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-02-10 10:59:17 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-02-10 10:59:11 ----A---- C:\Windows\system32\tsbyuv.dll 2010-02-10 10:59:11 ----A---- C:\Windows\system32\quartz.dll 2010-02-10 10:59:11 ----A---- C:\Windows\system32\msyuv.dll 2010-02-10 10:59:11 ----A---- C:\Windows\system32\msvidc32.dll 2010-02-10 10:59:11 ----A---- C:\Windows\system32\msrle32.dll 2010-02-10 10:59:11 ----A---- C:\Windows\system32\iyuv_32.dll 2010-02-10 10:59:10 ----A---- C:\Windows\system32\msvfw32.dll 2010-02-10 10:59:10 ----A---- C:\Windows\system32\mciavi32.dll 2010-02-10 10:59:10 ----A---- C:\Windows\system32\avifil32.dll ======List of files/folders modified in the last 1 months====== 2010-03-06 22:58:59 ----D---- C:\Windows\Prefetch 2010-03-06 22:58:55 ----D---- C:\Windows\Temp 2010-03-06 22:25:53 ----D---- C:\Program Files\Mozilla Firefox 2010-03-06 22:25:18 ----D---- C:\Windows\Tasks 2010-03-06 17:49:39 ----D---- C:\ProgramData\Google Updater 2010-03-05 14:16:26 ----D---- C:\Windows\system32\catroot2 2010-03-04 17:10:49 ----SHD---- C:\System Volume Information 2010-03-01 18:55:52 ----D---- C:\Windows\System32 2010-03-01 18:55:52 ----D---- C:\Windows\inf 2010-03-01 18:55:52 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-02-25 13:23:17 ----SHD---- C:\Windows\Installer 2010-02-25 08:34:18 ----D---- C:\Windows\rescache 2010-02-25 08:19:10 ----D---- C:\Windows\winsxs 2010-02-25 08:18:57 ----D---- C:\Windows\system32\fr-FR 2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe 2010-02-24 08:44:08 ----D---- C:\Windows\system32\catroot 2010-02-21 11:57:54 ----D---- C:\Program Files\Java 2010-02-20 14:58:23 ----D---- C:\Program Files\Dofus 2010-02-19 22:11:33 ----D---- C:\Windows 2010-02-19 22:01:46 ----RD---- C:\Program Files 2010-02-19 21:35:28 ----D---- C:\Program Files\DofusBeta 2010-02-19 21:34:47 ----D---- C:\ProgramData\Google 2010-02-19 21:34:47 ----D---- C:\Program Files\Google 2010-02-19 21:33:29 ----HD---- C:\Program Files\InstallShield Installation Information 2010-02-19 21:33:29 ----D---- C:\Program Files\UBISOFT 2010-02-17 18:25:45 ----D---- C:\Windows\Microsoft.NET 2010-02-17 18:25:18 ----RSD---- C:\Windows\assembly 2010-02-16 21:17:02 ----SHD---- C:\Boot 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Sidebar 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Photo Gallery 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Media Player 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Mail 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Journal 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Collaboration 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Calendar 2010-02-16 21:09:31 ----D---- C:\Program Files\Movie Maker 2010-02-16 21:09:31 ----D---- C:\Program Files\Internet Explorer 2010-02-16 21:09:31 ----D---- C:\Program Files\Common Files\System 2010-02-16 21:09:30 ----D---- C:\Windows\servicing 2010-02-16 21:09:30 ----D---- C:\Windows\ehome 2010-02-16 21:09:30 ----D---- C:\Program Files\Windows Defender 2010-02-16 21:09:28 ----D---- C:\Windows\system32\XPSViewer 2010-02-16 21:09:28 ----D---- C:\Windows\system32\sk-SK 2010-02-16 21:09:28 ----D---- C:\Windows\system32\ru-RU 2010-02-16 21:09:28 ----D---- C:\Windows\system32\oobe 2010-02-16 21:09:28 ----D---- C:\Windows\system32\migration 2010-02-16 21:09:28 ----D---- C:\Windows\system32\lv-LV 2010-02-16 21:09:28 ----D---- C:\Windows\system32\ko-KR 2010-02-16 21:09:28 ----D---- C:\Windows\system32\it-IT 2010-02-16 21:09:28 ----D---- C:\Windows\system32\hr-HR 2010-02-16 21:09:28 ----D---- C:\Windows\system32\fr 2010-02-16 21:09:28 ----D---- C:\Windows\system32\et-EE 2010-02-16 21:09:28 ----D---- C:\Windows\system32\en-US 2010-02-16 21:09:28 ----D---- C:\Windows\system32\el-GR 2010-02-16 21:09:28 ----D---- C:\Windows\system32\de-DE 2010-02-16 21:09:28 ----D---- C:\Windows\system32\da-DK 2010-02-16 21:09:28 ----D---- C:\Windows\system32\AdvancedInstallers 2010-02-16 21:09:28 ----D---- C:\Windows\IME 2010-02-16 21:09:21 ----D---- C:\Windows\system32\sv-SE 2010-02-16 21:09:21 ----D---- C:\Windows\system32\setup 2010-02-16 21:09:21 ----D---- C:\Windows\system32\hu-HU 2010-02-16 21:09:21 ----D---- C:\Windows\system32\he-IL 2010-02-16 21:09:21 ----D---- C:\Windows\system32\fi-FI 2010-02-16 21:09:21 ----D---- C:\Windows\system32\cs-CZ 2010-02-16 21:09:20 ----D---- C:\Windows\system32\zh-TW 2010-02-16 21:09:20 ----D---- C:\Windows\system32\zh-CN 2010-02-16 21:09:20 ----D---- C:\Windows\system32\uk-UA 2010-02-16 21:09:20 ----D---- C:\Windows\system32\tr-TR 2010-02-16 21:09:20 ----D---- C:\Windows\system32\th-TH 2010-02-16 21:09:20 ----D---- C:\Windows\system32\sr-Latn-CS 2010-02-16 21:09:20 ----D---- C:\Windows\system32\SLUI 2010-02-16 21:09:20 ----D---- C:\Windows\system32\sl-SI 2010-02-16 21:09:20 ----D---- C:\Windows\system32\ro-RO 2010-02-16 21:09:20 ----D---- C:\Windows\system32\pt-PT 2010-02-16 21:09:20 ----D---- C:\Windows\system32\pl-PL 2010-02-16 21:09:20 ----D---- C:\Windows\system32\manifeststore 2010-02-16 21:09:20 ----D---- C:\Windows\system32\ja-JP 2010-02-16 21:09:20 ----D---- C:\Windows\system32\es-ES 2010-02-16 21:09:20 ----D---- C:\Windows\system32\drivers 2010-02-16 21:09:20 ----D---- C:\Windows\system32\bg-BG 2010-02-16 21:09:19 ----D---- C:\Windows\system32\wbem 2010-02-16 21:09:19 ----D---- C:\Windows\system32\nl-NL 2010-02-16 21:09:19 ----D---- C:\Windows\system32\nb-NO 2010-02-16 21:09:19 ----D---- C:\Windows\system32\lt-LT 2010-02-16 21:09:19 ----D---- C:\Windows\system32\ar-SA 2010-02-16 21:09:18 ----D---- C:\Windows\system32\pt-BR 2010-02-16 21:09:18 ----D---- C:\Windows\system32\migwiz 2010-02-16 21:09:09 ----RSD---- C:\Windows\Fonts 2010-02-16 21:09:09 ----D---- C:\Windows\AppPatch 2010-02-16 21:09:04 ----D---- C:\Windows\system32\Boot 2010-02-16 00:21:44 ----D---- C:\Windows\tapi 2010-02-15 22:16:55 ----HD---- C:\ProgramData 2010-02-07 12:05:47 ----D---- C:\Users\Stéphane\AppData\Roaming\Dofus 2 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-29 3544064] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-08 1647976] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2006-12-13 6144] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-09 194560] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-29 3544064] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-07-09 39424] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-12-18 24576] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-29 667648] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-06 457512] R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-14 49152] R2 FPAVServer;F-PROT Antivirus for Windows system; C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [2009-08-27 75424] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440] R2 lxdb_device;lxdb_device; C:\Windows\system32\lxdbcoms.exe [2007-02-02 537520] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-01-21 143360] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-22 135664] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337] S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112] S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872] -----------------EOF-----------------
- le 6 mars 2010
- 12 réponses
un de plus !

stephanes a répondu à un(e) sujet de stephanes dans Analyses et éradication malwares

Et maintenant, est-ce que tout va bien? Le PC reste lent à démarrer. Dois-je aller voir les tutoriaux?
- le 4 mars 2010
- 12 réponses
un de plus !

stephanes a répondu à un(e) sujet de stephanes dans Analyses et éradication malwares

Je suis les recommandations. Voici le Cleannavi: Fix Navipromo version 4.0.6 commencé le 19/02/2010 22:02:53,88 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Core2 CPU 4300 @ 1.80GHz ) BIOS : )Phoenix - Award WorkstationBIOS v6.00PG USER : Stéphane ( Not Administrator ! ) BOOT : Normal boot Antivirus : F-PROT Antivirus for Windows 6.0 (Not Activated) C:\ (Local Disk) - NTFS - Total:71 Go (Free:6 Go) D:\ (Local Disk) - NTFS - Total:70 Go (Free:63 Go) E:\ (CD or DVD) H:\ (USB) I:\ (USB) J:\ (USB) K:\ (USB) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur c:\progra~2\micros~1\windows\startm~1\programs\InternetGamebox supprimé ! c:\progra~2\micros~1\windows\startm~1\programs\MessengerSkinner supprimé ! c:\users\stphan~1\appdata\roaming\micros~1\windows\startm~1\programs\MessengerSkinner supprimé ! C:\Users\St‚phane\AppData\Roaming\MessengerSkinner supprimé ! C:\Users\LESENF~1\appdata\roaming\MessengerSkinner supprimé ! C:\Windows\pack.epk supprimé ! Nettoyage contenu C:\Windows\Temp effectué ! Nettoyage contenu C:\Users\STPHAN~1\AppData\Local\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Scan terminé 19/02/2010 22:13:14,81 ***
- le 19 février 2010
- 12 réponses
un de plus !

stephanes a répondu à un(e) sujet de stephanes dans Analyses et éradication malwares

Merci pour ce début. Voici le Log.tx Logfile of random's system information tool 1.06 (written by random/random) Run by Stéphane at 2010-02-17 22:45:25 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 5 GB (6%) free of 73 GB Total RAM: 894 MB (27% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:46:18, on 17/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\mobsync.exe C:\Windows\System32\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Windows\System32\wpcumi.exe C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SFR\Kit\9props.exe C:\Program Files\E-Color\True Internet Color\TICIcon.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe C:\Windows\system32\conime.exe C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FAMTENE.EXE C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe C:\Users\Stéphane\Desktop\programmes et mises à jour\RSIT.exe C:\Program Files\trend micro\Stéphane.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe O4 - HKLM\..\Run: [F-PROT Antivirus Tray application] C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [?????????] ??????????????e O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [EPSON PX700W Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE /FU "C:\Windows\TEMP\E_S3AA6.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True Internet Color\TICIcon.exe O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\Stéphane\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O13 - Gopher Prefix: O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxdb_device - - C:\Windows\system32\lxdbcoms.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- End of file - 11713 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Google Software Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{14D920D5-7FFE-4E93-A306-1D8A7805C347}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}] DealioBHO Class - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-02-06 299008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-06 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-06 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552] {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - Dealio - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-06 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-09 3784704] "Acer Empowering Technology Monitor"=C:\Windows\system32\SysMonitor.exe [2006-11-23 319488] "Acer Tour"= [] "WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344] "eRecoveryService"= [] "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-06 464168] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440] "WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128] "F-PROT Antivirus Tray application"=C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe [2008-04-21 1597832] "au"=C:\Program Files\Dealio\DealioAU.exe [2008-05-26 595296] "SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-05-07 591696] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "????r"= [] "?????????"=??????????????e [] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "messengerskinner"=C:\Program Files\MessengerSkinner\MessengerSkinner.exe [] "ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-21 68856] "EPSON PX700W Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE [2008-04-07 188928] "Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-06-20 955712] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE True Internet Color Icon.lnk - C:\Program Files\E-Color\True Internet Color\TICIcon.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FPAVServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FPAVServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8650a6e4-346f-11dd-91b6-0019db571278}] shell\AutoRun\command - start.exe shell\iledefrance\command - start.exe ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-02-17 22:45:29 ----D---- C:\Program Files\trend micro 2010-02-17 22:45:25 ----D---- C:\rsit 2010-02-16 21:09:04 ----D---- C:\Windows\system32\vi-VN 2010-02-16 21:09:04 ----D---- C:\Windows\system32\eu-ES 2010-02-16 21:09:04 ----D---- C:\Windows\system32\ca-ES 2010-02-15 22:17:05 ----D---- C:\Users\Stéphane\AppData\Roaming\Malwarebytes 2010-02-15 22:16:55 ----D---- C:\ProgramData\Malwarebytes 2010-02-15 22:16:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-10 10:59:17 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-02-10 10:59:17 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-02-10 10:59:11 ----A---- C:\Windows\system32\tsbyuv.dll 2010-02-10 10:59:11 ----A---- C:\Windows\system32\quartz.dll 2010-02-10 10:59:11 ----A---- C:\Windows\system32\msyuv.dll 2010-02-10 10:59:11 ----A---- C:\Windows\system32\msvidc32.dll 2010-02-10 10:59:11 ----A---- C:\Windows\system32\msrle32.dll 2010-02-10 10:59:11 ----A---- C:\Windows\system32\iyuv_32.dll 2010-02-10 10:59:10 ----A---- C:\Windows\system32\msvfw32.dll 2010-02-10 10:59:10 ----A---- C:\Windows\system32\mciavi32.dll 2010-02-10 10:59:10 ----A---- C:\Windows\system32\avifil32.dll 2010-01-22 10:31:01 ----A---- C:\Windows\system32\mshtml.dll 2010-01-22 10:31:00 ----A---- C:\Windows\system32\ieframe.dll 2010-01-22 10:30:59 ----A---- C:\Windows\system32\wininet.dll 2010-01-22 10:30:59 ----A---- C:\Windows\system32\urlmon.dll 2010-01-22 10:30:59 ----A---- C:\Windows\system32\occache.dll 2010-01-22 10:30:59 ----A---- C:\Windows\system32\msfeeds.dll 2010-01-22 10:30:59 ----A---- C:\Windows\system32\ieui.dll 2010-01-22 10:30:59 ----A---- C:\Windows\system32\iertutil.dll 2010-01-22 10:30:59 ----A---- C:\Windows\system32\iedkcs32.dll 2010-01-22 10:30:58 ----A---- C:\Windows\system32\msfeedssync.exe 2010-01-22 10:30:58 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-01-22 10:30:58 ----A---- C:\Windows\system32\jsproxy.dll 2010-01-22 10:30:58 ----A---- C:\Windows\system32\ieUnatt.exe 2010-01-22 10:30:58 ----A---- C:\Windows\system32\iesysprep.dll 2010-01-22 10:30:58 ----A---- C:\Windows\system32\iesetup.dll 2010-01-22 10:30:58 ----A---- C:\Windows\system32\iernonce.dll 2010-01-22 10:30:58 ----A---- C:\Windows\system32\iepeers.dll 2010-01-22 10:30:58 ----A---- C:\Windows\system32\ie4uinit.exe ======List of files/folders modified in the last 1 months====== 2010-02-17 22:45:42 ----D---- C:\Windows\Prefetch 2010-02-17 22:45:34 ----D---- C:\Windows\Temp 2010-02-17 22:45:29 ----RD---- C:\Program Files 2010-02-17 22:22:38 ----D---- C:\Windows\Tasks 2010-02-17 22:17:31 ----SHD---- C:\System Volume Information 2010-02-17 20:16:58 ----D---- C:\Windows\System32 2010-02-17 20:16:58 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-02-17 20:16:55 ----D---- C:\Windows\inf 2010-02-17 18:25:45 ----D---- C:\Windows\Microsoft.NET 2010-02-17 18:25:18 ----RSD---- C:\Windows\assembly 2010-02-17 17:56:54 ----D---- C:\ProgramData\Google Updater 2010-02-17 17:56:35 ----D---- C:\Program Files\Mozilla Firefox 2010-02-16 22:59:28 ----D---- C:\Windows\winsxs 2010-02-16 22:59:18 ----D---- C:\Windows\system32\catroot2 2010-02-16 22:59:18 ----D---- C:\Windows\system32\catroot 2010-02-16 21:36:45 ----D---- C:\Windows\rescache 2010-02-16 21:17:11 ----D---- C:\Windows 2010-02-16 21:17:02 ----SHD---- C:\Boot 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Sidebar 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Photo Gallery 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Media Player 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Mail 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Journal 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Collaboration 2010-02-16 21:09:31 ----D---- C:\Program Files\Windows Calendar 2010-02-16 21:09:31 ----D---- C:\Program Files\Movie Maker 2010-02-16 21:09:31 ----D---- C:\Program Files\Internet Explorer 2010-02-16 21:09:31 ----D---- C:\Program Files\Common Files\System 2010-02-16 21:09:30 ----D---- C:\Windows\servicing 2010-02-16 21:09:30 ----D---- C:\Windows\ehome 2010-02-16 21:09:30 ----D---- C:\Program Files\Windows Defender 2010-02-16 21:09:28 ----D---- C:\Windows\system32\XPSViewer 2010-02-16 21:09:28 ----D---- C:\Windows\system32\sk-SK 2010-02-16 21:09:28 ----D---- C:\Windows\system32\ru-RU 2010-02-16 21:09:28 ----D---- C:\Windows\system32\oobe 2010-02-16 21:09:28 ----D---- C:\Windows\system32\migration 2010-02-16 21:09:28 ----D---- C:\Windows\system32\lv-LV 2010-02-16 21:09:28 ----D---- C:\Windows\system32\ko-KR 2010-02-16 21:09:28 ----D---- C:\Windows\system32\it-IT 2010-02-16 21:09:28 ----D---- C:\Windows\system32\hr-HR 2010-02-16 21:09:28 ----D---- C:\Windows\system32\fr 2010-02-16 21:09:28 ----D---- C:\Windows\system32\et-EE 2010-02-16 21:09:28 ----D---- C:\Windows\system32\en-US 2010-02-16 21:09:28 ----D---- C:\Windows\system32\el-GR 2010-02-16 21:09:28 ----D---- C:\Windows\system32\de-DE 2010-02-16 21:09:28 ----D---- C:\Windows\system32\da-DK 2010-02-16 21:09:28 ----D---- C:\Windows\system32\AdvancedInstallers 2010-02-16 21:09:28 ----D---- C:\Windows\IME 2010-02-16 21:09:27 ----D---- C:\Windows\system32\fr-FR 2010-02-16 21:09:21 ----D---- C:\Windows\system32\sv-SE 2010-02-16 21:09:21 ----D---- C:\Windows\system32\setup 2010-02-16 21:09:21 ----D---- C:\Windows\system32\hu-HU 2010-02-16 21:09:21 ----D---- C:\Windows\system32\he-IL 2010-02-16 21:09:21 ----D---- C:\Windows\system32\fi-FI 2010-02-16 21:09:21 ----D---- C:\Windows\system32\cs-CZ 2010-02-16 21:09:20 ----D---- C:\Windows\system32\zh-TW 2010-02-16 21:09:20 ----D---- C:\Windows\system32\zh-CN 2010-02-16 21:09:20 ----D---- C:\Windows\system32\uk-UA 2010-02-16 21:09:20 ----D---- C:\Windows\system32\tr-TR 2010-02-16 21:09:20 ----D---- C:\Windows\system32\th-TH 2010-02-16 21:09:20 ----D---- C:\Windows\system32\sr-Latn-CS 2010-02-16 21:09:20 ----D---- C:\Windows\system32\SLUI 2010-02-16 21:09:20 ----D---- C:\Windows\system32\sl-SI 2010-02-16 21:09:20 ----D---- C:\Windows\system32\ro-RO 2010-02-16 21:09:20 ----D---- C:\Windows\system32\pt-PT 2010-02-16 21:09:20 ----D---- C:\Windows\system32\pl-PL 2010-02-16 21:09:20 ----D---- C:\Windows\system32\manifeststore 2010-02-16 21:09:20 ----D---- C:\Windows\system32\ja-JP 2010-02-16 21:09:20 ----D---- C:\Windows\system32\es-ES 2010-02-16 21:09:20 ----D---- C:\Windows\system32\drivers 2010-02-16 21:09:20 ----D---- C:\Windows\system32\bg-BG 2010-02-16 21:09:19 ----D---- C:\Windows\system32\wbem 2010-02-16 21:09:19 ----D---- C:\Windows\system32\nl-NL 2010-02-16 21:09:19 ----D---- C:\Windows\system32\nb-NO 2010-02-16 21:09:19 ----D---- C:\Windows\system32\lt-LT 2010-02-16 21:09:19 ----D---- C:\Windows\system32\ar-SA 2010-02-16 21:09:18 ----D---- C:\Windows\system32\pt-BR 2010-02-16 21:09:18 ----D---- C:\Windows\system32\migwiz 2010-02-16 21:09:09 ----RSD---- C:\Windows\Fonts 2010-02-16 21:09:09 ----D---- C:\Windows\AppPatch 2010-02-16 21:09:04 ----D---- C:\Windows\system32\Boot 2010-02-16 00:21:44 ----D---- C:\Windows\tapi 2010-02-15 22:16:55 ----HD---- C:\ProgramData 2010-02-07 12:05:47 ----D---- C:\Users\Stéphane\AppData\Roaming\Dofus 2 2010-02-06 19:03:34 ----SHD---- C:\Windows\Installer 2010-02-06 16:30:52 ----D---- C:\Program Files\Google 2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe 2010-01-21 17:51:14 ----D---- C:\Program Files\Free Video Converter 2010-01-21 14:24:12 ----D---- C:\Program Files\Microsoft Silverlight ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-29 3544064] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-08 1647976] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2006-12-13 6144] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-09 194560] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-29 3544064] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-07-09 39424] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-12-18 24576] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-29 667648] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-06 457512] R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-14 49152] R2 FPAVServer;F-PROT Antivirus for Windows system; C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [2009-08-27 75424] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440] R2 lxdb_device;lxdb_device; C:\Windows\system32\lxdbcoms.exe [2007-02-02 537520] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-01-21 143360] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-22 135664] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337] S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112] S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872] -----------------EOF----------------- ----------------------------------------------------------------------------------------------------------------------------- et voici le fichier Info. ----------------------------------------------------------------------------------------------------------------------------- info.txt logfile of random's system information tool 1.06 2010-02-17 22:46:26 ======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{028EC2AF-F501-4567-9CEA-140030DE8544}\setup.exe" -l0x40c -u -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2580F4DA-324F-4945-B16F-B2B867325085}\setup.exe" -l0x40c -u Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly Acer ePerformance Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}\setup.exe" -l0x40c -removeonly Acer Picture Slide DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41581EF5-45A7-11DA-9D78-000129760D75}\Setup.exe" -uninstall Acer Plug and Record-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6EFFB76-4A07-11DA-9D78-000129760D75}\Setup.exe" -uninstall Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly Acer Zone MagicDirector-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\Setup.exe" -uninstall Acer Zone Main Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\Setup.exe" -uninstall Acer Zone MakeDisk-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\Setup.exe" -uninstall Acer Zone SoftDMA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} CanoScan Toolbox Ver4.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BCE46757-7674-4416-BEDB-68205A60409E}\Setup.exe" -l0x40c anything Catalyst Control Center - Branding-->MsiExec.exe /I{6087F45E-358C-4173-8CB1-DE0AE26FFAE1} CutePDF Writer 2.7-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall Dealio Toolbar 3.4-->MsiExec.exe /X{6105648C-0C3C-481D-8C11-1F4952D6FB53} Deluxanoid Demo 1.2-->"C:\Users\Nicolas\Deluxanoid Demo\unins000.exe" Dofus 1.21.0-->C:\Program Files\Dofus\uninstall.exe Dofus 1.24.0-->C:\Program Files\Dofus\uninstall.exe Dofus 1.28.0-->C:\Program Files\Dofus\uninstall.exe Dofus-->msiexec /qb /x {5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD} Dofus-->MsiExec.exe /I{5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD} Dofus-Arena-->C:\Users\Nicolas\DofusArena2\uninstall.exe DofusBeta 1.27.0-->C:\Program Files\DofusBeta\uninstall.exe DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe" Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{DEDB47A3-C988-4A43-A645-E2CEA571E680}\SETUP.EXE -runfromtemp -l0x040c UNINST -removeonly Epson Event Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\SETUP.EXE" -l0x40c -u Epson Print CD-->C:\Program Files\InstallShield Installation Information\{D16A31F9-276D-4968-A753-FFEAC56995D0}\SETUP.EXE -runfromtemp -l0x040c -removeonly EPSON PX700W Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSENE.EXE /R /APD /P:"EPSON PX700W Series" EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Manuel-->C:\Program Files\EPSON\TPMANUAL\ESP_PX_TX_700W_800FW\FRA\USE_G\DOCUNINS.EXE Fable - The Lost Chapters-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD} Favorit-->c:\users\stéphane\appdata\local\fepoo.bat FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe" F-PROT Antivirus for Windows-->MsiExec.exe /I{E58B329B-FB28-4874-90DE-0D7CB2709267} F-PROT Antivirus Updater Fix-->MsiExec.exe /I{F8A3A6BC-D68F-445B-B1BA-6F03A4352865} Free iPod Video Converter 1.34-->"C:\Program Files\Free iPod Video Converter\unins000.exe" Free Video Converter V 1.4-->"C:\Program Files\Free Video Converter\unins000.exe" Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005056806466} HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Impression CD/DVD-->C:\Windows\IsUn040c.exe -f"C:\Program Files\printFIT\Impression CD-DVD\cdd4.isu" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944} J2SE Runtime Environment 5.0 Update 12-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150120} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Micro Application - Jeux de Pions-->C:\Windows\IsUn040c.exe -f"C:\Program Files\Micro Application\Jeux de Pions\Uninst.isu" Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office 2000 SR-1 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7 Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Outils Club Internet-->"C:\Program Files\Club-Internet\Assistance\OutilsCI\uninstall.exe" PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" Prince of Persia Les Sables du Temps-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C453F13-6877-4D34-8816-009ABDE306DB}\setup.exe" -l0x40c programme-->C:\Techno-Flash\DessTech 2.1\Désinstaller DessTech.exe QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek High Definition Audio Driver-->RtlUpd.exe -r -m Reg (DOFUS Audio Subsystem)-->msiexec /qb /x {3F900346-A316-BA88-B83C-2513F1260AD7} Reg (DOFUS Audio Subsystem)-->MsiExec.exe /I{3F900346-A316-BA88-B83C-2513F1260AD7} Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe Sony Media Manager 2.2-->MsiExec.exe /X{878D2EB2-2D55-42A9-955E-1E08F28529FD} True Internet Color-->C:\Windows\IsUninst.exe -f"C:\Program Files\E-Color\True Internet Color\Uninst.isu" -c"C:\Program Files\E-Color\True Internet Color\TICUninstall.dll" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} ======Security center information====== AV: F-PROT Antivirus for Windows (disabled) (outdated) AS: Windows Defender (disabled) ======System event log====== Computer Name: PC-de-la-maison Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB974571(Security Update) n’est pas applicable à ce système. Record Number: 265883 Source Name: Microsoft-Windows-Servicing Time Written: 20091014153356.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-la-maison Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB974571(Security Update) n’est pas applicable à ce système. Record Number: 265875 Source Name: Microsoft-Windows-Servicing Time Written: 20091014153352.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-la-maison Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB975517(Security Update) n’est pas applicable à ce système. Record Number: 265856 Source Name: Microsoft-Windows-Servicing Time Written: 20091014153334.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-la-maison Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB975517(Security Update) n’est pas applicable à ce système. Record Number: 265855 Source Name: Microsoft-Windows-Servicing Time Written: 20091014153333.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-la-maison Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB954155(Security Update) n’est pas applicable à ce système. Record Number: 265829 Source Name: Microsoft-Windows-Servicing Time Written: 20091014153152.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: PC-de-la-maison Event Code: 4096 Message: Found file, C:\Windows\TEMP\FPQ9AD5.tmp, infected with HTML/IFrame For more information please visit http://www.f-prot.com/support/index.html Record Number: 178921 Source Name: F-PROT Antivirus Time Written: 20090708171909.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-la-maison Event Code: 4096 Message: Found file, C:\Windows\TEMP\FPQ9AD5.tmp, infected with HTML/IFrame For more information please visit http://www.f-prot.com/support/index.html Record Number: 178920 Source Name: F-PROT Antivirus Time Written: 20090708171909.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-la-maison Event Code: 4096 Message: Found file, C:\Windows\TEMP\FPQ9AA5.tmp, infected with HTML/IFrame For more information please visit http://www.f-prot.com/support/index.html Record Number: 178919 Source Name: F-PROT Antivirus Time Written: 20090708171909.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-la-maison Event Code: 4096 Message: Found file, C:\Windows\TEMP\FPQ9AA5.tmp, infected with HTML/IFrame For more information please visit http://www.f-prot.com/support/index.html Record Number: 178918 Source Name: F-PROT Antivirus Time Written: 20090708171909.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-la-maison Event Code: 4096 Message: Found file, C:\Windows\TEMP\FPQ9A56.tmp, infected with HTML/IFrame For more information please visit http://www.f-prot.com/support/index.html Record Number: 178917 Source Name: F-PROT Antivirus Time Written: 20090708171909.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Security event log===== Computer Name: PC-de-la-maison Event Code: 1100 Message: Le service d’enregistrement des événements a été arrêté. Record Number: 178384 Source Name: Microsoft-Windows-Eventlog Time Written: 20090926080242.713111-000 Event Type: Succès de l'audit User: Computer Name: PC-de-la-maison Event Code: 4647 Message: Fermeture de session initiée par l’utilisateur : Sujet : ID de sécurité : S-1-5-21-2464144183-1154641359-2484443709-1000 Nom du compte : Stéphane Domaine du compte : PC-de-la-maison ID d’ouverture de session : 0x2f278 Cet événement est généré lorsqu’une fermeture de session est initiée, mais que le nombre de références du jeton n’étant pas zéro, la session ouverte ne peut pas être supprimée. Aucune autre activité initiée par l’utilisateur ne peut se produire. Cet événement peut être interprété comme un événement de fermeture de session. Record Number: 178383 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090926080236.878711-000 Event Type: Succès de l'audit User: Computer Name: PC-de-la-maison Event Code: 4672 Message: Privilèges spéciaux attribués à la nouvelle ouverture de session. Sujet : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 Privilèges : SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 178382 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090926080015.438311-000 Event Type: Succès de l'audit User: Computer Name: PC-de-la-maison Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-LA-MAISON$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Type d’ouverture de session : 5 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x254 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Nom de la station de travail : Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : Advapi Package d’authentification : Negotiate Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 178381 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090926080015.438311-000 Event Type: Succès de l'audit User: Computer Name: PC-de-la-maison Event Code: 4648 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-LA-MAISON$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Compte dont les informations d’identification ont été utilisées : Nom du compte : SYSTEM Domaine du compte : AUTORITE NT GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Serveur cible : Nom du serveur cible : localhost Informations supplémentaires : localhost Informations sur le processus : ID du processus : 0x254 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Adresse du réseau : - Port : - Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS. Record Number: 178380 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090926080015.438311-000 Event Type: Succès de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=0f02 "NUMBER_OF_PROCESSORS"=2 "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip -----------------EOF-----------------
- le 17 février 2010
- 12 réponses
un de plus !

stephanes a posté un sujet dans Analyses et éradication malwares

Bonsoir, et merci d'entretenir ce lieu indispensable. Vista antispyware est arrivé aussi chez moi, et en plusieurs exemplaires apparemment. Je suis donc venu sur le forum et ai lu les problèmes de mes petits camarades... J'ai téléchargé Malwarebytes antimalware hier soir. Je l'ai mis à jour, je l'ai lancé. Ce soir, le PC est d'une lenteur rare. Cela n'a peut-être rien à voir. Voici déjà le rapport du scann d'hier: Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3742 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.18882 16/02/2010 00:19:20 mbam-log-2010-02-16 (00-19-20).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 363192 Temps écoulé: 1 hour(s), 53 minute(s), 23 second(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 6 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 8 Fichier(s) infecté(s): 37 Processus mémoire infecté(s): C:\Users\Stéphane\AppData\Local\av.exe (Rogue.MultipleAV) -> Unloaded process successfully. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\internetgamebox (Adware.EGDAccess) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\secfile (Trojan.Fakealert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\IGB (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\IGB (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MessengerSkinner.exe (Adware.EGDAccess) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iwcaqyg (Trojan.Agent.H) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\download (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\updates (Adware.EGDAccess) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Users\Stéphane\Local Settings\Application Data\iwcaqyg_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Stéphane\Local Settings\Application Data\iwcaqyg_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Stéphane\Local Settings\Application Data\iwcaqyg.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Les enfants\AppData\Local\Temp\~DFF08A.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\language (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\AttenteOff.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\AttenteOn.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\configv2_en.xml (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\configv2_es.xml (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\configv2_fr.xml (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\NoS2F.bin (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\favoris\defaultv2.swf (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\skins\skinv2.skn (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\Conditions générales.url (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\Confidentialité.url (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\Website.url (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\download\defaultPack.cab (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\appconfig.xml (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btn.rgn (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnBnr.rgn (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnIn.rgn (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnInNormal.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnInOver.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnNormal.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnNormal.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnNormalBnr.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnNormalBnr.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnOver.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnOver.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnOverBnr.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnOverBnr.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\languages_v2.xml (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Users\Stéphane\AppData\Local\av.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully. C:\Users\Stéphane\Local Settings\Application Data\av.exe (ROGUE.Win7Antispyware2010) -> Quarantined and deleted successfully. C:\Windows\System32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
- le 16 février 2010
- 12 réponses

Connexion

stephanes

Compteur de contenus

Inscription

Dernière visite

Autres informations

stephanes's Achievements

Junior Member (3/12)

Réputation sur la communauté

un de plus !

un de plus !

un de plus !

un de plus !

un de plus !

un de plus !

un de plus !

Zebulon

Outils en ligne

Naviguer